Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Kann Youtube videos nicht abspielen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.04.2014, 16:31   #1
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Auf meinem win7 64 PC erscheint bloss eine schwarze Fläche, wenn ich die aufgelisteten Youtube Beiträge anklicke. Es besteht keine Möglichkeit, sie zum Abspielen zu bewegen. Alle heruntergeladenen Videos hingegen kann ich mit einschlägigen Programmen anschauen.
Für Tipps bin ich sehr dankbar.

Mit freundlichen Grüssen

Alfred
__________________
Suche nicht das Glueck - lebe es (Buddha)

Alt 20.04.2014, 17:37   #2
Keckrem
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Mach mal folgendes:

Rechtsklick auf ein betroffenes Video, falls möglich Haken bei der Hardwarebeschleunigung raus.

Danach:

Poste bitte Logfiles zur Systemanalyse nach folgender Anleitung:

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Poste das dann entweder in diesen Thread oder eröffne einen neuen unter Log-Analyse und Auswertung.
__________________


Alt 20.04.2014, 20:04   #3
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hallo Keckrem, vielen vielen Dank für Deine superschnelle Antwort!
Rechtsklick auf ein Youtube Video ergibt bei mir keine Möglichkeit, das Video zum spielen zu bringen und von einem Haken bei der Hardwarebeschleunigung sehe ich nichts. Mache ich da was falsch? anbei noch das Log von FRST64. Wie ist das mit dem Addition? ich sehe nur das FRST64 log.
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014 01
Ran by Alfred (administrator) on DM12REP on 20-04-2014 20:52:30
Running from C:\Users\Alfred\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(ArcSoft, Inc.) C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMLite, Inc.) C:\VXP\VMLiteService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Farbar) C:\Users\Alfred\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462400 2011-02-12] (Acronis)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe [103424 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe [17408 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [SAFE14 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe [73216 2013-05-16] (Steganos Software GmbH)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: L - L:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {63be18cd-1c39-11e2-87aa-20cf308e5960} - E:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {aa142560-a0e7-11e2-b173-20cf308e5960} - K:\HPLauncher.exe
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E20F8E641ADCD01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-26]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=424CC20045927E4CBDC72C5234910BB4
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Claro Search
CHR DefaultSearchURL: Google
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-30]
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]
CHR Extension: (Freemake Video Downloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-09-14]
CHR Extension: (Google-Suche) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]
CHR Extension: (Online HD TV) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih [2013-06-26]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-09-14]
CHR Extension: (Delta Toolbar) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-09-14]
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-26]
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-26]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-06-26]
CHR Extension: (Lavasoft NewTab) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-09-14]
CHR Extension: (Google Mail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-05-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BackupService; C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-07-22] (Garmin Ltd or its subsidiaries)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 VMLiteService; C:\VXP\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-14] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 20:52 - 2014-04-20 20:52 - 00030062 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64(1).exe
2014-04-20 17:23 - 2014-04-20 06:21 - 00008681 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-20 16:52 - 00000168 _____ () C:\Windows\setupact.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00002946 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 19:59 - 2014-04-19 20:00 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\OpenCandy
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:57 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 17:20 - 2014-04-19 17:21 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-04-17 09:01 - 2010-05-30 07:21 - 06666752 _____ () C:\Users\Alfred\Desktop\1940's.pps
2014-04-16 22:28 - 2014-04-16 22:38 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 22:25 - 2014-04-16 22:45 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 18:05 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 20:55 - 2014-04-15 20:55 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-15 20:55 - 2014-04-15 20:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:11 - 2014-04-15 18:12 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-15 12:29 - 2011-12-28 22:00 - 22305142 _____ () C:\Users\Alfred\Desktop\TrackIR Explained.mp4
2014-04-14 20:33 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:06 - 2014-04-20 10:01 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:34 - 2014-04-14 15:35 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 12:30 - 2012-11-05 18:54 - 00001901 _____ () C:\Users\Alfred\Desktop\FAVORITEN - Verknüpfung.lnk
2014-04-13 15:30 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:12 - 2014-04-12 13:15 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:21 - 2014-04-14 08:50 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 03:02 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 03:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 03:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 03:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 03:01 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 03:01 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 03:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 03:01 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 03:01 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 03:01 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 03:01 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 03:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 03:01 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 03:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 03:01 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 03:01 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 07:38 - 2014-04-15 20:57 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-11 07:38 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-04-11 07:38 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-04-11 07:38 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-11 07:10 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-11 07:10 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-11 07:10 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-11 07:10 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-11 07:10 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-11 07:10 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-10 21:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:14 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-10 21:14 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-10 21:01 - 2014-04-11 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-10 15:49 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-10 15:49 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-10 15:49 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-10 15:49 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-10 15:49 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:28 - 2014-04-10 11:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:16 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 11:15 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 11:15 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 11:15 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 11:15 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 11:15 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 11:15 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 11:15 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 11:15 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-10 11:15 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-10 11:15 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-10 11:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 11:15 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-10 11:15 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-10 11:15 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-10 11:15 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-10 11:15 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-10 11:15 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-10 11:15 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-10 11:15 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-10 11:15 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-10 11:15 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-10 11:15 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-04-20 20:52 - 2014-04-20 20:52 - 00030062 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-20 20:52 - 2013-07-04 11:42 - 00000000 ____D () C:\FRST
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64(1).exe
2014-04-20 20:48 - 2013-04-10 04:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 20:45 - 2013-04-10 04:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-20 20:45 - 2012-10-22 08:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 20:45 - 2012-10-22 08:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 20:45 - 2012-10-18 18:15 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Adobe
2014-04-20 20:21 - 2012-10-21 15:24 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\vlc
2014-04-20 20:07 - 2012-10-25 14:53 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 17:02 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 17:02 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 16:57 - 2012-10-18 15:41 - 02002781 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 16:53 - 2012-10-25 14:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 16:52 - 2014-04-20 05:50 - 00000168 _____ () C:\Windows\setupact.log
2014-04-20 16:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 13:44 - 2014-04-13 15:30 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 12:34 - 2014-04-16 18:05 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-20 11:44 - 2013-08-28 10:44 - 00000000 ___RD () C:\Users\Alfred\Desktop\PIX
2014-04-20 11:44 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-20 11:44 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-20 11:44 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 10:01 - 2014-04-14 18:06 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 06:45 - 2013-11-02 14:20 - 00000878 _____ () C:\Users\Alfred\Desktop\PIX D - Verknüpfung.lnk
2014-04-20 06:21 - 2014-04-20 17:23 - 00008681 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 05:50 - 2014-04-20 05:50 - 00002946 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:34 - 2013-04-14 10:06 - 00000000 ____D () C:\Users\Alfred\Documents\AVIATION pdfs
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:06 - 2013-06-29 12:08 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Free Download Manager
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 19:59 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\OpenCandy
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:58 - 2014-04-19 19:57 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:33 - 2012-10-25 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:26 - 2012-10-21 13:48 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Mozilla
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 18:25 - 2013-09-04 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 17:24 - 2013-05-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-04-19 17:21 - 2014-04-19 17:20 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-04-18 10:16 - 2012-10-26 06:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-18 10:15 - 2012-10-26 06:51 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 09:00 - 2013-08-19 20:48 - 00012288 _____ () C:\Users\Alfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-16 22:45 - 2014-04-16 22:25 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 22:38 - 2014-04-16 22:28 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 19:07 - 2013-09-29 10:53 - 00176156 _____ () C:\Windows\hphins27.dat
2014-04-16 19:07 - 2012-10-29 15:04 - 00010237 _____ () C:\ProgramData\hpzinstall.log
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 21:00 - 2013-09-21 08:15 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-04-15 20:57 - 2014-04-11 07:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-15 20:57 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Azureus
2014-04-15 20:57 - 2012-10-18 16:36 - 00000000 ____D () C:\Windows\Panther
2014-04-15 20:55 - 2014-04-15 20:55 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-15 20:55 - 2014-04-15 20:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:12 - 2014-04-15 18:11 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-14 20:33 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:31 - 2013-07-04 21:26 - 00000000 ____D () C:\Users\Alfred\Documents\trojaner.board.de.4.7.013
2014-04-14 18:25 - 2012-11-01 09:05 - 00000000 ____D () C:\Users\Alfred\Documents\AUTO
2014-04-14 18:24 - 2012-11-16 13:57 - 00000000 ____D () C:\Users\Alfred\Documents\0.AVIATION
2014-04-14 18:17 - 2012-12-03 12:12 - 00000000 ____D () C:\Users\Alfred\Documents\THAILAND
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:06 - 2012-11-01 11:06 - 00877056 ___SH () C:\Users\Alfred\Documents\Thumbs.db
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 18:04 - 2013-09-13 18:21 - 00000000 ____D () C:\Users\Alfred\Documents\AHV
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:35 - 2014-04-14 15:34 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 08:50 - 2014-04-12 12:21 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-13 06:01 - 2009-07-14 06:45 - 02237408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-12 14:32 - 2013-10-30 06:52 - 00000000 ____D () C:\Users\Alfred\Documents\INTERNETSPEEDTESTs
2014-04-12 14:32 - 2012-10-19 03:23 - 00068440 _____ () C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 13:21 - 2012-11-06 15:13 - 00000000 ____D () C:\Users\Alfred\Documents\FINANZEN
2014-04-12 13:19 - 2013-08-30 11:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:15 - 2014-04-12 13:12 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:25 - 2012-11-13 17:37 - 00000000 ____D () C:\Users\Alfred\Documents\iPad
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 08:48 - 2013-01-02 11:23 - 00000000 ____D () C:\Users\Alfred\Documents\iPAD reading
2014-04-12 03:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-12 03:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 02:52 - 2013-10-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-11 21:03 - 2012-10-18 18:18 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-11 21:01 - 2014-04-10 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-11 20:58 - 2013-09-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-11 20:58 - 2012-10-18 16:08 - 00001309 _____ () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 08:01 - 2012-11-08 13:12 - 00082432 ___SH () C:\Users\Alfred\Thumbs.db
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-10 21:06 - 2013-08-04 12:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 20:44 - 2013-04-17 17:33 - 00000000 ____D () C:\Users\Alfred\Documents\PW
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:48 - 2013-10-05 22:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-10 11:27 - 2014-04-10 11:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:27 - 2013-06-25 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:24 - 2012-10-26 08:22 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:02 - 2012-10-25 14:53 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-10 11:02 - 2012-10-25 14:53 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 03:51 - 2012-10-18 17:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Alfred\AppData\Local\Temp\nshB87B.exe
C:\Users\Alfred\AppData\Local\Temp\nshE105.exe
C:\Users\Alfred\AppData\Local\Temp\nshE460.exe
C:\Users\Alfred\AppData\Local\Temp\nswBC33.exe
C:\Users\Alfred\AppData\Local\Temp\nsy6250.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 10:20

==================== End Of Log ============================
         
--- --- ---
__________________
__________________

Alt 20.04.2014, 20:33   #4
Keckrem
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hi,

vergiss das mit der Hardwarebeschleunigung, hab da Quatsch erzählt.

Du hast dir da ein Rootkit eingefangen.
Zitat:
C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
Poste bitte ein GMER Log. Wegen der Addition.txt, setze bei FRST einfach den Haken.

Da ich nicht zum Malwareteam gehöre, ist an dieser Stelle Schluss für mich, warte bitte bis du Hilfe eines Kompetenzlers bekommst oder erstelle mit den drei Logs (FRST, Addition, GMER) ein Thema unter Plagegeister aller Art und deren Bekämpfung.

Ach, eins noch...

Zitat:
TuneUp Software
Finger weg von Registry Cleanern, die schaden deinem System mehr als sie helfen...

Alt 21.04.2014, 14:38   #5
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hallo Keckrem,
hier also noch die 3 logs. FRST64-Addition-Gmer
Vielen vielen Dank für Deine Mühe

freundliche Grüsse

Alfred

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014 02
Ran by Alfred (administrator) on DM12REP on 21-04-2014 14:42:47
Running from C:\Users\Alfred\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(ArcSoft, Inc.) C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMLite, Inc.) C:\VXP\VMLiteService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462400 2011-02-12] (Acronis)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe [103424 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe [17408 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [SAFE14 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe [73216 2013-05-16] (Steganos Software GmbH)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: L - L:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {63be18cd-1c39-11e2-87aa-20cf308e5960} - E:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {aa142560-a0e7-11e2-b173-20cf308e5960} - K:\HPLauncher.exe
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E20F8E641ADCD01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-26]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=424CC20045927E4CBDC72C5234910BB4
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Claro Search
CHR DefaultSearchURL: Google
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-30]
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]
CHR Extension: (Freemake Video Downloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-09-14]
CHR Extension: (Google-Suche) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]
CHR Extension: (Online HD TV) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih [2013-06-26]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-09-14]
CHR Extension: (Delta Toolbar) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-09-14]
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-26]
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-26]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-06-26]
CHR Extension: (Lavasoft NewTab) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-09-14]
CHR Extension: (Google Mail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-05-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BackupService; C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-07-22] (Garmin Ltd or its subsidiaries)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 VMLiteService; C:\VXP\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-14] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-21 14:42 - 2014-04-21 14:42 - 02056704 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 14:42 - 2014-04-21 14:42 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-20 20:52 - 2014-04-21 14:43 - 00030008 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 17:23 - 2014-04-21 12:37 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-21 08:57 - 00000224 _____ () C:\Windows\setupact.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00002946 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 19:59 - 2014-04-19 20:00 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\OpenCandy
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:57 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 17:20 - 2014-04-19 17:21 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-04-17 09:01 - 2010-05-30 07:21 - 06666752 _____ () C:\Users\Alfred\Desktop\1940's.pps
2014-04-16 22:28 - 2014-04-16 22:38 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 22:25 - 2014-04-16 22:45 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 18:05 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 20:55 - 2014-04-15 20:55 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-15 20:55 - 2014-04-15 20:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:11 - 2014-04-15 18:12 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-15 12:29 - 2011-12-28 22:00 - 22305142 _____ () C:\Users\Alfred\Desktop\TrackIR Explained.mp4
2014-04-14 20:33 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:06 - 2014-04-20 10:01 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:34 - 2014-04-14 15:35 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 12:30 - 2012-11-05 18:54 - 00001901 _____ () C:\Users\Alfred\Desktop\FAVORITEN - Verknüpfung.lnk
2014-04-13 15:30 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:12 - 2014-04-12 13:15 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:21 - 2014-04-14 08:50 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 03:02 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 03:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 03:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 03:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 03:01 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 03:01 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 03:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 03:01 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 03:01 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 03:01 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 03:01 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 03:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 03:01 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 03:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 03:01 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 03:01 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 07:38 - 2014-04-15 20:57 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-11 07:38 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-04-11 07:38 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-04-11 07:38 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-11 07:10 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-11 07:10 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-11 07:10 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-11 07:10 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-11 07:10 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-11 07:10 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-10 21:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:14 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-10 21:14 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-10 21:01 - 2014-04-11 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-10 15:49 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-10 15:49 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-10 15:49 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-10 15:49 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-10 15:49 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:28 - 2014-04-10 11:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:16 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 11:15 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 11:15 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 11:15 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 11:15 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 11:15 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 11:15 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 11:15 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 11:15 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-10 11:15 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-10 11:15 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-10 11:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 11:15 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-10 11:15 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-10 11:15 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-10 11:15 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-10 11:15 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-10 11:15 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-10 11:15 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-10 11:15 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-10 11:15 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-10 11:15 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-10 11:15 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-04-21 14:43 - 2014-04-20 20:52 - 00030008 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-21 14:42 - 2014-04-21 14:42 - 02056704 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 14:42 - 2014-04-21 14:42 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-21 14:42 - 2013-07-04 11:42 - 00000000 ____D () C:\FRST
2014-04-21 14:07 - 2012-10-25 14:53 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-21 13:48 - 2013-04-10 04:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-21 12:37 - 2014-04-20 17:23 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-21 11:07 - 2012-10-25 14:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-21 10:17 - 2012-10-18 15:41 - 02040562 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 09:06 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-21 09:06 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-21 08:57 - 2014-04-20 05:50 - 00000224 _____ () C:\Windows\setupact.log
2014-04-21 08:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 20:45 - 2013-04-10 04:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-20 20:45 - 2012-10-22 08:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 20:45 - 2012-10-22 08:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 20:45 - 2012-10-18 18:15 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Adobe
2014-04-20 20:21 - 2012-10-21 15:24 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\vlc
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 13:44 - 2014-04-13 15:30 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 12:34 - 2014-04-16 18:05 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-20 11:44 - 2013-08-28 10:44 - 00000000 ___RD () C:\Users\Alfred\Desktop\PIX
2014-04-20 11:44 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-20 11:44 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-20 11:44 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 10:01 - 2014-04-14 18:06 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 06:45 - 2013-11-02 14:20 - 00000878 _____ () C:\Users\Alfred\Desktop\PIX D - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-20 05:50 - 00002946 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:34 - 2013-04-14 10:06 - 00000000 ____D () C:\Users\Alfred\Documents\AVIATION pdfs
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:06 - 2013-06-29 12:08 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Free Download Manager
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 19:59 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\OpenCandy
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:58 - 2014-04-19 19:57 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:33 - 2012-10-25 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:26 - 2012-10-21 13:48 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Mozilla
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 18:25 - 2013-09-04 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 17:24 - 2013-05-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-04-19 17:21 - 2014-04-19 17:20 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-04-18 10:16 - 2012-10-26 06:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-18 10:15 - 2012-10-26 06:51 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 09:00 - 2013-08-19 20:48 - 00012288 _____ () C:\Users\Alfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-16 22:45 - 2014-04-16 22:25 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 22:38 - 2014-04-16 22:28 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 19:07 - 2013-09-29 10:53 - 00176156 _____ () C:\Windows\hphins27.dat
2014-04-16 19:07 - 2012-10-29 15:04 - 00010237 _____ () C:\ProgramData\hpzinstall.log
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 21:00 - 2013-09-21 08:15 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-04-15 20:57 - 2014-04-11 07:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-15 20:57 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Azureus
2014-04-15 20:57 - 2012-10-18 16:36 - 00000000 ____D () C:\Windows\Panther
2014-04-15 20:55 - 2014-04-15 20:55 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-15 20:55 - 2014-04-15 20:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:12 - 2014-04-15 18:11 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-14 20:33 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:31 - 2013-07-04 21:26 - 00000000 ____D () C:\Users\Alfred\Documents\trojaner.board.de.4.7.013
2014-04-14 18:25 - 2012-11-01 09:05 - 00000000 ____D () C:\Users\Alfred\Documents\AUTO
2014-04-14 18:24 - 2012-11-16 13:57 - 00000000 ____D () C:\Users\Alfred\Documents\0.AVIATION
2014-04-14 18:17 - 2012-12-03 12:12 - 00000000 ____D () C:\Users\Alfred\Documents\THAILAND
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:06 - 2012-11-01 11:06 - 00877056 ___SH () C:\Users\Alfred\Documents\Thumbs.db
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 18:04 - 2013-09-13 18:21 - 00000000 ____D () C:\Users\Alfred\Documents\AHV
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:35 - 2014-04-14 15:34 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 08:50 - 2014-04-12 12:21 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-13 06:01 - 2009-07-14 06:45 - 02237408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-12 14:32 - 2013-10-30 06:52 - 00000000 ____D () C:\Users\Alfred\Documents\INTERNETSPEEDTESTs
2014-04-12 14:32 - 2012-10-19 03:23 - 00068440 _____ () C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 13:21 - 2012-11-06 15:13 - 00000000 ____D () C:\Users\Alfred\Documents\FINANZEN
2014-04-12 13:19 - 2013-08-30 11:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:15 - 2014-04-12 13:12 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:25 - 2012-11-13 17:37 - 00000000 ____D () C:\Users\Alfred\Documents\iPad
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 08:48 - 2013-01-02 11:23 - 00000000 ____D () C:\Users\Alfred\Documents\iPAD reading
2014-04-12 03:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-12 03:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 02:52 - 2013-10-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-11 21:03 - 2012-10-18 18:18 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-11 21:01 - 2014-04-10 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-11 20:58 - 2013-09-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-11 20:58 - 2012-10-18 16:08 - 00001309 _____ () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 08:01 - 2012-11-08 13:12 - 00082432 ___SH () C:\Users\Alfred\Thumbs.db
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-10 21:06 - 2013-08-04 12:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 20:44 - 2013-04-17 17:33 - 00000000 ____D () C:\Users\Alfred\Documents\PW
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:48 - 2013-10-05 22:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-10 11:27 - 2014-04-10 11:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:27 - 2013-06-25 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:24 - 2012-10-26 08:22 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:02 - 2012-10-25 14:53 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-10 11:02 - 2012-10-25 14:53 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 03:51 - 2012-10-18 17:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Alfred\AppData\Local\Temp\nshB87B.exe
C:\Users\Alfred\AppData\Local\Temp\nshE105.exe
C:\Users\Alfred\AppData\Local\Temp\nshE460.exe
C:\Users\Alfred\AppData\Local\Temp\nswBC33.exe
C:\Users\Alfred\AppData\Local\Temp\nsy6250.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 10:20

==================== End Of Log ============================
         
--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2014 02
Ran by Alfred at 2014-04-21 14:43:44
Running from C:\Users\Alfred\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Ad-Aware Browsing Protection (HKLM-x32\...\Ad-Aware Browsing Protection) (Version: 1.0.1.110 - Lavasoft)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\{8F9B1C8E-F50E-4139-8701-45016021E102}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\{28ADCCAD-3C23-44A1-A93F-47AA176F7AD7}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
aerofly Flug Simulator 2013 (HKLM-x32\...\aerofly Flug Simulator 2013_is1) (Version: 1.0.9.11 - IPACS)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
D4300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Elevated Installer (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{bd9bc494-8cd2-4ae2-92fe-6a3dda9c3ee9}) (Version: 2.2.17 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (HKLM\...\{382300D4-777B-4233-A98C-99EA0F6B881F}) (Version: 13.0 - HP)
HP Imaging Device Functions 14.5 (HKLM\...\HP Imaging Device Functions) (Version: 14.5 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4050 (HKLM\...\{0A9FC1DA-46F7-4305-A4EF-FDCA8D9B1A5A}) (Version: 14.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hpg4050 (x32 Version: 140.000.000.000 - Ihr Firmenname) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{C862EC05-1C15-4327-B15D-C7788D6CFF73}) (Version: 2.1.1 - Brice Lambson)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Motocross Madness 2 (HKLM-x32\...\Motocross Madness 2) (Version:  - )
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Editor 3 (HKLM-x32\...\PDF Editor 3) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.47.714.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Scan (x32 Version: 14.0.1.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steganos Safe 14 (HKLM-x32\...\{13B7FBFB-622E-4002-8570-594798E6167D}) (Version: 14.1 - Steganos Software GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.17271 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Converter (HKCU\...\Video Converter) (Version:  - )
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Win2PDF 7 (HKLM\...\Win2PDF_is1) (Version: 7.0.46 - Dane Prairie Systems, LLC.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM\...\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}) (Version: 28.9.2013.0 - BillP Studios)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

17-04-2014 06:10:55 Geplanter Prüfpunkt
19-04-2014 15:23:58 Removed Safari
19-04-2014 15:37:56 Windows Update
19-04-2014 18:02:00 TuneUp Utilities 2014 wird entfernt
19-04-2014 18:02:29 TuneUp Utilities 2014 (de-DE) wird entfernt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-14 20:29 - 00447822 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	0Scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	Gadgets And More
127.0.0.1	1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {000040EA-D13A-480E-815A-A08C46AE3B6E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {0CCC0779-DB8C-444E-87A0-BEB43185DB23} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1F321B00-B617-46E8-8513-9088F6554D5A} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {1F4C70B3-EBFE-4423-95DC-579F15A4862F} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMNJGMJJHMLJJJGMLMCNHMNJJJMMCNLMPMKJMMCNGMLJOMKMCNMJMMNJMMMJKJGMGMJMKMLMMJJNJICMIMCNHMCNMMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMJMFMOMOMKJIJMIFMPMJNHICMOMOMKJIJMIJNBJCMOLDJJJNIKJLJJNKJCMJNNICMJNDJCMLJKJ"
Task: {23099809-819F-469F-8DB5-3EFD2534E9B4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {332D6A73-4E79-4CA0-9C30-D2655B231956} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {34CDE739-E6A3-4229-A0AC-404334174774} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {3B13C808-C74B-4F0B-87E6-D3E0CCF938B9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {44656418-5D1E-492A-992A-B224072B7A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-20] (Adobe Systems Incorporated)
Task: {5A591FB1-F812-4478-8026-1B7DA49291F5} - System32\Tasks\Run RoboForm Process => C:\Users\Alfred\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe <==== ATTENTION
Task: {72F1B8EC-A588-497D-BC8F-757BD6464D70} - \BitGuard No Task File <==== ATTENTION
Task: {78C9B58F-51F0-40DD-9A04-A27497777A09} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {824BD8CB-B6DD-446F-96BA-FE8507930347} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8AB563ED-7B3B-4DF2-B7A4-EB263403ECE6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {95EB926D-69B0-44F2-9D5B-AFF786B57F10} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {C31010AC-5310-4E13-AF62-AD4309F3D4AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CE999383-AEDF-4DEA-A2AF-988A1730AA8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {D126D102-4CB1-4374-A5AE-FEE4D8DA3E78} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2013-10-10] (Abelssoft)
Task: {D739EF9A-9D3F-4DA4-B661-88FFD3A81B82} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {D7CCB75D-1289-4754-9151-A5D5ECA0BB65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9F4CB9B-2350-4982-9683-4050DC5D0BD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {E6BE1A89-7142-4A29-B4F9-1D52A11FB7CF} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {FFC5DB78-D476-4DD5-AD76-459991BBBD4A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-25 21:50 - 2011-06-07 10:35 - 00074016 _____ () C:\Windows\System32\win2pdfm.dll
2013-09-07 14:02 - 2013-10-10 15:06 - 00020608 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2013-07-04 10:18 - 2013-10-10 15:06 - 00017024 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-07-22 10:22 - 2013-07-22 10:22 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
2011-02-24 19:07 - 2011-02-24 19:07 - 00470120 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-11-06 10:23 - 2011-05-26 15:14 - 00477080 _____ () C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
2010-08-11 14:18 - 2010-08-11 14:18 - 00202344 _____ () C:\VXP\VBoxDDU.dll
2010-08-11 14:18 - 2010-08-11 14:18 - 02725480 _____ () C:\VXP\VBoxRT.dll
2009-03-26 22:03 - 2009-03-26 22:03 - 01289728 _____ () C:\VXP\LIBEAY32.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-09-21 08:27 - 2013-07-15 19:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-14 20:20 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-14 20:20 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-14 20:20 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-14 20:20 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-14 20:20 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-04-19 18:25 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-10 11:26 - 2014-04-20 20:45 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Diesen Hai können Sie vom Büro aus jagen.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Mani Juerg mail 24.5.05. Re_ Swissair - Option 96_2000.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\nico.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Rat vom Experten gegen Schnarchen.eml:OECustomProperty
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "M:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 05:28:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:57:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:49:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FreemakeVideoCapture erreicht.

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/20/2014 00:20:08 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/19/2014 00:57:14 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR8 gefunden.


Microsoft Office Sessions:
=========================
Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup)(User: )
Description: M:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\PROGRAMME downloads DellPCsetups\SoftonicDownloader_for_vlc-media-player.exe

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 05:28:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:57:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:49:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8119.05 MB
Available physical RAM: 5478.9 MB
Total Pagefile: 16236.28 MB
Available Pagefile: 13413.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:28.64 GB) NTFS
Drive d: (Daten2) (Fixed) (Total:232.88 GB) (Free:19.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4CD6244)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: D20CD20C)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2014-04-21 15:32:13
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP6T0L0-8 SAMSUNG_HD502HJ rev.1AJ10001 465.76GB
Running: Gmer-19357.exe; Driver: C:\Users\Alfred\AppData\Local\Temp\kxtdapob.sys

---- Processes - GMER 2.1 ----

Library  C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uTMEMUIMgrEngine.dll (*** suspicious ***) @ C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [1708] (ArcSoft MUI Manager Engine/ArcSoft, Inc.)(2012-11-06 08:23:28)             0000000000240000
Library  C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\Language\DE\uEasyBackupMonitorRes.dll (*** suspicious ***) @ C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [1708] (ArcSoft BBMonitorRes/ArcSoft, Inc.)(2012-11-06 08:23:21)  0000000000250000

---- EOF - GMER 2.1 ----
         
--- --- ---

__________________
Suche nicht das Glueck - lebe es (Buddha)

Alt 21.04.2014, 14:39   #6
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hallo Keckrem,
hier also noch die 3 logs. FRST64-Addition-Gmer
Vielen vielen Dank für Deine Mühe

freundliche Grüsse

Alfred



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014 02
Ran by Alfred (administrator) on DM12REP on 21-04-2014 14:42:47
Running from C:\Users\Alfred\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(ArcSoft, Inc.) C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMLite, Inc.) C:\VXP\VMLiteService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462400 2011-02-12] (Acronis)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe [103424 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe [17408 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [SAFE14 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe [73216 2013-05-16] (Steganos Software GmbH)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: L - L:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {63be18cd-1c39-11e2-87aa-20cf308e5960} - E:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {aa142560-a0e7-11e2-b173-20cf308e5960} - K:\HPLauncher.exe
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E20F8E641ADCD01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-26]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=424CC20045927E4CBDC72C5234910BB4
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Claro Search
CHR DefaultSearchURL: Google
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-30]
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]
CHR Extension: (Freemake Video Downloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-09-14]
CHR Extension: (Google-Suche) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]
CHR Extension: (Online HD TV) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih [2013-06-26]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-09-14]
CHR Extension: (Delta Toolbar) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-09-14]
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-26]
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-26]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-06-26]
CHR Extension: (Lavasoft NewTab) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-09-14]
CHR Extension: (Google Mail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-05-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BackupService; C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-07-22] (Garmin Ltd or its subsidiaries)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 VMLiteService; C:\VXP\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-14] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-21 14:42 - 2014-04-21 14:42 - 02056704 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 14:42 - 2014-04-21 14:42 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-20 20:52 - 2014-04-21 14:43 - 00030008 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 17:23 - 2014-04-21 12:37 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-21 08:57 - 00000224 _____ () C:\Windows\setupact.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00002946 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 19:59 - 2014-04-19 20:00 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\OpenCandy
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:57 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 17:20 - 2014-04-19 17:21 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-04-17 09:01 - 2010-05-30 07:21 - 06666752 _____ () C:\Users\Alfred\Desktop\1940's.pps
2014-04-16 22:28 - 2014-04-16 22:38 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 22:25 - 2014-04-16 22:45 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 18:05 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 20:55 - 2014-04-15 20:55 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-15 20:55 - 2014-04-15 20:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:11 - 2014-04-15 18:12 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-15 12:29 - 2011-12-28 22:00 - 22305142 _____ () C:\Users\Alfred\Desktop\TrackIR Explained.mp4
2014-04-14 20:33 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:06 - 2014-04-20 10:01 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:34 - 2014-04-14 15:35 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 12:30 - 2012-11-05 18:54 - 00001901 _____ () C:\Users\Alfred\Desktop\FAVORITEN - Verknüpfung.lnk
2014-04-13 15:30 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:12 - 2014-04-12 13:15 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:21 - 2014-04-14 08:50 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 03:02 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 03:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 03:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 03:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 03:01 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 03:01 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 03:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 03:01 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 03:01 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 03:01 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 03:01 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 03:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 03:01 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 03:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 03:01 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 03:01 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 07:38 - 2014-04-15 20:57 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-11 07:38 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-04-11 07:38 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-04-11 07:38 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-11 07:10 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-11 07:10 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-11 07:10 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-11 07:10 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-11 07:10 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-11 07:10 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-10 21:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:14 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-10 21:14 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-10 21:01 - 2014-04-11 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-10 15:49 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-10 15:49 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-10 15:49 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-10 15:49 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-10 15:49 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:28 - 2014-04-10 11:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:16 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 11:15 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 11:15 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 11:15 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 11:15 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 11:15 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 11:15 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 11:15 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 11:15 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-10 11:15 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-10 11:15 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-10 11:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 11:15 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-10 11:15 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-10 11:15 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-10 11:15 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-10 11:15 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-10 11:15 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-10 11:15 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-10 11:15 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-10 11:15 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-10 11:15 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-10 11:15 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-04-21 14:43 - 2014-04-20 20:52 - 00030008 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-21 14:42 - 2014-04-21 14:42 - 02056704 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 14:42 - 2014-04-21 14:42 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-21 14:42 - 2013-07-04 11:42 - 00000000 ____D () C:\FRST
2014-04-21 14:07 - 2012-10-25 14:53 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-21 13:48 - 2013-04-10 04:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-21 12:37 - 2014-04-20 17:23 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-21 11:07 - 2012-10-25 14:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-21 10:17 - 2012-10-18 15:41 - 02040562 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 09:06 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-21 09:06 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-21 08:57 - 2014-04-20 05:50 - 00000224 _____ () C:\Windows\setupact.log
2014-04-21 08:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 20:45 - 2013-04-10 04:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-20 20:45 - 2012-10-22 08:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 20:45 - 2012-10-22 08:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 20:45 - 2012-10-18 18:15 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Adobe
2014-04-20 20:21 - 2012-10-21 15:24 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\vlc
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 13:44 - 2014-04-13 15:30 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 12:34 - 2014-04-16 18:05 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-20 11:44 - 2013-08-28 10:44 - 00000000 ___RD () C:\Users\Alfred\Desktop\PIX
2014-04-20 11:44 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-20 11:44 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-20 11:44 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 10:01 - 2014-04-14 18:06 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 06:45 - 2013-11-02 14:20 - 00000878 _____ () C:\Users\Alfred\Desktop\PIX D - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-20 05:50 - 00002946 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:34 - 2013-04-14 10:06 - 00000000 ____D () C:\Users\Alfred\Documents\AVIATION pdfs
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:06 - 2013-06-29 12:08 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Free Download Manager
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 19:59 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\OpenCandy
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:58 - 2014-04-19 19:57 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:33 - 2012-10-25 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:26 - 2012-10-21 13:48 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Mozilla
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 18:25 - 2013-09-04 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 17:24 - 2013-05-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-04-19 17:21 - 2014-04-19 17:20 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-04-18 10:16 - 2012-10-26 06:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-18 10:15 - 2012-10-26 06:51 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 09:00 - 2013-08-19 20:48 - 00012288 _____ () C:\Users\Alfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-16 22:45 - 2014-04-16 22:25 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 22:38 - 2014-04-16 22:28 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 19:07 - 2013-09-29 10:53 - 00176156 _____ () C:\Windows\hphins27.dat
2014-04-16 19:07 - 2012-10-29 15:04 - 00010237 _____ () C:\ProgramData\hpzinstall.log
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 21:00 - 2013-09-21 08:15 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-04-15 20:57 - 2014-04-11 07:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-15 20:57 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Azureus
2014-04-15 20:57 - 2012-10-18 16:36 - 00000000 ____D () C:\Windows\Panther
2014-04-15 20:55 - 2014-04-15 20:55 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-15 20:55 - 2014-04-15 20:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:12 - 2014-04-15 18:11 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-14 20:33 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:31 - 2013-07-04 21:26 - 00000000 ____D () C:\Users\Alfred\Documents\trojaner.board.de.4.7.013
2014-04-14 18:25 - 2012-11-01 09:05 - 00000000 ____D () C:\Users\Alfred\Documents\AUTO
2014-04-14 18:24 - 2012-11-16 13:57 - 00000000 ____D () C:\Users\Alfred\Documents\0.AVIATION
2014-04-14 18:17 - 2012-12-03 12:12 - 00000000 ____D () C:\Users\Alfred\Documents\THAILAND
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:06 - 2012-11-01 11:06 - 00877056 ___SH () C:\Users\Alfred\Documents\Thumbs.db
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 18:04 - 2013-09-13 18:21 - 00000000 ____D () C:\Users\Alfred\Documents\AHV
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:35 - 2014-04-14 15:34 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 08:50 - 2014-04-12 12:21 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-13 06:01 - 2009-07-14 06:45 - 02237408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-12 14:32 - 2013-10-30 06:52 - 00000000 ____D () C:\Users\Alfred\Documents\INTERNETSPEEDTESTs
2014-04-12 14:32 - 2012-10-19 03:23 - 00068440 _____ () C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 13:21 - 2012-11-06 15:13 - 00000000 ____D () C:\Users\Alfred\Documents\FINANZEN
2014-04-12 13:19 - 2013-08-30 11:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:15 - 2014-04-12 13:12 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:25 - 2012-11-13 17:37 - 00000000 ____D () C:\Users\Alfred\Documents\iPad
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 08:48 - 2013-01-02 11:23 - 00000000 ____D () C:\Users\Alfred\Documents\iPAD reading
2014-04-12 03:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-12 03:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 02:52 - 2013-10-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-11 21:03 - 2012-10-18 18:18 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-11 21:01 - 2014-04-10 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-11 20:58 - 2013-09-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-11 20:58 - 2012-10-18 16:08 - 00001309 _____ () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 08:01 - 2012-11-08 13:12 - 00082432 ___SH () C:\Users\Alfred\Thumbs.db
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-10 21:06 - 2013-08-04 12:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 20:44 - 2013-04-17 17:33 - 00000000 ____D () C:\Users\Alfred\Documents\PW
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:48 - 2013-10-05 22:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-10 11:27 - 2014-04-10 11:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:27 - 2013-06-25 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:24 - 2012-10-26 08:22 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:02 - 2012-10-25 14:53 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-10 11:02 - 2012-10-25 14:53 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 03:51 - 2012-10-18 17:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Alfred\AppData\Local\Temp\nshB87B.exe
C:\Users\Alfred\AppData\Local\Temp\nshE105.exe
C:\Users\Alfred\AppData\Local\Temp\nshE460.exe
C:\Users\Alfred\AppData\Local\Temp\nswBC33.exe
C:\Users\Alfred\AppData\Local\Temp\nsy6250.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 10:20

==================== End Of Log ============================
         
--- --- ---

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2014 02
Ran by Alfred at 2014-04-21 14:43:44
Running from C:\Users\Alfred\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Ad-Aware Browsing Protection (HKLM-x32\...\Ad-Aware Browsing Protection) (Version: 1.0.1.110 - Lavasoft)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\{8F9B1C8E-F50E-4139-8701-45016021E102}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\{28ADCCAD-3C23-44A1-A93F-47AA176F7AD7}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
aerofly Flug Simulator 2013 (HKLM-x32\...\aerofly Flug Simulator 2013_is1) (Version: 1.0.9.11 - IPACS)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
D4300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Elevated Installer (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{bd9bc494-8cd2-4ae2-92fe-6a3dda9c3ee9}) (Version: 2.2.17 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (HKLM\...\{382300D4-777B-4233-A98C-99EA0F6B881F}) (Version: 13.0 - HP)
HP Imaging Device Functions 14.5 (HKLM\...\HP Imaging Device Functions) (Version: 14.5 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4050 (HKLM\...\{0A9FC1DA-46F7-4305-A4EF-FDCA8D9B1A5A}) (Version: 14.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hpg4050 (x32 Version: 140.000.000.000 - Ihr Firmenname) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{C862EC05-1C15-4327-B15D-C7788D6CFF73}) (Version: 2.1.1 - Brice Lambson)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Motocross Madness 2 (HKLM-x32\...\Motocross Madness 2) (Version: - )
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Editor 3 (HKLM-x32\...\PDF Editor 3) (Version: - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.47.714.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Scan (x32 Version: 14.0.1.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steganos Safe 14 (HKLM-x32\...\{13B7FBFB-622E-4002-8570-594798E6167D}) (Version: 14.1 - Steganos Software GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.17271 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Converter (HKCU\...\Video Converter) (Version: - )
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Win2PDF 7 (HKLM\...\Win2PDF_is1) (Version: 7.0.46 - Dane Prairie Systems, LLC.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM\...\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}) (Version: 28.9.2013.0 - BillP Studios)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points =========================

17-04-2014 06:10:55 Geplanter Prüfpunkt
19-04-2014 15:23:58 Removed Safari
19-04-2014 15:37:56 Windows Update
19-04-2014 18:02:00 TuneUp Utilities 2014 wird entfernt
19-04-2014 18:02:29 TuneUp Utilities 2014 (de-DE) wird entfernt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-14 20:29 - 00447822 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 0Scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 Gadgets And More
127.0.0.1 1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {000040EA-D13A-480E-815A-A08C46AE3B6E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {0CCC0779-DB8C-444E-87A0-BEB43185DB23} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1F321B00-B617-46E8-8513-9088F6554D5A} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {1F4C70B3-EBFE-4423-95DC-579F15A4862F} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMNJGMJJHMLJJJGMLMCNHMNJJJMMCNLMPMKJMMCNGMLJOMKMCNMJMMNJMMMJKJGMGMJMKMLMMJJNJICMIMCNHMCNMMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPI CMJMFMOMOMKJIJMIFMPMJNHICMOMOMKJIJMIJNBJCMOLDJJJNIKJLJJNKJCMJNNICMJNDJCMLJKJ"
Task: {23099809-819F-469F-8DB5-3EFD2534E9B4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {332D6A73-4E79-4CA0-9C30-D2655B231956} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {34CDE739-E6A3-4229-A0AC-404334174774} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {3B13C808-C74B-4F0B-87E6-D3E0CCF938B9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {44656418-5D1E-492A-992A-B224072B7A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-20] (Adobe Systems Incorporated)
Task: {5A591FB1-F812-4478-8026-1B7DA49291F5} - System32\Tasks\Run RoboForm Process => C:\Users\Alfred\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe <==== ATTENTION
Task: {72F1B8EC-A588-497D-BC8F-757BD6464D70} - \BitGuard No Task File <==== ATTENTION
Task: {78C9B58F-51F0-40DD-9A04-A27497777A09} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {824BD8CB-B6DD-446F-96BA-FE8507930347} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8AB563ED-7B3B-4DF2-B7A4-EB263403ECE6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {95EB926D-69B0-44F2-9D5B-AFF786B57F10} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {C31010AC-5310-4E13-AF62-AD4309F3D4AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CE999383-AEDF-4DEA-A2AF-988A1730AA8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {D126D102-4CB1-4374-A5AE-FEE4D8DA3E78} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2013-10-10] (Abelssoft)
Task: {D739EF9A-9D3F-4DA4-B661-88FFD3A81B82} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {D7CCB75D-1289-4754-9151-A5D5ECA0BB65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9F4CB9B-2350-4982-9683-4050DC5D0BD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {E6BE1A89-7142-4A29-B4F9-1D52A11FB7CF} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {FFC5DB78-D476-4DD5-AD76-459991BBBD4A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-25 21:50 - 2011-06-07 10:35 - 00074016 _____ () C:\Windows\System32\win2pdfm.dll
2013-09-07 14:02 - 2013-10-10 15:06 - 00020608 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2013-07-04 10:18 - 2013-10-10 15:06 - 00017024 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-07-22 10:22 - 2013-07-22 10:22 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
2011-02-24 19:07 - 2011-02-24 19:07 - 00470120 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-11-06 10:23 - 2011-05-26 15:14 - 00477080 _____ () C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
2010-08-11 14:18 - 2010-08-11 14:18 - 00202344 _____ () C:\VXP\VBoxDDU.dll
2010-08-11 14:18 - 2010-08-11 14:18 - 02725480 _____ () C:\VXP\VBoxRT.dll
2009-03-26 22:03 - 2009-03-26 22:03 - 01289728 _____ () C:\VXP\LIBEAY32.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-09-21 08:27 - 2013-07-15 19:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-14 20:20 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-14 20:20 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-14 20:20 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-14 20:20 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-14 20:20 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-04-19 18:25 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-10 11:26 - 2014-04-20 20:45 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Diesen Hai können Sie vom Büro aus jagen.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Mani Juerg mail 24.5.05. Re_ Swissair - Option 96_2000.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\nico.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Rat vom Experten gegen Schnarchen.eml:OECustomProperty
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "M:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 05:28:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:57:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:49:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FreemakeVideoCapture erreicht.

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/20/2014 00:20:08 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/19/2014 00:57:14 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR8 gefunden.


Microsoft Office Sessions:
=========================
Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup)(User: )
Description: M:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\PROGRAMME downloads DellPCsetups\SoftonicDownloader_for_vlc-media-player.exe

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 05:28:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:57:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:49:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 8119.05 MB
Available physical RAM: 5478.9 MB
Total Pagefile: 16236.28 MB
Available Pagefile: 13413.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:28.64 GB) NTFS
Drive d: (Daten2) (Fixed) (Total:232.88 GB) (Free:19.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4CD6244)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: D20CD20C)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================


GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2014-04-21 15:32:13
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP6T0L0-8 SAMSUNG_HD502HJ rev.1AJ10001 465.76GB
Running: Gmer-19357.exe; Driver: C:\Users\Alfred\AppData\Local\Temp\kxtdapob.sys

---- Processes - GMER 2.1 ----

Library  C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uTMEMUIMgrEngine.dll (*** suspicious ***) @ C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [1708] (ArcSoft MUI Manager Engine/ArcSoft, Inc.)(2012-11-06 08:23:28)             0000000000240000
Library  C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\Language\DE\uEasyBackupMonitorRes.dll (*** suspicious ***) @ C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [1708] (ArcSoft BBMonitorRes/ArcSoft, Inc.)(2012-11-06 08:23:21)  0000000000250000

---- EOF - GMER 2.1 ----
         
--- --- ---
__________________
--> Kann Youtube videos nicht abspielen

Alt 21.04.2014, 16:31   #7
Keckrem
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hi,

hast doppelt gepostet

Ich kann dir an hier nur sagen, dass auf deinem PC einiges los ist. Ich könnte dir wahrscheinlich helfen, aber ich darf es leider nicht.

Was ich dir sagen kann:

Necurs Rootkit (-> KEIN ONLINEBANKING vor dem Ende der Bereinigung)
Adware bis zum Unfallen

Und wenn ich mir den Teil bei hosts ansehe, wird da noch einiges im Argen liegen:

Zitat:
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 0Scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 Gadgets And More
127.0.0.1 1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.

Und hat es einen bestimmten Grund, dass du Adobe Photoshop 7.0 verwendest?
Spybot ist für mich nicht auf aktuellem Stand der Malware, ich würde es deinstallieren.
Selbes gilt für Ad-Aware.

Danach (wenn du es deinstallierst) bitte neues FRST Log, Haken bei Addition setzen.

Alt 21.04.2014, 17:02   #8
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



oh, schlimme Sache, danke für den schonungslosen feedback...
ja, auf meinem PC gibt es verschiedene user, war lange abwesend dazu..
hier nochmals first64 und addition. Habe die beiden genannten Programme gem. Deiner Instruktion desinstalliert. Photoshop 7 habe ich seit vielen jahren drauf und bin eigentlich zufrieden damit. Die neuen sind sehr teuer.
Uebrigens, ich habe zum ersten mal dieses Ctrl-V verwendet und habe festgestellt, dass nur Addition draufkommt, nicht aber das FRST64 log. Ich hoffe nicht, dass es wieder 2x drauf ist.
Vielen vielen Dank
Gruss
Alfred
FRST Logfile:
[CODE]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-04-2014
Ran by Alfred (administrator) on DM12REP on 21-04-2014 17:46:59
Running from C:\Users\Alfred\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(ArcSoft, Inc.) C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMLite, Inc.) C:\VXP\VMLiteService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462400 2011-02-12] (Acronis)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe [103424 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe [17408 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [SAFE14 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe [73216 2013-05-16] (Steganos Software GmbH)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\RunOnce: [adawarebp_XP] - reg.exe delete "HKCU\Software\adawarebp" /f
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\RunOnce: [adawarebp_DATA_FOLDER] - cmd.exe /c rmdir "C:\ProgramData\Ad-Aware Browsing Protection" /s /q
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\RunOnce: [adawarebp_INSTALL_FOLDER] - cmd.exe /c rmdir "C:\Users\Alfred\AppData\Local\adawarebp" /s /q
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: L - L:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {63be18cd-1c39-11e2-87aa-20cf308e5960} - E:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {aa142560-a0e7-11e2-b173-20cf308e5960} - K:\HPLauncher.exe
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E20F8E641ADCD01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-26]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome:
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=424CC20045927E4CBDC72C5234910BB4
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Claro Search
CHR DefaultSearchURL: Google
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-30]
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]
CHR Extension: (Freemake Video Downloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-09-14]
CHR Extension: (Google-Suche) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]
CHR Extension: (Online HD TV) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih [2013-06-26]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-09-14]
CHR Extension: (Delta Toolbar) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-09-14]
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-26]
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-26]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-06-26]
CHR Extension: (Lavasoft NewTab) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-09-14]
CHR Extension: (Google Mail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-05-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BackupService; C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-07-22] (Garmin Ltd or its subsidiaries)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 VMLiteService; C:\VXP\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-14] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-21 17:47 - 2014-04-21 17:47 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner (2)
2014-04-21 17:40 - 2014-04-21 17:40 - 00000085 _____ () C:\Windows\wininit.ini
2014-04-21 15:34 - 2014-04-21 15:34 - 00000921 _____ () C:\Users\Alfred\Desktop\Gmer.log
2014-04-21 14:56 - 2014-04-21 14:56 - 00000000 ____D () C:\Users\Alfred\Documents\1.RELIGIONEN
2014-04-21 14:46 - 2014-04-21 14:47 - 00380416 _____ () C:\Users\Alfred\Desktop\Gmer-19357.exe
2014-04-21 14:42 - 2014-04-21 17:46 - 02060288 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 14:42 - 2014-04-21 17:46 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 17:23 - 2014-04-21 12:37 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-21 17:42 - 00000280 _____ () C:\Windows\setupact.log
2014-04-20 05:50 - 2014-04-21 17:41 - 00005824 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 19:59 - 2014-04-19 20:00 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\OpenCandy
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:57 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 17:20 - 2014-04-19 17:21 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-04-17 09:01 - 2010-05-30 07:21 - 06666752 _____ () C:\Users\Alfred\Desktop\1940's.pps
2014-04-16 22:28 - 2014-04-16 22:38 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 22:25 - 2014-04-16 22:45 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 18:05 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:11 - 2014-04-15 18:12 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-15 12:29 - 2011-12-28 22:00 - 22305142 _____ () C:\Users\Alfred\Desktop\TrackIR Explained.mp4
2014-04-14 20:33 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:06 - 2014-04-20 10:01 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:34 - 2014-04-14 15:35 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 12:30 - 2012-11-05 18:54 - 00001901 _____ () C:\Users\Alfred\Desktop\FAVORITEN - Verknüpfung.lnk
2014-04-13 15:30 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:12 - 2014-04-12 13:15 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:21 - 2014-04-14 08:50 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 03:02 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 03:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 03:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 03:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 03:01 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 03:01 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 03:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 03:01 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 03:01 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 03:01 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 03:01 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 03:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 03:01 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 03:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 03:01 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 03:01 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 07:38 - 2014-04-15 20:57 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-11 07:38 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-04-11 07:38 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-04-11 07:38 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-11 07:10 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-11 07:10 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-11 07:10 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-11 07:10 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-11 07:10 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-11 07:10 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-10 21:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:14 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-10 21:14 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-10 21:01 - 2014-04-11 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-10 15:49 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-10 15:49 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-10 15:49 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-10 15:49 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-10 15:49 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:28 - 2014-04-10 11:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:16 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 11:15 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 11:15 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 11:15 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 11:15 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 11:15 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 11:15 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 11:15 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 11:15 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-10 11:15 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-10 11:15 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-10 11:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 11:15 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-10 11:15 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-10 11:15 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-10 11:15 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-10 11:15 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-10 11:15 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-10 11:15 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-10 11:15 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-10 11:15 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-10 11:15 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-10 11:15 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-04-21 17:47 - 2014-04-21 17:47 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner (2)
2014-04-21 17:46 - 2014-04-21 14:42 - 02060288 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 17:46 - 2014-04-21 14:42 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-21 17:46 - 2013-07-04 11:42 - 00000000 ____D () C:\FRST
2014-04-21 17:46 - 2012-10-18 15:41 - 02048112 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 17:42 - 2014-04-20 05:50 - 00000280 _____ () C:\Windows\setupact.log
2014-04-21 17:42 - 2012-10-25 14:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-21 17:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-21 17:41 - 2014-04-20 05:50 - 00005824 _____ () C:\Windows\PFRO.log
2014-04-21 17:40 - 2014-04-21 17:40 - 00000085 _____ () C:\Windows\wininit.ini
2014-04-21 17:07 - 2012-10-25 14:53 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-21 16:48 - 2013-04-10 04:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-21 15:34 - 2014-04-21 15:34 - 00000921 _____ () C:\Users\Alfred\Desktop\Gmer.log
2014-04-21 14:56 - 2014-04-21 14:56 - 00000000 ____D () C:\Users\Alfred\Documents\1.RELIGIONEN
2014-04-21 14:47 - 2014-04-21 14:46 - 00380416 _____ () C:\Users\Alfred\Desktop\Gmer-19357.exe
2014-04-21 12:37 - 2014-04-20 17:23 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-21 09:06 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-21 09:06 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 20:45 - 2013-04-10 04:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-20 20:45 - 2012-10-22 08:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 20:45 - 2012-10-22 08:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 20:45 - 2012-10-18 18:15 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Adobe
2014-04-20 20:21 - 2012-10-21 15:24 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\vlc
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 13:44 - 2014-04-13 15:30 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 12:34 - 2014-04-16 18:05 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-20 11:44 - 2013-08-28 10:44 - 00000000 ___RD () C:\Users\Alfred\Desktop\PIX
2014-04-20 11:44 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-20 11:44 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-20 11:44 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 10:01 - 2014-04-14 18:06 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 06:45 - 2013-11-02 14:20 - 00000878 _____ () C:\Users\Alfred\Desktop\PIX D - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:34 - 2013-04-14 10:06 - 00000000 ____D () C:\Users\Alfred\Documents\AVIATION pdfs
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:06 - 2013-06-29 12:08 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Free Download Manager
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 19:59 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\OpenCandy
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:58 - 2014-04-19 19:57 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:33 - 2012-10-25 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:26 - 2012-10-21 13:48 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Mozilla
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 18:25 - 2013-09-04 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 17:24 - 2013-05-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-04-19 17:21 - 2014-04-19 17:20 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-04-18 10:16 - 2012-10-26 06:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-18 10:15 - 2012-10-26 06:51 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 09:00 - 2013-08-19 20:48 - 00012288 _____ () C:\Users\Alfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-16 22:45 - 2014-04-16 22:25 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 22:38 - 2014-04-16 22:28 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 19:07 - 2013-09-29 10:53 - 00176156 _____ () C:\Windows\hphins27.dat
2014-04-16 19:07 - 2012-10-29 15:04 - 00010237 _____ () C:\ProgramData\hpzinstall.log
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 21:00 - 2013-09-21 08:15 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-04-15 20:57 - 2014-04-11 07:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-15 20:57 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Azureus
2014-04-15 20:57 - 2012-10-18 16:36 - 00000000 ____D () C:\Windows\Panther
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:12 - 2014-04-15 18:11 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-14 20:33 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:31 - 2013-07-04 21:26 - 00000000 ____D () C:\Users\Alfred\Documents\trojaner.board.de.4.7.013
2014-04-14 18:25 - 2012-11-01 09:05 - 00000000 ____D () C:\Users\Alfred\Documents\AUTO
2014-04-14 18:24 - 2012-11-16 13:57 - 00000000 ____D () C:\Users\Alfred\Documents\0.AVIATION
2014-04-14 18:17 - 2012-12-03 12:12 - 00000000 ____D () C:\Users\Alfred\Documents\THAILAND
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:06 - 2012-11-01 11:06 - 00877056 ___SH () C:\Users\Alfred\Documents\Thumbs.db
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 18:04 - 2013-09-13 18:21 - 00000000 ____D () C:\Users\Alfred\Documents\AHV
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:35 - 2014-04-14 15:34 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 08:50 - 2014-04-12 12:21 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-13 06:01 - 2009-07-14 06:45 - 02237408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-12 14:32 - 2013-10-30 06:52 - 00000000 ____D () C:\Users\Alfred\Documents\INTERNETSPEEDTESTs
2014-04-12 14:32 - 2012-10-19 03:23 - 00068440 _____ () C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 13:21 - 2012-11-06 15:13 - 00000000 ____D () C:\Users\Alfred\Documents\FINANZEN
2014-04-12 13:19 - 2013-08-30 11:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:15 - 2014-04-12 13:12 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:25 - 2012-11-13 17:37 - 00000000 ____D () C:\Users\Alfred\Documents\iPad
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 08:48 - 2013-01-02 11:23 - 00000000 ____D () C:\Users\Alfred\Documents\iPAD reading
2014-04-12 03:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-12 03:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 02:52 - 2013-10-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-11 21:03 - 2012-10-18 18:18 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-11 21:01 - 2014-04-10 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-11 20:58 - 2013-09-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-11 20:58 - 2012-10-18 16:08 - 00001309 _____ () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 08:01 - 2012-11-08 13:12 - 00082432 ___SH () C:\Users\Alfred\Thumbs.db
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-10 21:06 - 2013-08-04 12:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 20:44 - 2013-04-17 17:33 - 00000000 ____D () C:\Users\Alfred\Documents\PW
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:48 - 2013-10-05 22:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-10 11:27 - 2014-04-10 11:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:27 - 2013-06-25 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:24 - 2012-10-26 08:22 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:02 - 2012-10-25 14:53 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-10 11:02 - 2012-10-25 14:53 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 03:51 - 2012-10-18 17:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Alfred\AppData\Local\Temp\nshB87B.exe
C:\Users\Alfred\AppData\Local\Temp\nshE105.exe
C:\Users\Alfred\AppData\Local\Temp\nshE460.exe
C:\Users\Alfred\AppData\Local\Temp\nswBC33.exe
C:\Users\Alfred\AppData\Local\Temp\nsy6250.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legitFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-04-2014
Ran by Alfred at 2014-04-21 17:48:10
Running from C:\Users\Alfred\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\{8F9B1C8E-F50E-4139-8701-45016021E102}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\{28ADCCAD-3C23-44A1-A93F-47AA176F7AD7}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
aerofly Flug Simulator 2013 (HKLM-x32\...\aerofly Flug Simulator 2013_is1) (Version: 1.0.9.11 - IPACS)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
D4300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Elevated Installer (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{bd9bc494-8cd2-4ae2-92fe-6a3dda9c3ee9}) (Version: 2.2.17 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (HKLM\...\{382300D4-777B-4233-A98C-99EA0F6B881F}) (Version: 13.0 - HP)
HP Imaging Device Functions 14.5 (HKLM\...\HP Imaging Device Functions) (Version: 14.5 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4050 (HKLM\...\{0A9FC1DA-46F7-4305-A4EF-FDCA8D9B1A5A}) (Version: 14.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hpg4050 (x32 Version: 140.000.000.000 - Ihr Firmenname) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{C862EC05-1C15-4327-B15D-C7788D6CFF73}) (Version: 2.1.1 - Brice Lambson)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Motocross Madness 2 (HKLM-x32\...\Motocross Madness 2) (Version:  - )
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Editor 3 (HKLM-x32\...\PDF Editor 3) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.47.714.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Scan (x32 Version: 14.0.1.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steganos Safe 14 (HKLM-x32\...\{13B7FBFB-622E-4002-8570-594798E6167D}) (Version: 14.1 - Steganos Software GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.17271 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Converter (HKCU\...\Video Converter) (Version:  - )
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Win2PDF 7 (HKLM\...\Win2PDF_is1) (Version: 7.0.46 - Dane Prairie Systems, LLC.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM\...\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}) (Version: 28.9.2013.0 - BillP Studios)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

17-04-2014 06:10:55 Geplanter Prüfpunkt
19-04-2014 15:23:58 Removed Safari
19-04-2014 15:37:56 Windows Update
19-04-2014 18:02:00 TuneUp Utilities 2014 wird entfernt
19-04-2014 18:02:29 TuneUp Utilities 2014 (de-DE) wird entfernt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-14 20:29 - 00447822 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	[¹ã³¡ÎèÀÏÆÅ×î´óÇ¡Ç¡,¹ã³¡ÎèÃñ×åÎè,ÔÆÉѹ㳡ÎèÌÒ»¨ÔËÇ¡Ç¡],2014Ê×Ò³
127.0.0.1	032439.com
127.0.0.1	0Scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	Gadgets And More
127.0.0.1	1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {000040EA-D13A-480E-815A-A08C46AE3B6E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {0CCC0779-DB8C-444E-87A0-BEB43185DB23} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1F321B00-B617-46E8-8513-9088F6554D5A} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {1F4C70B3-EBFE-4423-95DC-579F15A4862F} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMNJGMJJHMLJJJGMLMCNHMNJJJMMCNLMPMKJMMCNGMLJOMKMCNMJMMNJMMMJKJGMGMJMKMLMMJJNJICMIMCNHMCNMMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMJMFMOMOMKJIJMIFMPMJNHICMOMOMKJIJMIJNBJCMOLDJJJNIKJLJJNKJCMJNNICMJNDJCMLJKJ"
Task: {23099809-819F-469F-8DB5-3EFD2534E9B4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {332D6A73-4E79-4CA0-9C30-D2655B231956} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {44656418-5D1E-492A-992A-B224072B7A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-20] (Adobe Systems Incorporated)
Task: {5A591FB1-F812-4478-8026-1B7DA49291F5} - System32\Tasks\Run RoboForm Process => C:\Users\Alfred\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe <==== ATTENTION
Task: {72F1B8EC-A588-497D-BC8F-757BD6464D70} - \BitGuard No Task File <==== ATTENTION
Task: {78C9B58F-51F0-40DD-9A04-A27497777A09} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {824BD8CB-B6DD-446F-96BA-FE8507930347} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {95EB926D-69B0-44F2-9D5B-AFF786B57F10} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {C31010AC-5310-4E13-AF62-AD4309F3D4AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CE999383-AEDF-4DEA-A2AF-988A1730AA8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {D126D102-4CB1-4374-A5AE-FEE4D8DA3E78} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2013-10-10] (Abelssoft)
Task: {D7CCB75D-1289-4754-9151-A5D5ECA0BB65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9F4CB9B-2350-4982-9683-4050DC5D0BD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {E6BE1A89-7142-4A29-B4F9-1D52A11FB7CF} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {FFC5DB78-D476-4DD5-AD76-459991BBBD4A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-25 21:50 - 2011-06-07 10:35 - 00074016 _____ () C:\Windows\System32\win2pdfm.dll
2013-09-07 14:02 - 2013-10-10 15:06 - 00020608 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2013-07-04 10:18 - 2013-10-10 15:06 - 00017024 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-07-22 10:22 - 2013-07-22 10:22 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
2012-11-06 10:23 - 2011-05-26 15:14 - 00477080 _____ () C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
2011-02-24 19:07 - 2011-02-24 19:07 - 00470120 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-08-11 14:18 - 2010-08-11 14:18 - 00202344 _____ () C:\VXP\VBoxDDU.dll
2010-08-11 14:18 - 2010-08-11 14:18 - 02725480 _____ () C:\VXP\VBoxRT.dll
2009-03-26 22:03 - 2009-03-26 22:03 - 01289728 _____ () C:\VXP\LIBEAY32.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-09-21 08:27 - 2013-07-15 19:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-29 22:30 - 2014-04-12 02:52 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-04-19 18:25 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Diesen Hai können Sie vom Büro aus jagen.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Mani Juerg mail 24.5.05. Re_ Swissair - Option 96_2000.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\nico.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Rat vom Experten gegen Schnarchen.eml:OECustomProperty
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2014 05:43:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "M:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 05:28:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:57:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FreemakeVideoCapture erreicht.

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/20/2014 00:20:08 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/19/2014 00:57:14 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR8 gefunden.


Microsoft Office Sessions:
=========================
Error: (04/21/2014 05:43:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup)(User: )
Description: M:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\PROGRAMME downloads DellPCsetups\SoftonicDownloader_for_vlc-media-player.exe

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 05:28:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:57:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8119.05 MB
Available physical RAM: 5904.75 MB
Total Pagefile: 16236.28 MB
Available Pagefile: 13725.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:28.86 GB) NTFS
Drive d: (Daten2) (Fixed) (Total:232.88 GB) (Free:19.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4CD6244)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: D20CD20C)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________
Suche nicht das Glueck - lebe es (Buddha)

Alt 21.04.2014, 19:06   #9
Keckrem
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hi,

FRST Log ist nicht in Code-Tags...

Ich werde dir dann doch helfen, aber nur soweit ich das auch kann, ohne etwas zu zerstören.
Ich übernehme keine Gewähr für Systemschäden, bitte sichere alle wichtigen Daten, auch wenn wahrscheinlich alles glatt geht.

Schritt 1:
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Schritt 2:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Hi nochmal,

bitte wie vorgegeben weitermachen, aber mir ist gerade etwas aufgefallen...

Lade die folgenden Dateien bitte auf Virustotal hoch.

Zitat:
C:\Program Files\Unlocker\UnlockerDriver5.sys
C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys
Solltest du die Meldung
Zitat:
Die Datei wurde bereits bei Virustotal analysiert
bekommen, klicke bitte auf "Reanalyse".

Alt 21.04.2014, 20:06   #10
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hallo Keckrem,
anbei die neusten First64 und addition logs, Anfrage: was ist "Virustotal" und wie kann ich die Dateien dort hochladen?
Gruss
Alfred
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-04-2014 01
Ran by Alfred (administrator) on DM12REP on 21-04-2014 21:00:08
Running from C:\Users\Alfred\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(ArcSoft, Inc.) C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMLite, Inc.) C:\VXP\VMLiteService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462400 2011-02-12] (Acronis)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe [103424 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe [17408 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [SAFE14 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe [73216 2013-05-16] (Steganos Software GmbH)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: L - L:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {63be18cd-1c39-11e2-87aa-20cf308e5960} - K:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {aa142560-a0e7-11e2-b173-20cf308e5960} - K:\HPLauncher.exe
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E20F8E641ADCD01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-26]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=424CC20045927E4CBDC72C5234910BB4
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Claro Search
CHR DefaultSearchURL: Google
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-30]
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]
CHR Extension: (Freemake Video Downloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-09-14]
CHR Extension: (Google-Suche) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]
CHR Extension: (Online HD TV) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih [2013-06-26]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-09-14]
CHR Extension: (Delta Toolbar) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-09-14]
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-26]
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-26]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-06-26]
CHR Extension: (Lavasoft NewTab) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-09-14]
CHR Extension: (Google Mail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-05-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BackupService; C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-07-22] (Garmin Ltd or its subsidiaries)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 VMLiteService; C:\VXP\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-14] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-21 21:00 - 2014-04-21 21:00 - 00028828 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-21 20:58 - 2014-04-21 20:58 - 02163712 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(2).exe
2014-04-21 20:19 - 2014-04-21 20:19 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-21 20:19 - 2014-04-21 20:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-21 20:19 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-21 20:19 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-21 20:19 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-21 20:18 - 2014-04-21 20:53 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 20:06 - 2014-04-21 20:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Alfred\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-21 18:08 - 2014-04-21 18:08 - 00114528 _____ () C:\Users\Alfred\Desktop\trojaner board. 18.00.txt
2014-04-21 17:47 - 2014-04-21 17:47 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner (2)
2014-04-21 17:40 - 2014-04-21 17:40 - 00000085 _____ () C:\Windows\wininit.ini
2014-04-21 15:34 - 2014-04-21 15:34 - 00000921 _____ () C:\Users\Alfred\Desktop\Gmer.log
2014-04-21 14:56 - 2014-04-21 14:56 - 00000000 ____D () C:\Users\Alfred\Documents\1.RELIGIONEN
2014-04-21 14:46 - 2014-04-21 14:47 - 00380416 _____ () C:\Users\Alfred\Desktop\Gmer-19357.exe
2014-04-21 14:42 - 2014-04-21 20:59 - 02163712 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 14:42 - 2014-04-21 20:59 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 17:23 - 2014-04-21 12:37 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-21 20:50 - 00009578 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-21 20:50 - 00000392 _____ () C:\Windows\setupact.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 19:59 - 2014-04-19 20:00 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:57 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-17 09:01 - 2010-05-30 07:21 - 06666752 _____ () C:\Users\Alfred\Desktop\1940's.pps
2014-04-16 22:28 - 2014-04-16 22:38 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 22:25 - 2014-04-16 22:45 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 18:05 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:11 - 2014-04-15 18:12 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-15 12:29 - 2011-12-28 22:00 - 22305142 _____ () C:\Users\Alfred\Desktop\TrackIR Explained.mp4
2014-04-14 20:33 - 2014-04-21 19:17 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:06 - 2014-04-20 10:01 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:34 - 2014-04-14 15:35 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 12:30 - 2012-11-05 18:54 - 00001901 _____ () C:\Users\Alfred\Desktop\FAVORITEN - Verknüpfung.lnk
2014-04-13 15:30 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:12 - 2014-04-12 13:15 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:21 - 2014-04-14 08:50 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 03:02 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 03:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 03:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 03:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 03:01 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 03:01 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 03:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 03:01 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 03:01 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 03:01 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 03:01 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 03:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 03:01 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 03:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 03:01 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 03:01 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 07:38 - 2014-04-15 20:57 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-11 07:38 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-04-11 07:38 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-04-11 07:38 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-11 07:10 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-11 07:10 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-11 07:10 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-11 07:10 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-11 07:10 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-11 07:10 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-10 21:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:14 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-10 21:14 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-10 21:01 - 2014-04-11 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-10 15:49 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-10 15:49 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-10 15:49 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-10 15:49 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-10 15:49 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:28 - 2014-04-10 11:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:16 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 11:15 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 11:15 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 11:15 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 11:15 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 11:15 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 11:15 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 11:15 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 11:15 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-10 11:15 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-10 11:15 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-10 11:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 11:15 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-10 11:15 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-10 11:15 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-10 11:15 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-10 11:15 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-10 11:15 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-10 11:15 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-10 11:15 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-10 11:15 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-10 11:15 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-10 11:15 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-04-21 21:00 - 2014-04-21 21:00 - 00028828 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-21 21:00 - 2013-07-04 11:42 - 00000000 ____D () C:\FRST
2014-04-21 20:59 - 2014-04-21 14:42 - 02163712 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 20:59 - 2014-04-21 14:42 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-21 20:59 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-21 20:59 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-21 20:58 - 2014-04-21 20:58 - 02163712 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(2).exe
2014-04-21 20:55 - 2012-10-18 15:41 - 02063237 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 20:53 - 2014-04-21 20:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 20:51 - 2012-10-25 14:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-21 20:50 - 2014-04-20 05:50 - 00009578 _____ () C:\Windows\PFRO.log
2014-04-21 20:50 - 2014-04-20 05:50 - 00000392 _____ () C:\Windows\setupact.log
2014-04-21 20:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-21 20:48 - 2013-04-10 04:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-21 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Web
2014-04-21 20:19 - 2014-04-21 20:19 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-21 20:19 - 2014-04-21 20:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-21 20:17 - 2013-06-24 17:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-21 20:07 - 2012-10-25 14:53 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-21 20:06 - 2014-04-21 20:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Alfred\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-21 19:19 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-21 19:19 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-21 19:19 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-21 19:17 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-21 18:08 - 2014-04-21 18:08 - 00114528 _____ () C:\Users\Alfred\Desktop\trojaner board. 18.00.txt
2014-04-21 17:47 - 2014-04-21 17:47 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner (2)
2014-04-21 17:40 - 2014-04-21 17:40 - 00000085 _____ () C:\Windows\wininit.ini
2014-04-21 15:34 - 2014-04-21 15:34 - 00000921 _____ () C:\Users\Alfred\Desktop\Gmer.log
2014-04-21 14:56 - 2014-04-21 14:56 - 00000000 ____D () C:\Users\Alfred\Documents\1.RELIGIONEN
2014-04-21 14:47 - 2014-04-21 14:46 - 00380416 _____ () C:\Users\Alfred\Desktop\Gmer-19357.exe
2014-04-21 12:37 - 2014-04-20 17:23 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 20:45 - 2013-04-10 04:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-20 20:45 - 2012-10-22 08:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 20:45 - 2012-10-22 08:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 20:45 - 2012-10-18 18:15 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Adobe
2014-04-20 20:21 - 2012-10-21 15:24 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\vlc
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 13:44 - 2014-04-13 15:30 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 12:34 - 2014-04-16 18:05 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-20 11:44 - 2013-08-28 10:44 - 00000000 ___RD () C:\Users\Alfred\Desktop\PIX
2014-04-20 10:01 - 2014-04-14 18:06 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 06:45 - 2013-11-02 14:20 - 00000878 _____ () C:\Users\Alfred\Desktop\PIX D - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:34 - 2013-04-14 10:06 - 00000000 ____D () C:\Users\Alfred\Documents\AVIATION pdfs
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:06 - 2013-06-29 12:08 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Free Download Manager
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 19:59 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:58 - 2014-04-19 19:57 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:33 - 2012-10-25 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:26 - 2012-10-21 13:48 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Mozilla
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 18:25 - 2013-09-04 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 17:24 - 2013-05-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-04-18 10:16 - 2012-10-26 06:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-18 10:15 - 2012-10-26 06:51 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 09:00 - 2013-08-19 20:48 - 00012288 _____ () C:\Users\Alfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-16 22:45 - 2014-04-16 22:25 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 22:38 - 2014-04-16 22:28 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 19:07 - 2013-09-29 10:53 - 00176156 _____ () C:\Windows\hphins27.dat
2014-04-16 19:07 - 2012-10-29 15:04 - 00010237 _____ () C:\ProgramData\hpzinstall.log
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 21:00 - 2013-09-21 08:15 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-04-15 20:57 - 2014-04-11 07:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-15 20:57 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Azureus
2014-04-15 20:57 - 2012-10-18 16:36 - 00000000 ____D () C:\Windows\Panther
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:12 - 2014-04-15 18:11 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:31 - 2013-07-04 21:26 - 00000000 ____D () C:\Users\Alfred\Documents\trojaner.board.de.4.7.013
2014-04-14 18:25 - 2012-11-01 09:05 - 00000000 ____D () C:\Users\Alfred\Documents\AUTO
2014-04-14 18:24 - 2012-11-16 13:57 - 00000000 ____D () C:\Users\Alfred\Documents\0.AVIATION
2014-04-14 18:17 - 2012-12-03 12:12 - 00000000 ____D () C:\Users\Alfred\Documents\THAILAND
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:06 - 2012-11-01 11:06 - 00877056 ___SH () C:\Users\Alfred\Documents\Thumbs.db
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 18:04 - 2013-09-13 18:21 - 00000000 ____D () C:\Users\Alfred\Documents\AHV
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:35 - 2014-04-14 15:34 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 08:50 - 2014-04-12 12:21 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-13 06:01 - 2009-07-14 06:45 - 02237408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-12 14:32 - 2013-10-30 06:52 - 00000000 ____D () C:\Users\Alfred\Documents\INTERNETSPEEDTESTs
2014-04-12 14:32 - 2012-10-19 03:23 - 00068440 _____ () C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 13:21 - 2012-11-06 15:13 - 00000000 ____D () C:\Users\Alfred\Documents\FINANZEN
2014-04-12 13:19 - 2013-08-30 11:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:15 - 2014-04-12 13:12 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:25 - 2012-11-13 17:37 - 00000000 ____D () C:\Users\Alfred\Documents\iPad
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 08:48 - 2013-01-02 11:23 - 00000000 ____D () C:\Users\Alfred\Documents\iPAD reading
2014-04-12 03:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-12 03:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 02:52 - 2013-10-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-11 21:03 - 2012-10-18 18:18 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-11 21:01 - 2014-04-10 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-11 20:58 - 2013-09-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-11 20:58 - 2012-10-18 16:08 - 00001309 _____ () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 08:01 - 2012-11-08 13:12 - 00082432 ___SH () C:\Users\Alfred\Thumbs.db
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-10 21:06 - 2013-08-04 12:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 20:44 - 2013-04-17 17:33 - 00000000 ____D () C:\Users\Alfred\Documents\PW
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:48 - 2013-10-05 22:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-10 11:27 - 2014-04-10 11:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:27 - 2013-06-25 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:24 - 2012-10-26 08:22 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:02 - 2012-10-25 14:53 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-10 11:02 - 2012-10-25 14:53 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-03 09:51 - 2014-04-21 20:19 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-21 20:19 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-21 20:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:51 - 2012-10-18 17:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 10:20

==================== End Of Log ============================
         
--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-04-2014 01
Ran by Alfred at 2014-04-21 21:00:42
Running from C:\Users\Alfred\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\{8F9B1C8E-F50E-4139-8701-45016021E102}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\{28ADCCAD-3C23-44A1-A93F-47AA176F7AD7}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
aerofly Flug Simulator 2013 (HKLM-x32\...\aerofly Flug Simulator 2013_is1) (Version: 1.0.9.11 - IPACS)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
D4300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Elevated Installer (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{bd9bc494-8cd2-4ae2-92fe-6a3dda9c3ee9}) (Version: 2.2.17 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (HKLM\...\{382300D4-777B-4233-A98C-99EA0F6B881F}) (Version: 13.0 - HP)
HP Imaging Device Functions 14.5 (HKLM\...\HP Imaging Device Functions) (Version: 14.5 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4050 (HKLM\...\{0A9FC1DA-46F7-4305-A4EF-FDCA8D9B1A5A}) (Version: 14.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hpg4050 (x32 Version: 140.000.000.000 - Ihr Firmenname) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{C862EC05-1C15-4327-B15D-C7788D6CFF73}) (Version: 2.1.1 - Brice Lambson)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Motocross Madness 2 (HKLM-x32\...\Motocross Madness 2) (Version:  - )
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Editor 3 (HKLM-x32\...\PDF Editor 3) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.47.714.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Scan (x32 Version: 14.0.1.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steganos Safe 14 (HKLM-x32\...\{13B7FBFB-622E-4002-8570-594798E6167D}) (Version: 14.1 - Steganos Software GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.17271 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Converter (HKCU\...\Video Converter) (Version:  - )
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Win2PDF 7 (HKLM\...\Win2PDF_is1) (Version: 7.0.46 - Dane Prairie Systems, LLC.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM\...\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}) (Version: 28.9.2013.0 - BillP Studios)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

17-04-2014 06:10:55 Geplanter Prüfpunkt
19-04-2014 15:23:58 Removed Safari
19-04-2014 15:37:56 Windows Update
19-04-2014 18:02:00 TuneUp Utilities 2014 wird entfernt
19-04-2014 18:02:29 TuneUp Utilities 2014 (de-DE) wird entfernt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-14 20:29 - 00447822 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	[¹ã³¡ÎèÀÏÆÅ×î´óÇ¡Ç¡,¹ã³¡ÎèÃñ×åÎè,ÔÆÉѹ㳡ÎèÌÒ»¨ÔËÇ¡Ç¡],2014Ê×Ò³
127.0.0.1	032439.com
127.0.0.1	0Scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	Gadgets And More
127.0.0.1	1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {000040EA-D13A-480E-815A-A08C46AE3B6E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {0CCC0779-DB8C-444E-87A0-BEB43185DB23} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1F321B00-B617-46E8-8513-9088F6554D5A} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {1F4C70B3-EBFE-4423-95DC-579F15A4862F} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMNJGMJJHMLJJJGMLMCNHMNJJJMMCNLMPMKJMMCNGMLJOMKMCNMJMMNJMMMJKJGMGMJMKMLMMJJNJICMIMCNHMCNMMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMJMFMOMOMKJIJMIFMPMJNHICMOMOMKJIJMIJNBJCMOLDJJJNIKJLJJNKJCMJNNICMJNDJCMLJKJ"
Task: {23099809-819F-469F-8DB5-3EFD2534E9B4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {332D6A73-4E79-4CA0-9C30-D2655B231956} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {44656418-5D1E-492A-992A-B224072B7A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-20] (Adobe Systems Incorporated)
Task: {5A591FB1-F812-4478-8026-1B7DA49291F5} - System32\Tasks\Run RoboForm Process => C:\Users\Alfred\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe <==== ATTENTION
Task: {72F1B8EC-A588-497D-BC8F-757BD6464D70} - \BitGuard No Task File <==== ATTENTION
Task: {78C9B58F-51F0-40DD-9A04-A27497777A09} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {824BD8CB-B6DD-446F-96BA-FE8507930347} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {95EB926D-69B0-44F2-9D5B-AFF786B57F10} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {C31010AC-5310-4E13-AF62-AD4309F3D4AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CE999383-AEDF-4DEA-A2AF-988A1730AA8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {D126D102-4CB1-4374-A5AE-FEE4D8DA3E78} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2013-10-10] (Abelssoft)
Task: {D7CCB75D-1289-4754-9151-A5D5ECA0BB65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9F4CB9B-2350-4982-9683-4050DC5D0BD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {E6BE1A89-7142-4A29-B4F9-1D52A11FB7CF} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {FFC5DB78-D476-4DD5-AD76-459991BBBD4A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-25 21:50 - 2011-06-07 10:35 - 00074016 _____ () C:\Windows\System32\win2pdfm.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-11-17 15:00 - 2010-11-17 15:00 - 00220672 _____ () C:\Program Files (x86)\Steganos Safe 14\ShellExtension.dll
2013-09-07 14:02 - 2013-10-10 15:06 - 00020608 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2013-07-04 10:18 - 2013-10-10 15:06 - 00017024 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-07-22 10:22 - 2013-07-22 10:22 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
2011-02-24 19:07 - 2011-02-24 19:07 - 00470120 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-11-06 10:23 - 2011-05-26 15:14 - 00685976 _____ () C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
2010-08-11 14:18 - 2010-08-11 14:18 - 00202344 _____ () C:\VXP\VBoxDDU.dll
2010-08-11 14:18 - 2010-08-11 14:18 - 02725480 _____ () C:\VXP\VBoxRT.dll
2009-03-26 22:03 - 2009-03-26 22:03 - 01289728 _____ () C:\VXP\LIBEAY32.dll
2011-02-24 19:05 - 2011-02-24 19:05 - 03518032 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-09-21 08:27 - 2013-07-15 19:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-11-06 10:23 - 2010-04-26 15:30 - 00090112 _____ () C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\FileMapInfoDB.dll
2014-04-19 18:25 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Diesen Hai können Sie vom Büro aus jagen.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Mani Juerg mail 24.5.05. Re_ Swissair - Option 96_2000.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\nico.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Rat vom Experten gegen Schnarchen.eml:OECustomProperty
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2014 08:52:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:12:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 05:43:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "M:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/21/2014 08:09:42 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FreemakeVideoCapture erreicht.

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/20/2014 00:20:08 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.


Microsoft Office Sessions:
=========================
Error: (04/21/2014 08:52:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:12:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 05:43:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup)(User: )
Description: M:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\PROGRAMME downloads DellPCsetups\SoftonicDownloader_for_vlc-media-player.exe

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 8119.05 MB
Available physical RAM: 5974.67 MB
Total Pagefile: 16236.28 MB
Available Pagefile: 13939.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:28.8 GB) NTFS
Drive d: (Daten2) (Fixed) (Total:232.88 GB) (Free:19.74 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:873.91 GB) NTFS
Drive l: (KINGSTON) (Removable) (Total:14.4 GB) (Free:5.47 GB) FAT32
Drive m: (HP SimpleSave) (Fixed) (Total:930.86 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4CD6244)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: D20CD20C)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 932 GB) (Disk ID: 873A0A01)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (Size: 931 GB) (Disk ID: 0002E5E5)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 8 (Size: 14 GB) (Disk ID: 4E6F2201)
Partition 1: (Active) - (Size=14 GB) - (Type=0B)

==================== End Of Log ============================
         
--- --- ---
__________________
Suche nicht das Glueck - lebe es (Buddha)

Alt 21.04.2014, 20:09   #11
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hallo Keckrem,
anbei die neusten First64 und addition logs, Anfrage: was ist "Virustotal" und wie kann ich die Dateien dort hochladen?
Gruss
Alfred
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-04-2014 01
Ran by Alfred (administrator) on DM12REP on 21-04-2014 21:00:08
Running from C:\Users\Alfred\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(ArcSoft, Inc.) C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMLite, Inc.) C:\VXP\VMLiteService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462400 2011-02-12] (Acronis)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe [103424 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe [17408 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [SAFE14 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe [73216 2013-05-16] (Steganos Software GmbH)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: L - L:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {63be18cd-1c39-11e2-87aa-20cf308e5960} - K:\HPLauncher.exe
HKU\S-1-5-21-344976508-2612026722-1020238545-1000\...\MountPoints2: {aa142560-a0e7-11e2-b173-20cf308e5960} - K:\HPLauncher.exe
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E20F8E641ADCD01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-26]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=424CC20045927E4CBDC72C5234910BB4
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Claro Search
CHR DefaultSearchURL: Google
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-30]
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]
CHR Extension: (Freemake Video Downloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-09-14]
CHR Extension: (Google-Suche) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]
CHR Extension: (Online HD TV) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih [2013-06-26]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-09-14]
CHR Extension: (Delta Toolbar) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-09-14]
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-26]
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-26]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-06-26]
CHR Extension: (Lavasoft NewTab) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-09-14]
CHR Extension: (Google Mail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-05-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BackupService; C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-07-22] (Garmin Ltd or its subsidiaries)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 VMLiteService; C:\VXP\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-14] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-21 21:00 - 2014-04-21 21:00 - 00028828 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-21 20:58 - 2014-04-21 20:58 - 02163712 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(2).exe
2014-04-21 20:19 - 2014-04-21 20:19 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-21 20:19 - 2014-04-21 20:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-21 20:19 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-21 20:19 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-21 20:19 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-21 20:18 - 2014-04-21 20:53 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 20:06 - 2014-04-21 20:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Alfred\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-21 18:08 - 2014-04-21 18:08 - 00114528 _____ () C:\Users\Alfred\Desktop\trojaner board. 18.00.txt
2014-04-21 17:47 - 2014-04-21 17:47 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner (2)
2014-04-21 17:40 - 2014-04-21 17:40 - 00000085 _____ () C:\Windows\wininit.ini
2014-04-21 15:34 - 2014-04-21 15:34 - 00000921 _____ () C:\Users\Alfred\Desktop\Gmer.log
2014-04-21 14:56 - 2014-04-21 14:56 - 00000000 ____D () C:\Users\Alfred\Documents\1.RELIGIONEN
2014-04-21 14:46 - 2014-04-21 14:47 - 00380416 _____ () C:\Users\Alfred\Desktop\Gmer-19357.exe
2014-04-21 14:42 - 2014-04-21 20:59 - 02163712 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 14:42 - 2014-04-21 20:59 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 17:23 - 2014-04-21 12:37 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-21 20:50 - 00009578 _____ () C:\Windows\PFRO.log
2014-04-20 05:50 - 2014-04-21 20:50 - 00000392 _____ () C:\Windows\setupact.log
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 19:59 - 2014-04-19 20:00 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:57 - 2014-04-19 19:58 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-17 09:01 - 2010-05-30 07:21 - 06666752 _____ () C:\Users\Alfred\Desktop\1940's.pps
2014-04-16 22:28 - 2014-04-16 22:38 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 22:25 - 2014-04-16 22:45 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 18:05 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:11 - 2014-04-15 18:12 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-15 12:29 - 2011-12-28 22:00 - 22305142 _____ () C:\Users\Alfred\Desktop\TrackIR Explained.mp4
2014-04-14 20:33 - 2014-04-21 19:17 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:06 - 2014-04-20 10:01 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:34 - 2014-04-14 15:35 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 12:30 - 2012-11-05 18:54 - 00001901 _____ () C:\Users\Alfred\Desktop\FAVORITEN - Verknüpfung.lnk
2014-04-13 15:30 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:12 - 2014-04-12 13:15 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:21 - 2014-04-14 08:50 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 03:02 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 03:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 03:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 03:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 03:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 03:01 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 03:01 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 03:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 03:01 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 03:01 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 03:01 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 03:01 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 03:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 03:01 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 03:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 03:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 03:01 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 03:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 03:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 03:01 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 03:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 03:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 03:01 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 03:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 03:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 03:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 03:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 03:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 03:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 03:01 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 03:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 03:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 07:38 - 2014-04-15 20:57 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-11 07:38 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-04-11 07:38 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-04-11 07:38 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-04-11 07:38 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-11 07:10 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-11 07:10 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-11 07:10 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-11 07:10 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-11 07:10 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-11 07:10 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-11 07:10 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-10 21:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:14 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-10 21:14 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-10 21:14 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-10 21:01 - 2014-04-11 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-10 15:49 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-10 15:49 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-10 15:49 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-10 15:49 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-10 15:49 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-10 15:49 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-10 15:49 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:47 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:28 - 2014-04-10 11:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:28 - 2014-04-10 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:16 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 11:15 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 11:15 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 11:15 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 11:15 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 11:15 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 11:15 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 11:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 11:15 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 11:15 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-10 11:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 11:15 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-10 11:15 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-10 11:15 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-10 11:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 11:15 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-10 11:15 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-10 11:15 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-10 11:15 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-10 11:15 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-10 11:15 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-10 11:15 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-10 11:15 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-10 11:15 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-10 11:15 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-10 11:15 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-10 11:15 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-10 11:15 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-10 11:15 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-10 11:15 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-10 11:15 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-10 11:15 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-04-21 21:00 - 2014-04-21 21:00 - 00028828 _____ () C:\Users\Alfred\Desktop\FRST.txt
2014-04-21 21:00 - 2013-07-04 11:42 - 00000000 ____D () C:\FRST
2014-04-21 20:59 - 2014-04-21 14:42 - 02163712 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2014-04-21 20:59 - 2014-04-21 14:42 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion
2014-04-21 20:59 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-21 20:59 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-21 20:58 - 2014-04-21 20:58 - 02163712 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(2).exe
2014-04-21 20:55 - 2012-10-18 15:41 - 02063237 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 20:53 - 2014-04-21 20:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 20:51 - 2012-10-25 14:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-21 20:50 - 2014-04-20 05:50 - 00009578 _____ () C:\Windows\PFRO.log
2014-04-21 20:50 - 2014-04-20 05:50 - 00000392 _____ () C:\Windows\setupact.log
2014-04-21 20:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-21 20:48 - 2013-04-10 04:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-21 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Web
2014-04-21 20:19 - 2014-04-21 20:19 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-21 20:19 - 2014-04-21 20:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-21 20:17 - 2013-06-24 17:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-21 20:07 - 2012-10-25 14:53 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-21 20:06 - 2014-04-21 20:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Alfred\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-21 19:19 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-21 19:19 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-21 19:19 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-21 19:17 - 2014-04-14 20:33 - 00001001 _____ () C:\Users\Alfred\Desktop\D - Verknüpfung.lnk
2014-04-21 18:08 - 2014-04-21 18:08 - 00114528 _____ () C:\Users\Alfred\Desktop\trojaner board. 18.00.txt
2014-04-21 17:47 - 2014-04-21 17:47 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner (2)
2014-04-21 17:40 - 2014-04-21 17:40 - 00000085 _____ () C:\Windows\wininit.ini
2014-04-21 15:34 - 2014-04-21 15:34 - 00000921 _____ () C:\Users\Alfred\Desktop\Gmer.log
2014-04-21 14:56 - 2014-04-21 14:56 - 00000000 ____D () C:\Users\Alfred\Documents\1.RELIGIONEN
2014-04-21 14:47 - 2014-04-21 14:46 - 00380416 _____ () C:\Users\Alfred\Desktop\Gmer-19357.exe
2014-04-21 12:37 - 2014-04-20 17:23 - 00008745 _____ () C:\Users\Alfred\Desktop\PW.per 30.3.2014.txt
2014-04-20 20:51 - 2014-04-20 20:51 - 02056192 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64(1).exe
2014-04-20 20:45 - 2013-04-10 04:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-20 20:45 - 2012-10-22 08:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 20:45 - 2012-10-22 08:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 20:45 - 2012-10-18 18:15 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Adobe
2014-04-20 20:21 - 2012-10-21 15:24 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\vlc
2014-04-20 17:17 - 2014-04-20 17:17 - 00071371 _____ () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1.htm
2014-04-20 17:17 - 2014-04-20 17:17 - 00000000 ____D () C:\Users\Alfred\Downloads\Christentum und Buddhismus Teil 1-Dateien
2014-04-20 13:44 - 2014-04-20 13:44 - 00000000 ____D () C:\Users\Alfred\Desktop\AGODA complaint Pattavia
2014-04-20 13:44 - 2014-04-13 15:30 - 00000000 ____D () C:\Users\Alfred\Documents\AGODA complaint Pattavia
2014-04-20 12:34 - 2014-04-20 12:34 - 00000000 ____D () C:\Users\Alfred\Documents\1.eSATA inventar 20.4.14
2014-04-20 12:34 - 2014-04-16 18:05 - 00000000 ____D () C:\Users\Alfred\Documents\MEDIAMARKT TOSHIBA
2014-04-20 11:44 - 2013-08-28 10:44 - 00000000 ___RD () C:\Users\Alfred\Desktop\PIX
2014-04-20 10:01 - 2014-04-14 18:06 - 00000000 ____D () C:\Users\Alfred\Documents\JENS SCHNEIDER RA
2014-04-20 07:10 - 2014-04-20 07:10 - 00001211 _____ () C:\Users\Alfred\Desktop\AGODA complaint Pattavia - Verknüpfung.lnk
2014-04-20 06:45 - 2013-11-02 14:20 - 00000878 _____ () C:\Users\Alfred\Desktop\PIX D - Verknüpfung.lnk
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 21:34 - 2013-04-14 10:06 - 00000000 ____D () C:\Users\Alfred\Documents\AVIATION pdfs
2014-04-19 21:27 - 2014-04-19 21:27 - 00001463 _____ () C:\Users\Alfred\Desktop\0.0.eSATA INVENTAR BACKUP LOGS - Verknüpfung.lnk
2014-04-19 20:06 - 2013-06-29 12:08 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Free Download Manager
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\TuneUp Software
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 20:00 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-19 20:00 - 2014-04-19 19:59 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-19 19:59 - 2014-04-19 19:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-19 19:58 - 2014-04-19 19:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-04-19 19:58 - 2014-04-19 19:57 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-04-19 18:53 - 2014-04-19 18:53 - 32990152 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeYouTubeDownload_3232327.exe
2014-04-19 18:51 - 2014-04-19 18:51 - 01069776 _____ (Solid State Networks) C:\Users\Alfred\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe
2014-04-19 18:33 - 2012-10-25 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 18:27 - 2014-04-19 18:27 - 00000000 ____D () C:\Users\Alfred\Documents\Alte Firefox-Daten
2014-04-19 18:26 - 2012-10-21 13:48 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Mozilla
2014-04-19 18:25 - 2014-04-19 18:25 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 18:25 - 2013-09-04 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 17:24 - 2013-05-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-04-18 10:16 - 2012-10-26 06:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-18 10:15 - 2012-10-26 06:51 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 09:00 - 2013-08-19 20:48 - 00012288 _____ () C:\Users\Alfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-16 22:45 - 2014-04-16 22:25 - 60211080 _____ () C:\Users\Alfred\Downloads\B738-HaribAIR.zip.download
2014-04-16 22:38 - 2014-04-16 22:28 - 30327999 _____ () C:\Users\Alfred\Downloads\ERJ145-Luxair.zip
2014-04-16 19:07 - 2013-09-29 10:53 - 00176156 _____ () C:\Windows\hphins27.dat
2014-04-16 19:07 - 2012-10-29 15:04 - 00010237 _____ () C:\ProgramData\hpzinstall.log
2014-04-16 08:43 - 2014-04-16 08:43 - 00001094 _____ () C:\Users\Alfred\Desktop\1.Budget2013 neu - Verknüpfung.lnk
2014-04-16 08:42 - 2014-04-16 08:42 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-15 21:00 - 2013-09-21 08:15 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-04-15 20:57 - 2014-04-11 07:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-04-15 20:57 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Azureus
2014-04-15 20:57 - 2012-10-18 16:36 - 00000000 ____D () C:\Windows\Panther
2014-04-15 20:52 - 2014-04-15 20:52 - 03710504 _____ (Piriform Ltd) C:\Users\Alfred\Downloads\ccsetup412_slim.exe
2014-04-15 18:12 - 2014-04-15 18:11 - 00000000 ____D () C:\Users\Alfred\Documents\USB stick braun-schwarz-bup
2014-04-14 18:47 - 2014-04-14 18:47 - 30796712 _____ (Oracle Corporation) C:\Users\Alfred\Downloads\jre-7u51-windows-x64.exe
2014-04-14 18:31 - 2013-07-04 21:26 - 00000000 ____D () C:\Users\Alfred\Documents\trojaner.board.de.4.7.013
2014-04-14 18:25 - 2012-11-01 09:05 - 00000000 ____D () C:\Users\Alfred\Documents\AUTO
2014-04-14 18:24 - 2012-11-16 13:57 - 00000000 ____D () C:\Users\Alfred\Documents\0.AVIATION
2014-04-14 18:17 - 2012-12-03 12:12 - 00000000 ____D () C:\Users\Alfred\Documents\THAILAND
2014-04-14 18:06 - 2014-04-14 18:06 - 00001122 _____ () C:\Users\Alfred\Desktop\JENS SCHNEIDER RA - Verknüpfung.lnk
2014-04-14 18:06 - 2012-11-01 11:06 - 00877056 ___SH () C:\Users\Alfred\Documents\Thumbs.db
2014-04-14 18:04 - 2014-04-14 18:04 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner (2)
2014-04-14 18:04 - 2013-09-13 18:21 - 00000000 ____D () C:\Users\Alfred\Documents\AHV
2014-04-14 15:35 - 2014-04-14 15:35 - 03754042 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 03669425 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml
2014-04-14 15:35 - 2014-04-14 15:35 - 02813491 _____ () C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml
2014-04-14 15:35 - 2014-04-14 15:34 - 00000000 ____D () C:\Users\Alfred\Desktop\feb julian
2014-04-14 08:50 - 2014-04-12 12:21 - 00000000 ____D () C:\Users\Alfred\Documents\STEUERN TOFFEN
2014-04-13 14:20 - 2014-04-13 14:20 - 00525037 _____ () C:\Users\Alfred\Downloads\2014-04-13.zip
2014-04-13 06:01 - 2009-07-14 06:45 - 02237408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-12 14:32 - 2013-10-30 06:52 - 00000000 ____D () C:\Users\Alfred\Documents\INTERNETSPEEDTESTs
2014-04-12 14:32 - 2012-10-19 03:23 - 00068440 _____ () C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 13:21 - 2012-11-06 15:13 - 00000000 ____D () C:\Users\Alfred\Documents\FINANZEN
2014-04-12 13:19 - 2013-08-30 11:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-12 13:17 - 2014-04-12 13:17 - 00000000 ____D () C:\Users\Alfred\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-04-12 13:15 - 2014-04-12 13:12 - 163606685 _____ () C:\Users\Alfred\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-04-12 12:25 - 2012-11-13 17:37 - 00000000 ____D () C:\Users\Alfred\Documents\iPad
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieUserList
2014-04-12 08:51 - 2014-04-12 08:51 - 00000000 __SHD () C:\Users\Alfred\AppData\Local\EmieSiteList
2014-04-12 08:48 - 2013-01-02 11:23 - 00000000 ____D () C:\Users\Alfred\Documents\iPAD reading
2014-04-12 03:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-12 03:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 02:52 - 2013-10-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-11 21:03 - 2012-10-18 18:18 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-11 21:01 - 2014-04-10 21:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-11 21:01 - 2012-10-18 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-11 20:58 - 2013-09-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-11 20:58 - 2012-10-18 16:08 - 00001309 _____ () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-11 11:03 - 2014-04-11 11:03 - 00000000 ____D () C:\Users\Alfred\Documents\Neuer Ordner
2014-04-11 08:01 - 2012-11-08 13:12 - 00082432 ___SH () C:\Users\Alfred\Thumbs.db
2014-04-11 07:37 - 2014-04-11 07:37 - 18277248 _____ (pdfforge ) C:\Users\Alfred\Downloads\PDFCreator-1_7_2_setup.exe
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-10 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-10 21:51 - 2014-04-10 21:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-10 21:51 - 2014-04-10 21:51 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-10 21:51 - 2014-04-10 21:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-10 21:51 - 2014-04-10 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-10 21:51 - 2014-04-10 21:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-10 21:49 - 2014-04-10 21:49 - 00550371 _____ () C:\Users\Alfred\Downloads\Autoruns.zip
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-10 21:31 - 2013-05-26 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-10 21:06 - 2013-08-04 12:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 20:44 - 2013-04-17 17:33 - 00000000 ____D () C:\Users\Alfred\Documents\PW
2014-04-10 11:48 - 2014-04-10 11:48 - 00000000 ____D () C:\Program Files\iPod
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files\iTunes
2014-04-10 11:48 - 2014-04-10 11:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-10 11:48 - 2013-10-05 22:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-10 11:27 - 2014-04-10 11:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 11:27 - 2014-04-10 11:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-10 11:27 - 2013-06-25 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 11:24 - 2012-10-26 08:22 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 11:20 - 2014-04-10 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-10 11:20 - 2014-04-10 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-10 11:02 - 2012-10-25 14:53 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-10 11:02 - 2012-10-25 14:53 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-03 09:51 - 2014-04-21 20:19 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-21 20:19 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-21 20:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:51 - 2012-10-18 17:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 10:20

==================== End Of Log ============================
         
--- --- ---



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-04-2014 01
Ran by Alfred at 2014-04-21 21:00:42
Running from C:\Users\Alfred\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\{8F9B1C8E-F50E-4139-8701-45016021E102}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\{28ADCCAD-3C23-44A1-A93F-47AA176F7AD7}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
aerofly Flug Simulator 2013 (HKLM-x32\...\aerofly Flug Simulator 2013_is1) (Version: 1.0.9.11 - IPACS)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
D4300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Elevated Installer (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{bd9bc494-8cd2-4ae2-92fe-6a3dda9c3ee9}) (Version: 2.2.17 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (HKLM\...\{382300D4-777B-4233-A98C-99EA0F6B881F}) (Version: 13.0 - HP)
HP Imaging Device Functions 14.5 (HKLM\...\HP Imaging Device Functions) (Version: 14.5 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4050 (HKLM\...\{0A9FC1DA-46F7-4305-A4EF-FDCA8D9B1A5A}) (Version: 14.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hpg4050 (x32 Version: 140.000.000.000 - Ihr Firmenname) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{C862EC05-1C15-4327-B15D-C7788D6CFF73}) (Version: 2.1.1 - Brice Lambson)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Motocross Madness 2 (HKLM-x32\...\Motocross Madness 2) (Version:  - )
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Editor 3 (HKLM-x32\...\PDF Editor 3) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.47.714.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Scan (x32 Version: 14.0.1.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steganos Safe 14 (HKLM-x32\...\{13B7FBFB-622E-4002-8570-594798E6167D}) (Version: 14.1 - Steganos Software GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.17271 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Converter (HKCU\...\Video Converter) (Version:  - )
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Win2PDF 7 (HKLM\...\Win2PDF_is1) (Version: 7.0.46 - Dane Prairie Systems, LLC.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM\...\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}) (Version: 28.9.2013.0 - BillP Studios)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

17-04-2014 06:10:55 Geplanter Prüfpunkt
19-04-2014 15:23:58 Removed Safari
19-04-2014 15:37:56 Windows Update
19-04-2014 18:02:00 TuneUp Utilities 2014 wird entfernt
19-04-2014 18:02:29 TuneUp Utilities 2014 (de-DE) wird entfernt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-14 20:29 - 00447822 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	[¹ã³¡ÎèÀÏÆÅ×î´óÇ¡Ç¡,¹ã³¡ÎèÃñ×åÎè,ÔÆÉѹ㳡ÎèÌÒ»¨ÔËÇ¡Ç¡],2014Ê×Ò³
127.0.0.1	032439.com
127.0.0.1	0Scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	Gadgets And More
127.0.0.1	1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {000040EA-D13A-480E-815A-A08C46AE3B6E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {0CCC0779-DB8C-444E-87A0-BEB43185DB23} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1F321B00-B617-46E8-8513-9088F6554D5A} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {1F4C70B3-EBFE-4423-95DC-579F15A4862F} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMNJGMJJHMLJJJGMLMCNHMNJJJMMCNLMPMKJMMCNGMLJOMKMCNMJMMNJMMMJKJGMGMJMKMLMMJJNJICMIMCNHMCNMMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMJMFMOMOMKJIJMIFMPMJNHICMOMOMKJIJMIJNBJCMOLDJJJNIKJLJJNKJCMJNNICMJNDJCMLJKJ"
Task: {23099809-819F-469F-8DB5-3EFD2534E9B4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {332D6A73-4E79-4CA0-9C30-D2655B231956} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {44656418-5D1E-492A-992A-B224072B7A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-20] (Adobe Systems Incorporated)
Task: {5A591FB1-F812-4478-8026-1B7DA49291F5} - System32\Tasks\Run RoboForm Process => C:\Users\Alfred\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe <==== ATTENTION
Task: {72F1B8EC-A588-497D-BC8F-757BD6464D70} - \BitGuard No Task File <==== ATTENTION
Task: {78C9B58F-51F0-40DD-9A04-A27497777A09} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {824BD8CB-B6DD-446F-96BA-FE8507930347} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {95EB926D-69B0-44F2-9D5B-AFF786B57F10} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {C31010AC-5310-4E13-AF62-AD4309F3D4AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CE999383-AEDF-4DEA-A2AF-988A1730AA8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {D126D102-4CB1-4374-A5AE-FEE4D8DA3E78} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2013-10-10] (Abelssoft)
Task: {D7CCB75D-1289-4754-9151-A5D5ECA0BB65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9F4CB9B-2350-4982-9683-4050DC5D0BD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {E6BE1A89-7142-4A29-B4F9-1D52A11FB7CF} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {FFC5DB78-D476-4DD5-AD76-459991BBBD4A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-25 21:50 - 2011-06-07 10:35 - 00074016 _____ () C:\Windows\System32\win2pdfm.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-11-17 15:00 - 2010-11-17 15:00 - 00220672 _____ () C:\Program Files (x86)\Steganos Safe 14\ShellExtension.dll
2013-09-07 14:02 - 2013-10-10 15:06 - 00020608 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2013-07-04 10:18 - 2013-10-10 15:06 - 00017024 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-07-22 10:22 - 2013-07-22 10:22 - 00009728 _____ () C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
2011-02-24 19:07 - 2011-02-24 19:07 - 00470120 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-11-06 10:23 - 2011-05-26 15:14 - 00685976 _____ () C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
2010-08-11 14:18 - 2010-08-11 14:18 - 00202344 _____ () C:\VXP\VBoxDDU.dll
2010-08-11 14:18 - 2010-08-11 14:18 - 02725480 _____ () C:\VXP\VBoxRT.dll
2009-03-26 22:03 - 2009-03-26 22:03 - 01289728 _____ () C:\VXP\LIBEAY32.dll
2011-02-24 19:05 - 2011-02-24 19:05 - 03518032 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-09-21 08:27 - 2013-07-15 19:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-11-06 10:23 - 2010-04-26 15:30 - 00090112 _____ () C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\FileMapInfoDB.dll
2014-04-19 18:25 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0523.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0543.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\- Alfred Gruetzner (a_gruetzner@yahoo.de) - 2014-02-23 0552.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Diesen Hai können Sie vom Büro aus jagen.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Mani Juerg mail 24.5.05. Re_ Swissair - Option 96_2000.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\nico.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alfred\Documents\Rat vom Experten gegen Schnarchen.eml:OECustomProperty
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2014 08:52:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:12:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 05:43:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "M:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/21/2014 08:09:42 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/21/2014 08:58:34 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FreemakeVideoCapture erreicht.

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/20/2014 04:54:28 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/20/2014 00:20:08 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/19/2014 06:33:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/19/2014 05:28:19 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.


Microsoft Office Sessions:
=========================
Error: (04/21/2014 08:52:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:12:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 05:43:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2014 08:59:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 07:00:02 PM) (Source: Windows Backup)(User: )
Description: M:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (04/20/2014 04:54:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 00:30:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\PROGRAMME downloads DellPCsetups\SoftonicDownloader_for_vlc-media-player.exe

Error: (04/20/2014 00:24:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 05:51:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:34:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 8119.05 MB
Available physical RAM: 5974.67 MB
Total Pagefile: 16236.28 MB
Available Pagefile: 13939.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:28.8 GB) NTFS
Drive d: (Daten2) (Fixed) (Total:232.88 GB) (Free:19.74 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:873.91 GB) NTFS
Drive l: (KINGSTON) (Removable) (Total:14.4 GB) (Free:5.47 GB) FAT32
Drive m: (HP SimpleSave) (Fixed) (Total:930.86 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4CD6244)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: D20CD20C)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 932 GB) (Disk ID: 873A0A01)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (Size: 931 GB) (Disk ID: 0002E5E5)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 8 (Size: 14 GB) (Disk ID: 4E6F2201)
Partition 1: (Active) - (Size=14 GB) - (Type=0B)

==================== End Of Log ============================
         
--- --- ---
__________________
Suche nicht das Glueck - lebe es (Buddha)

Alt 21.04.2014, 20:12   #12
Keckrem
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Hi,

du hast doppelt gepostet und das MBAM Log fehlt.

Virustotal - Free Online Scan

Da auf "Wählen Sie eine" und dann in das Verzeichnis der oben genannten Dateien navigieren, ich weiß aber jetzt schon was rauskommt.

Alt 21.04.2014, 20:24   #13
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



oh, sorry wegen dem MBAM log, hier ist es. Wieder doppelt gepostet? es heisst da oben in einer Zeile immer, ich könne erst nach 40 Sekunden die Antwort schicken und dann habe ich nach 40 Sekunden dies auch getan. Ergibt das dann eine Doppelantwort, wenn ich dann nochmals auf "antworten" klicke?

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 21.04.2014
Suchlauf-Zeit: 20:45:55
Logdatei: antimalware log.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.21.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Alfred

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 263415
Verstrichene Zeit: 22 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [ce321be59b6519e75c9854f8ed1549b7],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 3
PUP.Optional.OpenCandy, C:\Users\Alfred\AppData\Roaming\OpenCandy, In Quarantäne, [42be59a7e9178f71614f6af5719107f9],
PUP.Optional.OpenCandy, C:\Users\Alfred\AppData\Roaming\OpenCandy\62D2977A561B44E5915D780FF9C6716D, In Quarantäne, [42be59a7e9178f71614f6af5719107f9],
PUP.Optional.OpenCandy, C:\Users\Alfred\AppData\Roaming\OpenCandy\D35AF99242CA4F7EB05B589D0221C010, In Quarantäne, [42be59a7e9178f71614f6af5719107f9],

Dateien: 10
PUP.Optional.Conduit.A, C:\Users\Alfred\AppData\Roaming\OpenCandy\62D2977A561B44E5915D780FF9C6716D\sp-downloader.exe, In Quarantäne, [30d0ea16d0304cb4cade27f0b24f25db],
PUP.Optional.SearchProtect.A, C:\Users\Alfred\AppData\Local\Temp\nshB87B.exe, In Quarantäne, [689888787e82c33db4c9c064de23fd03],
PUP.Optional.SearchProtect.A, C:\Users\Alfred\AppData\Local\Temp\nshE105.exe, In Quarantäne, [b947f01059a71fe1f8854fd5be434db3],
PUP.Optional.SearchProtect.A, C:\Users\Alfred\AppData\Local\Temp\nshE460.exe, In Quarantäne, [3cc4c83840c06799017cf1331ce5c040],
PUP.Optional.SearchProtect.A, C:\Users\Alfred\AppData\Local\Temp\nswBC33.exe, In Quarantäne, [42bebd43a35dd828196465bfdb26cd33],
PUP.Optional.SearchProtect.A, C:\Users\Alfred\AppData\Local\Temp\nsy6250.exe, In Quarantäne, [ae52cc34d42c5aa63b423be9d42dee12],
PUP.Optional.Conduit.A, C:\Users\Alfred\AppData\Local\Temp\nsw57A5\SpSetup.exe, In Quarantäne, [ad535ca4fa069769f67678a116eb4db3],
PUP.Optional.Conduit.A, C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\f9e1lb4p.default-1397924871496\searchplugins\conduit-search.xml, In Quarantäne, [c7395ba5a65ac040f2e7caaa659d639d],
PUP.Optional.DiamonData.A, C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\3nxitfyj.default\extensions\firefox@diamondata.net.xpi, In Quarantäne, [52ae10f019e7b84810d6462ecc3612ee],
PUP.Optional.OpenCandy, C:\Users\Alfred\AppData\Roaming\OpenCandy\D35AF99242CA4F7EB05B589D0221C010\Trial-14.0.1000.89_de-DE_1004743_CH-DE-1.exe, In Quarantäne, [42be59a7e9178f71614f6af5719107f9],

Physische Sektoren: 0
(No malicious items detected)


(end)
__________________
Suche nicht das Glueck - lebe es (Buddha)

Alt 21.04.2014, 20:27   #14
Keckrem
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Zitat:
Ergibt das dann eine Doppelantwort, wenn ich dann nochmals auf "antworten" klicke
Sieht so aus...

Ich warte noch auf die Auswertung der Dateien, Link dahin dann bitte posten.

Alt 21.04.2014, 21:10   #15
ikarus2557
 
Kann Youtube videos nicht abspielen - Standard

Kann Youtube videos nicht abspielen



Keckrem, hier die links zur ersten Datei
C:\Program Files\Unlocker\UnlockerDriver5.sys

1.analyse
https://www.virustotal.com/de/file/ca7176fc219515d58dcfa66ec61880ece5617275c9b83701bb74d8b60e733d34/analysis/
2.reanalyse
https://www.virustotal.com/de/file/ca7176fc219515d58dcfa66ec61880ece5617275c9b83701bb74d8b60e733d34/analysis/1398110566/

die zweite Datei ist unauffindbar! (obwohl ich den versteckten ordner AppData gefunden habe)
C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys

Nun danke ich Dir noch einmal für Deine supersuper Hilfe. Es ist kaum zu glauben, wie gut dieses Trojanerboard funktioniert! Wie kann ich Dir persönlich eine Spende zugute kommen lassen?
Treffen wir uns morgen wieder?.

Gruss Alfred
__________________
Suche nicht das Glueck - lebe es (Buddha)

Antwort

Themen zu Kann Youtube videos nicht abspielen
abspielen, beiträge, conduit-search, conduit-search entfernen, erschein, erscheint, fehlercode 0x81000006, fehlercode windows, ich kann youtube videos nicht abspielen, ipad kann youtube videos nicht abspielen, kann youtube video nicht abspielen, kann youtube videos nicht abspielen, kann youtube videos nicht abspielen mac, kann youtube videos nicht abspielen windows 7, möglichkeit, programme, programmen, pup.optional.browsefox.a, pup.optional.conduit.a, pup.optional.diamondata.a, pup.optional.opencandy, pup.optional.searchprotect.a, schwarze, youtube kann manche videos nicht abspielen, youtube kann videos nicht abspielen gema



Ähnliche Themen: Kann Youtube videos nicht abspielen


  1. Kann keine Videos mehr in Firefox abspielen, Systemauslastung hoch
    Log-Analyse und Auswertung - 27.11.2015 (23)
  2. Windows 8: Absturz beim Abspielen von Videos im Internet
    Plagegeister aller Art und deren Bekämpfung - 05.10.2015 (9)
  3. Virus oder Trojaner? Webseitenaufrufe sehr langsam-Sound defekt-Youtube Videos funkt. nicht-nicht gewöhnlich
    Plagegeister aller Art und deren Bekämpfung - 29.01.2015 (11)
  4. Laptop extrem langsam, steckt, kann videos nicht abspielen
    Plagegeister aller Art und deren Bekämpfung - 26.01.2015 (5)
  5. Win 8. Youtube Videos nicht abspielbar (seiten ladefehler auf allen browsern)
    Netzwerk und Hardware - 30.07.2014 (8)
  6. kann keine videostreamings, spielfilme, youtube etc. nicht mehr abspielen. dauer-gebremstes system unter win 7
    Alles rund um Windows - 12.05.2014 (40)
  7. Internet funktioniert nach Youtube Videos nicht mehr.
    Alles rund um Windows - 18.10.2013 (0)
  8. Langsame Browser & Youtube-Videos laden nicht ?
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (16)
  9. Bei Abspielen von Videos - lautes Störgeräusch, PC reagiert nicht, nach >1Min. wieder normal
    Plagegeister aller Art und deren Bekämpfung - 15.03.2013 (10)
  10. Problem Videos gehen nicht mehr bei Youtube !!!
    Alles rund um Windows - 02.12.2009 (103)
  11. Videos gehen bei Youtube nicht mehr
    Alles rund um Windows - 08.11.2009 (0)
  12. Ich kann bei Youtube keine Videos mehr suchen
    Plagegeister aller Art und deren Bekämpfung - 17.05.2009 (5)
  13. Kann keine Dateien/Programme mehr downloaden & keine Videos abspielen
    Alles rund um Windows - 14.06.2008 (12)
  14. cpu ausgelastet 100% besonders bei abspielen von videos im wmp- VIRUS???
    Log-Analyse und Auswertung - 24.01.2008 (1)
  15. Hohe CPU beim abspielen von Videos
    Alles rund um Windows - 03.07.2007 (9)
  16. Problem beim Abspielen von Videos
    Alles rund um Windows - 06.04.2007 (3)

Zum Thema Kann Youtube videos nicht abspielen - Auf meinem win7 64 PC erscheint bloss eine schwarze Fläche, wenn ich die aufgelisteten Youtube Beiträge anklicke. Es besteht keine Möglichkeit, sie zum Abspielen zu bewegen. Alle heruntergeladenen Videos hingegen - Kann Youtube videos nicht abspielen...
Archiv
Du betrachtest: Kann Youtube videos nicht abspielen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.