jamestown | 11.09.2013 12:46 | Hallo Schrauber,
vielen Dank für Deine Nachricht.
Die # auf dem Editor habe ich nicht gefunden. Ich hoffe, die beiden Dateien helfen weiter.
Viele Grüße
JoeFRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-09-2013
Ran by jls at 2013-09-11 13:19:24
Running from C:\Users\jls\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DHV79V1S
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
32 Bit HP CIO Components Installer (Version: 1.0.0)
7-Zip 9.20
Acer Arcade Deluxe (Version: 1.1.4107)
Acer Crystal Eye webcam (Version: 5.7.28.500-1.0)
Acer eAudio Management (Version: 2.5.4012)
Acer eDataSecurity Management (Version: 2.5.4241)
Acer eLock Management (Version: 2.5.4008)
Acer Empowering Technology (Version: 2.5.4008)
Acer eNet Management (Version: 2.6.4008)
Acer ePower Management (Version: 2.5.4017)
Acer ePresentation Management (Version: 2.5.4002)
Acer eSettings Management (Version: 2.5.4011)
Acer GridVista (Version: 2.68.622)
Acer Mobility Center Plug-In (Version: 1.0.3003)
Acer Tour (Version: 2.0.1003)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
ActiveTrader 4.3.27_b2
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.5)
Adobe Acrobat 9.5.5 - CPSID_83708
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Creative Suite 4 Master Collection (Version: 4.0)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Drive CS4 (Version: 1)
Adobe Encore CS4 Codecs (Version: 4)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Fonts All (Version: 2.0)
Adobe InDesign CS4 (Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0)
Adobe InDesign CS4 Common Base Files (Version: 6.0)
Adobe InDesign CS4 Icon Handler (Version: 6.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 1.8)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Premiere Pro CS4 Third Party Content (Version: 4)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe SGM CS4 (Version: 3.0)
Adobe SING CS4 (Version: 2.0)
Adobe Soundbooth CS4 Codecs (Version: 2)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
AIO_Scan (Version: 90.0.222.000)
AirPlus G (Version: )
AllDup 3.4.0 (Version: 3.4.0)
ALPS Touch Pad Driver
Ashampoo Burning Studio 6 FREE (Version: 6.7.5)
Ashampoo GetBack Photo v.1.0.1 (Version: 1.0.1)
Autoruns
avast! Free Antivirus (Version: 8.0.1489.0)
Broadcom Gigabit Integrated Controller (Version: 10.15.10)
BufferChm (Version: 90.0.146.000)
Conduit Engine (Version: 6.3.3.3)
Connect (Version: 1.0.0.1)
Copy (Version: 90.0.146.000)
DATA BECKER eBay SuperBuyer
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 90.0.205.000)
DeviceManagementQFolder (Version: 1.00.0000)
DJ_AIO_ProductContext (Version: 90.0.236.000)
DJ_AIO_Software (Version: 90.0.222.000)
DJ_AIO_Software_min (Version: 90.0.222.000)
eSupportQFolder (Version: 1.00.0000)
F4100 (Version: 90.0.222.000)
F4100_doccd (Version: 90.0.222.000)
F4100_Help (Version: 90.0.222.000)
File Type Assistant (Version: 2013.4.8.0)
Final Media Player 2012 (Version: 2012.10.9.0)
fmp AQUISA 3.00 - Visual Basic Modul
GTS (Version: 1.00.17)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Deskjet All-In-One Software 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Smart Web Printing (Version: 2.15.7.0)
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 4.000.012.001)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 2.2.0.0000)
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.0.2.4)
KONZ 2012 (Version: 1.00.0000)
kuler (Version: 2.0)
Launch Manager
LightScribe 1.4.142.1 (Version: 1.4.142.1)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Markets pro Trading Plattform Client Live (Version: 5.0.0.0)
Media Center-Wecker (Version: 1.1.0213.1)
Medion Usb Speaker Phone 1.00.27
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0822)
Mozilla Firefox 23.0 (x86 de) (Version: 23.0)
Mozilla Maintenance Service (Version: 23.0)
Mozilla Thunderbird 15.0.1 (x86 de) (Version: 15.0.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTI Backup NOW! 4.7 (Version: 1.00.0000)
NTI CD & DVD-Maker (Version: 7)
OpenOffice.org 3.3 (Version: 3.3.9567)
PDF Settings CS4 (Version: 9.0)
PDF24 Creator 4.9.0
Photoshop Camera Raw (Version: 5.0)
PowerProducer 3.72 (Version: 074117(3.7)_Vista_Acer)
PSSWCORE (Version: 2.01.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5404)
Scan (Version: 9.0.0.0)
SD-Reisekosten 2010 Testversion für 5 Reisenden
Serif PhotoPlus X2 (Version: 12.0.3.013)
Servicepack Datumsaktualisierung (Version: 1.00.00.0005)
Skype™ 6.3 (Version: 6.3.105)
Softonic_Deutsch Toolbar (Version: )
SolutionCenter (Version: 90.0.146.000)
Status (Version: 90.0.146.000)
Suite Shared Configuration CS4 (Version: 1.0)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 90.0.146.000)
UnloadSupport (Version: 9.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VideoToolkit01 (Version: 90.0.146.000)
WebReg (Version: 90.0.146.000)
Windows Live ID-Anmelde-Assistent (Version: 6.500.3165.0)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WISO Sparbuch 2008 (Version: 15.00.0000)
WISO Sparbuch 2009 (Version: 16.00.6228)
WISO Sparbuch 2010 (Version: 17.00.6531)
WISO Steuer-Sparbuch 2011 (Version: 18.00.6928)
WISO Steuer-Sparbuch 2012 (Version: 19.00.7303)
WISO Steuer-Sparbuch 2013 (Version: 20.00.8137)
==================== Restore Points =========================
10-09-2013 05:40:16 Geplanter Prüfpunkt
11-09-2013 06:05:02 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {103230AF-0790-4B4A-B874-9E182F00B3C9} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3381248993-2739923212-3182543308-1002 => C:\Windows\System32\portabledeviceapi.dll [2009-10-01] (Microsoft Corporation)
Task: {175C1931-10D5-451B-B7CE-E6308DB81E9E} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {1A74CF79-9D7F-449D-893E-5B306D4BBE81} - \{22116563-108C-42c0-A7CE-60161B75E508} No Task File
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {22E6EF42-4C7E-443A-8FC5-CA4358E9FF6F} - System32\Tasks\Microsoft\Windows\WindowsBackup\CheckFull => C:\Windows\System32\sdclt.exe [2010-12-14] (Microsoft Corporation)
Task: {2E0BE346-E8FC-4DD7-84F2-0E9804DFAFF5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation)
Task: {30136356-535A-4D9B-8FF4-EB39BC9D90B9} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4F23AF34-BCB2-469B-90B2-A4FB7AC251A2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2008-01-19] (Microsoft Corporation)
Task: {511932F0-E43C-4DA6-A8C1-456BD2E33D0F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {57523B5E-25BA-4132-97EB-BFC002E4808C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-11] (Adobe Systems Incorporated)
Task: {5FBD73BC-85E7-4E7D-8341-D08FFBD79A73} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {700D097B-F778-4F63-B79E-866E4647400C} - System32\Tasks\User_Feed_Synchronization-{8505C661-65B6-4D78-B60C-A7B5E1870FDC} => C:\Windows\system32\msfeedssync.exe [2011-04-08] (Microsoft Corporation)
Task: {8414F507-591D-4BF5-B88C-D80D4FD49B1C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - jls => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {84D09846-6778-4DA7-B2D9-1B1B44CD1070} - \{62C40AA6-4406-467a-A5A5-DFDF1B559B7A} No Task File
Task: {8D2DD62C-1CED-464F-8C05-0AC14CC420E3} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files\File Type Assistant\tsasetup.exe [2013-04-08] ( )
Task: {9F0A5BFA-2D5B-4F0F-BF29-CDAB1626785C} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\System32\sdclt.exe [2010-12-14] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation)
Task: {AC7E4190-A957-4400-8B8E-5418C7AF0961} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-19] (Microsoft Corp.)
Task: {B3A77FE3-7F5A-4A8A-A412-8239ACA10A88} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2013-03-25] (Bitberry Software)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {F45F4B0E-978A-417E-8757-CF959DE576F0} - System32\Tasks\ProgramUpdateCheck => C:\Program Files\File Type Assistant\TSAssist.exe [2013-04-08] (Trusted Software ApS)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Final Media Player Update Checker.job => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
Task: C:\Windows\Tasks\vtigerCRM Email Reminder.job => ?
Task: C:\Windows\Tasks\vtigerCRM Notification Scheduler.job => ?
Task: C:\Windows\Tasks\vtigerCRM Recurring Invoice.job => ?
Task: C:\Windows\Tasks\vtigerCRM WorkFlow.job => ?
==================== Loaded Modules (whitelisted) =============
2007-02-12 16:02 - 2007-02-12 16:02 - 00094208 _____ (HiTRUST Inc.) C:\Windows\system32\MsnChatHook.dll
2007-04-25 16:30 - 2007-04-25 16:30 - 00063488 _____ () C:\Windows\system32\ShowErrMsg.dll
2007-04-25 16:30 - 2007-04-25 16:30 - 00286720 _____ (HiTRUST) C:\Windows\system32\sysenv.dll
2007-04-25 16:31 - 2007-04-25 16:31 - 00028672 _____ () C:\Windows\system32\BatchCrypto.dll
2006-11-29 21:30 - 2006-11-29 21:30 - 00401408 _____ (HiTRUST) C:\Windows\system32\CryptoAPI.dll
2007-03-17 05:19 - 2007-03-17 05:19 - 00237568 _____ (HiTRSUT) C:\Windows\system32\keyManager.dll
2008-02-11 19:52 - 2008-02-11 19:52 - 00192512 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2007-08-20 18:07 - 2007-04-24 12:49 - 00045056 _____ ( ) C:\Windows\PLFSet.dll
2007-04-25 16:31 - 2007-04-25 16:31 - 00122880 _____ (HiTRUST) C:\Windows\system32\ADMIN_CLASS_LIB.dll
2007-04-25 16:30 - 2007-04-25 16:30 - 00121344 _____ (HiTRUST) C:\Windows\system32\PSDUtil.dll
2007-07-24 19:26 - 2007-03-26 22:25 - 00008192 ____H (CyberLink) C:\Acer\Empowering Technology\eAudio\Lang.dll
2007-07-24 19:26 - 2007-02-14 16:31 - 00084776 ____H (Realtek Semiconductor) C:\Acer\Empowering Technology\eAudio\AcrRtAud.dll
2007-07-24 18:00 - 2006-10-18 14:30 - 00100354 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL
2013-06-28 09:17 - 2009-02-27 16:39 - 00019968 ____C () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
2013-06-28 09:17 - 2009-02-27 16:32 - 00020480 ____C () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
2010-04-15 09:41 - 2010-01-21 17:05 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2011-01-17 16:19 - 2011-05-27 11:10 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2006-04-11 16:30 - 2006-04-11 16:30 - 00761909 _____ (b.i.s. AG) C:\Program Files\GTS\Trans.dll
2009-09-17 08:16 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2013-03-04 13:29 - 2010-06-22 17:09 - 05712336 ____R (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\Flash10h.ocx
2008-07-01 21:07 - 2008-01-19 09:33 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2009-09-17 08:16 - 2009-04-11 08:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\kswdmcap.ax
2005-06-27 17:24 - 2005-06-27 17:24 - 00184392 _____ (VM) C:\Windows\system32\VM31bPrp.Ax
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\ProgramData\TEMP:0105A66F
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: D:\Temp\nsemail-1.eml:OECustomProperty
AlternateDataStreams: D:\Temp\nsemail-2.eml:OECustomProperty
AlternateDataStreams: D:\Temp\nsemail-3.eml:OECustomProperty
AlternateDataStreams: D:\Temp\nsemail.eml:OECustomProperty
AlternateDataStreams: C:\Users\jls\Documents\Ihre Avira Lizenz.eml:OECustomProperty
==================== Faulty Device Manager Devices =============
Name: Acer CrystalEye webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Xerox WorkCentre Pro Scanner
Description: Xerox WorkCentre Pro Scanner
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Xerox
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/11/2013 01:19:33 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung GTS.exe, Version 5.10.11.4, Zeitstempel 0x50f94abb, fehlerhaftes Modul KERNEL32.dll, Version 6.0.6002.18449, Zeitstempel 0x4da47967, Ausnahmecode 0xc0000005, Fehleroffset 0x000bfea5,
Prozess-ID 0x1640, Anwendungsstartzeit GTS.exe0.
Error: (09/11/2013 11:23:25 AM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8
Error: (09/11/2013 11:23:25 AM) (Source: LoadPerf) (User: )
Description: Performance16
Error: (09/11/2013 11:23:25 AM) (Source: LoadPerf) (User: )
Description: Performance16
Error: (09/11/2013 08:05:11 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (09/10/2013 07:40:52 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (09/08/2013 01:11:55 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8
Error: (09/08/2013 01:11:55 PM) (Source: LoadPerf) (User: )
Description: Performance16
Error: (09/08/2013 01:11:55 PM) (Source: LoadPerf) (User: )
Description: Performance16
Error: (08/15/2013 11:42:24 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8
System errors:
=============
Error: (09/11/2013 01:20:17 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:15 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:15 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:15 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:15 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:14 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:13 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:12 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:10 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (09/11/2013 01:20:10 PM) (Source: Service Control Manager) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Microsoft Office Sessions:
=========================
Error: (09/11/2013 01:19:33 PM) (Source: Application Error)(User: )
Description: GTS.exe5.10.11.450f94abbKERNEL32.dll6.0.6002.184494da47967c0000005000bfea5164001ceaed06a97998b
Error: (09/11/2013 11:23:25 AM) (Source: LoadPerf)(User: )
Description: WmiApRplWmiApRpl8
Error: (09/11/2013 11:23:25 AM) (Source: LoadPerf)(User: )
Description: Performance16
Error: (09/11/2013 11:23:25 AM) (Source: LoadPerf)(User: )
Description: Performance16
Error: (09/11/2013 08:05:11 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (09/10/2013 07:40:52 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (09/08/2013 01:11:55 PM) (Source: LoadPerf)(User: )
Description: WmiApRplWmiApRpl8
Error: (09/08/2013 01:11:55 PM) (Source: LoadPerf)(User: )
Description: Performance16
Error: (09/08/2013 01:11:55 PM) (Source: LoadPerf)(User: )
Description: Performance16
Error: (08/15/2013 11:42:24 PM) (Source: LoadPerf)(User: )
Description: WmiApRplWmiApRpl8
CodeIntegrity Errors:
===================================
Date: 2013-09-11 13:18:26.660
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-11 13:18:26.317
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-11 13:18:25.942
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-11 13:18:25.521
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-10 17:07:58.416
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-10 17:07:58.088
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-10 17:07:57.761
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-10 17:07:57.418
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-10 17:07:57.059
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-10 17:07:56.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 67%
Total physical RAM: 3061.38 MB
Available physical RAM: 993.9 MB
Total Pagefile: 6333.02 MB
Available Pagefile: 4179.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.96 MB
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013
Ran by jls (administrator) on JLS-PC on 11-09-2013 13:17:06
Running from C:\Users\jls\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DHV79V1S
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Acer\ALaunch\ALaunchSvc.exe
(HiTRSUT) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Apache Software Foundation) C:\Program Files\vtigercrm-5.1.0\apache\bin\Apache.exe
() C:\Program Files\vtigercrm-5.1.0\mysql\bin\mysqld-nt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(Apache Software Foundation) C:\Program Files\vtigercrm-5.1.0\apache\bin\Apache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(HiTRUST) C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
(CyberLink) C:\Acer\Empowering Technology\eAudio\eAudio.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Realtek Semiconductor Corp.) C:\Users\ADMINI~1\AppData\Local\Temp\RtkBtMnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(HiTRUST) C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
(CyberLink) C:\Acer\Empowering Technology\eAudio\eAudio.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Realtek Semiconductor Corp.) D:\Temp\RtkBtMnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
() C:\Program Files\GTS\GTS.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPNSCFG.exe
(Microsoft Corporation) C:\Windows\system32\WerCon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [WarReg_PopUp] - C:\Acer\WR_PopUp\WarReg_PopUp.exe [57344 2006-11-05] (Acer Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4435968 2007-04-23] (Realtek Semiconductor)
HKLM\...\Run: [PLFSet] - rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
HKLM\...\Run: [osCheck] - "C:\Program Files\Norton Internet Security\osCheck.exe"
HKLM\...\Run: [IS CfgWiz] - "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [eDataSecurity Loader] - C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [457216 2007-04-25] (HiTRUST)
HKLM\...\Run: [eAudio] - C:\Acer\Empowering Technology\eAudio\eAudio.exe [1286144 2007-06-11] (CyberLink)
HKLM\...\Run: [ccApp] - "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [159744 2006-11-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeCS4ServiceManager] - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-01-14] (Google Inc.)
HKCU\...\Run: [MsnMsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18672232 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [FDPRO-501] - C:\Program Files\Fighters\FighterLauncher.exe FDPRO
HKCU\...\Policies\Explorer: []
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\RunOnce: [AcerScrSav] -
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\RunOnce: [AcerScrSav] -
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Updater.lnk
ShortcutTarget: Google Updater.lnk -> C:\Program Files\Google\Google Updater\GoogleUpdater.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> F:\Program Files\WISO\Steuersoftware 2013\mshaktuell.exe (No File)
Startup: C:\Users\jls\AppData\Local\Windows\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60347
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: Softonic Deutsch Toolbar - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
URLSearchHook: (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - No File
SearchScopes: HKLM - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=14466&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=FT&apn_dtid=OSJ000&apn_uid=2C74C9D5-9CA1-4704-BA2A-5474FC76EBE5&apn_sauid=15F7AAEA-8827-43A7-9775-56F068565799
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60347
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (HiTRUST)
Toolbar: HKLM - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU -Softonic Deutsch Toolbar - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU -No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKCU -No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\jls\AppData\Roaming\Mozilla\Firefox\Profiles\g5wuxmcx.default
FF user.js: detected! => C:\Users\jls\AppData\Roaming\Mozilla\Firefox\Profiles\g5wuxmcx.default\user.js
FF DefaultSearchEngine: Amazon
FF Homepage: hxxp://mail.google.com/mail/u/0/#inbox
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @sun.com/npsopluginmi;version=1.0 - C:\Program Files\OpenOffice.org 3\program ()
FF SearchPlugin: C:\Users\jls\AppData\Roaming\Mozilla\Firefox\Profiles\g5wuxmcx.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\jls\AppData\Roaming\Mozilla\Firefox\Profiles\g5wuxmcx.default\searchplugins\conduit.xml
FF Extension: Ghostery - C:\Users\jls\AppData\Roaming\Mozilla\Firefox\Profiles\g5wuxmcx.default\Extensions\firefox@ghostery.com
FF Extension: No Name - C:\Users\jls\AppData\Roaming\Mozilla\Firefox\Profiles\g5wuxmcx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] C:\Users\jls\AppData\Roaming\10006
FF Extension: Java String Helper - C:\Users\jls\AppData\Roaming\10006
========================== Services (Whitelisted) =================
R2 ALaunchService; C:\Acer\ALaunch\ALaunchSvc.exe [50688 2007-01-26] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [457512 2007-04-25] (HiTRSUT)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-04-23] (Acer Inc.)
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [135168 2007-06-13] (Acer Inc.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248 2007-07-03] (Acer Inc.)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-06-28] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [107008 2006-11-24] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-19] ()
R2 vtigercrmApache510; C:\Program Files\vtigercrm-5.1.0\apache\bin\Apache.exe [20541 2009-05-08] (Apache Software Foundation)
R2 vtigercrmMysql510; C:\Program Files\vtigercrm-5.1.0\mysql\my.ini [2979 2010-09-24] ()
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [x]
S3 nosGetPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper_3004.dll [x]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-28] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R1 DritekPortIO; C:\PROGRA~1\LAUNCH~1\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [67584 2007-04-11] (ENE Technology Inc.)
R3 ESDCR; C:\Windows\System32\DRIVERS\ESD7SK.sys [46592 2007-06-21] (ENE Technology Inc.)
R3 ESMCR; C:\Windows\System32\DRIVERS\ESM7SK.sys [63488 2007-04-11] (ENE Technology Inc.)
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [76584 2006-12-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [20776 2007-04-25] (HiTRUST)
R0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [16680 2007-04-25] (HiTRUST)
R0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [60712 2007-04-25] (HiTRUST)
S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys [21520 2012-05-30] (Trusteer Ltd.)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-02-07] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
R3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [90968 2004-03-19] (VM)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [13560 2006-11-02] (Cyberlink Corp.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-11 13:18 - 2013-09-11 13:19 - 00180023 _____ D:\Temp\ads000
2013-09-11 13:18 - 2013-09-11 13:19 - 00015211 _____ D:\Temp\log3
2013-09-11 13:18 - 2013-09-11 13:19 - 00007572 _____ D:\Temp\log1
2013-09-11 13:17 - 2013-09-11 13:18 - 00021016 _____ D:\Temp\frstlog
2013-09-11 13:17 - 2013-09-11 13:17 - 00158513 _____ D:\Temp\modules00
2013-09-11 13:17 - 2013-09-11 13:17 - 00000115 _____ D:\Temp\users00
2013-09-11 13:17 - 2013-09-11 13:17 - 00000003 _____ D:\Temp\others
2013-09-11 13:16 - 2013-09-11 13:16 - 00000000 ___DC C:\FRST
2013-09-11 13:11 - 2013-09-11 13:11 - 01082455 _____ (Farbar) C:\Users\jls\Downloads\FRST.exe
2013-09-11 13:09 - 2013-09-11 13:14 - 00040960 ____T D:\Temp\~DFF55E.tmp
2013-09-11 13:07 - 2013-09-11 13:07 - 00032768 ____T D:\Temp\~DFF853.tmp
2013-09-11 13:04 - 2013-09-11 13:04 - 00024576 ____T D:\Temp\~DFD39E.tmp
2013-09-11 13:02 - 2013-09-11 13:03 - 00024576 ____T D:\Temp\~DFE6E4.tmp
2013-09-11 12:00 - 2013-09-11 12:52 - 00016384 ____T D:\Temp\~DF576A.tmp
2013-09-11 11:59 - 2013-09-11 11:59 - 00024576 ____T D:\Temp\~DF6896.tmp
2013-09-11 11:48 - 2013-09-11 13:07 - 00040960 ____T D:\Temp\~DF88FB.tmp
2013-09-11 11:48 - 2013-09-11 13:02 - 00024576 ____T D:\Temp\~DF8426.tmp
2013-09-11 11:48 - 2013-09-11 11:48 - 00016384 ____T D:\Temp\~DF8C36.tmp
2013-09-11 11:47 - 2013-09-11 11:47 - 00016384 ____T D:\Temp\~DF6E34.tmp
2013-09-11 11:29 - 2013-09-11 11:29 - 00040960 ____T D:\Temp\~DFA980.tmp
2013-09-11 11:29 - 2013-09-11 11:29 - 00016384 ____T D:\Temp\~DF5688.tmp
2013-09-11 11:28 - 2013-09-11 11:28 - 00016384 ____T D:\Temp\~DFF004.tmp
2013-09-11 11:28 - 2013-09-11 11:28 - 00016384 ____T D:\Temp\~DFE83B.tmp
2013-09-11 11:27 - 2013-09-11 11:27 - 00001680 _____ D:\Temp\wmplog19.sqm
2013-09-11 11:26 - 2013-09-11 11:26 - 00001416 _____ D:\Temp\wmplog18.sqm
2013-09-11 11:26 - 2013-09-11 11:26 - 00001416 _____ D:\Temp\wmplog17.sqm
2013-09-11 11:22 - 2013-09-11 11:22 - 00000000 ____T D:\Temp\JETD548.tmp
2013-09-11 11:18 - 2013-09-11 11:18 - 00000000 ____D D:\Temp\svfan.tmp
2013-09-11 11:17 - 2013-09-11 11:17 - 00000000 ____D D:\Temp\WPDNSE
2013-09-11 11:15 - 2013-09-11 11:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2013-09-11 11:15 - 2013-09-11 11:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2013-09-11 11:13 - 2013-09-11 11:14 - 00000000 ____D C:\Users\Administrator
2013-09-11 11:13 - 2013-09-11 11:13 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2013-09-11 11:13 - 2013-09-11 11:13 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2013-09-11 11:13 - 2013-09-11 11:13 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2013-09-11 11:13 - 2013-09-11 11:13 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2013-09-11 11:13 - 2013-09-11 11:13 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2013-09-11 11:13 - 2012-06-19 08:35 - 00000000 ____D C:\Users\Administrator\AppData\Local\Trusteer
2013-09-11 11:13 - 2008-08-11 11:05 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2013-09-11 11:13 - 2008-02-16 09:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib14FA.tmp
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib11ED.tmp
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib1076.tmp
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib1075.tmp
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib1074.tmp
2013-09-11 09:03 - 2013-09-11 09:03 - 00635072 _____ D:\Temp\SoftwareUpdateSetup.exe
2013-09-10 17:04 - 2013-09-10 17:04 - 00393216 _____ D:\Temp\~DF50EA.tmp
2013-09-10 16:52 - 2013-09-10 16:52 - 00000904 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-10 16:52 - 2013-09-10 16:52 - 00000000 ____D C:\Users\jls\AppData\Roaming\Malwarebytes
2013-09-10 16:52 - 2013-09-10 16:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-10 16:52 - 2013-09-10 16:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-10 16:52 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-10 16:51 - 2013-09-10 16:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jls\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-09 17:54 - 2013-09-09 17:54 - 22240760 _____ (Mozilla) C:\Users\jls\Downloads\Firefox Setup 23.0.1 (1).exe
2013-09-09 17:20 - 2013-09-09 17:20 - 22240760 _____ (Mozilla) C:\Users\jls\Downloads\Firefox Setup 23.0.1.exe
2013-09-09 17:16 - 2013-09-09 17:17 - 22496512 _____ (Mozilla) C:\Users\jls\Downloads\Firefox Setup 23.0_de.exe
2013-09-09 16:43 - 2013-09-09 16:43 - 00002137 _____ D:\Temp\AdobeSFX.log
2013-09-09 16:41 - 2013-09-09 16:41 - 01037120 _____ (Solid State Networks) C:\Users\jls\Downloads\AdobeReaderSetup.exe
2013-09-09 16:41 - 2013-09-09 16:41 - 00000591 _____ C:\Users\jls\Desktop\Die Installation von Adobe Reader Free Download fortsetzen.lnk
2013-09-09 16:41 - 2013-09-09 16:41 - 00000000 ____D D:\Temp\ish399081
2013-08-23 00:48 - 2013-08-23 00:48 - 00000000 ____D D:\Temp\{7054b159-bc18-4660-abd4-da46e6a2a0b1}
2013-08-23 00:48 - 2013-08-23 00:48 - 00000000 ____D D:\Temp\{08dde04d-eade-4a85-bffd-0ffb95f7d027}
2013-08-23 00:47 - 2013-08-23 00:47 - 00000000 ____D D:\Temp\{db4cc0c2-40e5-4451-a9f4-6ad1ea8931b2}
2013-08-15 23:50 - 2013-08-15 23:50 - 00001316 _____ D:\Temp\wmplog16.sqm
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibC526.tmp
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibBF7A.tmp
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibBF79.tmp
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibBF78.tmp
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibBF77.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib93E9.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib92CF.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib9290.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib928F.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib928E.tmp
2013-08-15 22:50 - 2013-08-15 22:50 - 00000000 ____D D:\Temp\{6315ee8b-8323-45fc-bee0-e39e949daa3d}
2013-08-15 22:50 - 2013-08-15 22:50 - 00000000 ____D D:\Temp\{000109da-a10f-4b78-96d1-8bd6cf4beb80}
==================== One Month Modified Files and Folders =======
2013-09-11 13:19 - 2013-09-11 13:18 - 00015211 _____ D:\Temp\log3
2013-09-11 13:19 - 2013-09-11 13:18 - 00007572 _____ D:\Temp\log1
2013-09-11 13:18 - 2013-09-11 13:17 - 00021016 _____ D:\Temp\frstlog
2013-09-11 13:18 - 2013-02-14 11:22 - 00003490 _____ C:\Users\jls\Default.dsk
2013-09-11 13:17 - 2013-09-11 13:17 - 00158513 _____ D:\Temp\modules00
2013-09-11 13:17 - 2013-09-11 13:17 - 00000115 _____ D:\Temp\users00
2013-09-11 13:17 - 2013-09-11 13:17 - 00000003 _____ D:\Temp\others
2013-09-11 13:16 - 2013-09-11 13:16 - 00000000 ___DC C:\FRST
2013-09-11 13:14 - 2013-09-11 13:09 - 00040960 ____T D:\Temp\~DFF55E.tmp
2013-09-11 13:11 - 2013-09-11 13:11 - 01082455 _____ (Farbar) C:\Users\jls\Downloads\FRST.exe
2013-09-11 13:10 - 2013-05-09 11:35 - 00000000 ____D D:\Temp\hsperfdata_JLS-PC$
2013-09-11 13:10 - 2013-05-09 11:15 - 00000000 ____D D:\Temp\_avast_
2013-09-11 13:09 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-11 13:09 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-11 13:07 - 2013-09-11 13:07 - 00032768 ____T D:\Temp\~DFF853.tmp
2013-09-11 13:07 - 2013-09-11 11:48 - 00040960 ____T D:\Temp\~DF88FB.tmp
2013-09-11 13:04 - 2013-09-11 13:04 - 00024576 ____T D:\Temp\~DFD39E.tmp
2013-09-11 13:03 - 2013-09-11 13:02 - 00024576 ____T D:\Temp\~DFE6E4.tmp
2013-09-11 13:02 - 2013-09-11 11:48 - 00024576 ____T D:\Temp\~DF8426.tmp
2013-09-11 12:54 - 2013-03-19 15:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-11 12:52 - 2013-09-11 12:00 - 00016384 ____T D:\Temp\~DF576A.tmp
2013-09-11 11:59 - 2013-09-11 11:59 - 00024576 ____T D:\Temp\~DF6896.tmp
2013-09-11 11:48 - 2013-09-11 11:48 - 00016384 ____T D:\Temp\~DF8C36.tmp
2013-09-11 11:47 - 2013-09-11 11:47 - 00016384 ____T D:\Temp\~DF6E34.tmp
2013-09-11 11:46 - 2013-02-15 10:43 - 00031832 _____ D:\Temp\jls.bmp
2013-09-11 11:29 - 2013-09-11 11:29 - 00040960 ____T D:\Temp\~DFA980.tmp
2013-09-11 11:29 - 2013-09-11 11:29 - 00016384 ____T D:\Temp\~DF5688.tmp
2013-09-11 11:28 - 2013-09-11 11:28 - 00016384 ____T D:\Temp\~DFF004.tmp
2013-09-11 11:28 - 2013-09-11 11:28 - 00016384 ____T D:\Temp\~DFE83B.tmp
2013-09-11 11:27 - 2013-09-11 11:27 - 00001680 _____ D:\Temp\wmplog19.sqm
2013-09-11 11:26 - 2013-09-11 11:26 - 00001416 _____ D:\Temp\wmplog18.sqm
2013-09-11 11:26 - 2013-09-11 11:26 - 00001416 _____ D:\Temp\wmplog17.sqm
2013-09-11 11:23 - 2006-11-02 12:33 - 05158114 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-11 11:22 - 2013-09-11 11:22 - 00000000 ____T D:\Temp\JETD548.tmp
2013-09-11 11:18 - 2013-09-11 11:18 - 00000000 ____D D:\Temp\svfan.tmp
2013-09-11 11:18 - 2013-02-15 10:44 - 00000000 ____D D:\Temp\Acrobat Distiller 9
2013-09-11 11:17 - 2013-09-11 11:17 - 00000000 ____D D:\Temp\WPDNSE
2013-09-11 11:17 - 2013-07-21 15:13 - 00000382 _____ C:\Windows\Tasks\Final Media Player Update Checker.job
2013-09-11 11:17 - 2013-02-15 16:35 - 00000000 ____D D:\Temp\eDatasecurity
2013-09-11 11:17 - 2013-02-15 10:44 - 00123923 _____ D:\Temp\AdobeARM.log
2013-09-11 11:16 - 2013-09-11 11:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2013-09-11 11:15 - 2013-09-11 11:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2013-09-11 11:14 - 2013-09-11 11:13 - 00000000 ____D C:\Users\Administrator
2013-09-11 11:13 - 2013-09-11 11:13 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2013-09-11 11:13 - 2013-09-11 11:13 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2013-09-11 11:13 - 2013-09-11 11:13 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2013-09-11 11:13 - 2013-09-11 11:13 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2013-09-11 11:13 - 2013-09-11 11:13 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib14FA.tmp
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib11ED.tmp
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib1076.tmp
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib1075.tmp
2013-09-11 11:01 - 2013-09-11 11:01 - 00000000 _____ D:\Temp\ib1074.tmp
2013-09-11 11:01 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-11 10:59 - 2006-11-02 15:01 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-11 09:11 - 2010-10-17 12:27 - 00000000 ____D C:\Program Files\GTS
2013-09-11 09:03 - 2013-09-11 09:03 - 00635072 _____ D:\Temp\SoftwareUpdateSetup.exe
2013-09-11 07:37 - 2009-09-02 08:49 - 00000000 ___HD C:\Users\jls\Desktop\consors
2013-09-11 07:30 - 2006-11-02 13:18 - 00000000 ___HD C:\Windows\tracing
2013-09-11 07:29 - 2007-08-20 18:04 - 00529482 _____ C:\Windows\PFRO.log
2013-09-11 07:28 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Web
2013-09-11 07:02 - 2013-02-15 05:45 - 00182130 _____ D:\Temp\MpCmdRun.log
2013-09-11 07:02 - 2013-02-15 05:45 - 00000000 ____D D:\Temp\MPTelemetrySubmit
2013-09-11 07:02 - 2007-08-20 18:06 - 01941803 _____ C:\Windows\WindowsUpdate.log
2013-09-10 19:02 - 2009-02-10 21:52 - 00000000 ___HD C:\Users\jls\Documents\Meine Scans
2013-09-10 17:33 - 2008-02-20 14:18 - 00000000 ___HD C:\Users\jls\Documents\FA
2013-09-10 17:04 - 2013-09-10 17:04 - 00393216 _____ D:\Temp\~DF50EA.tmp
2013-09-10 16:52 - 2013-09-10 16:52 - 00000904 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-10 16:52 - 2013-09-10 16:52 - 00000000 ____D C:\Users\jls\AppData\Roaming\Malwarebytes
2013-09-10 16:52 - 2013-09-10 16:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-10 16:52 - 2013-09-10 16:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-10 16:51 - 2013-09-10 16:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jls\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-10 15:23 - 2013-07-21 15:13 - 00000000 ____D C:\Program Files\File Type Assistant
2013-09-10 05:23 - 2008-05-04 12:12 - 00000000 ___HD C:\Users\jls\AppData\Roaming\Skype
2013-09-09 17:54 - 2013-09-09 17:54 - 22240760 _____ (Mozilla) C:\Users\jls\Downloads\Firefox Setup 23.0.1 (1).exe
2013-09-09 17:23 - 2013-05-09 12:53 - 00006803 _____ D:\Temp\JavaDeployReg.log
2013-09-09 17:20 - 2013-09-09 17:20 - 22240760 _____ (Mozilla) C:\Users\jls\Downloads\Firefox Setup 23.0.1.exe
2013-09-09 17:17 - 2013-09-09 17:16 - 22496512 _____ (Mozilla) C:\Users\jls\Downloads\Firefox Setup 23.0_de.exe
2013-09-09 16:43 - 2013-09-09 16:43 - 00002137 _____ D:\Temp\AdobeSFX.log
2013-09-09 16:41 - 2013-09-09 16:41 - 01037120 _____ (Solid State Networks) C:\Users\jls\Downloads\AdobeReaderSetup.exe
2013-09-09 16:41 - 2013-09-09 16:41 - 00000591 _____ C:\Users\jls\Desktop\Die Installation von Adobe Reader Free Download fortsetzen.lnk
2013-09-09 16:41 - 2013-09-09 16:41 - 00000000 ____D D:\Temp\ish399081
2013-09-09 16:41 - 2013-07-22 15:24 - 00000000 ____D D:\Temp\is1852162411
2013-09-08 13:16 - 2013-02-21 18:34 - 00000000 ____D C:\Users\jls\Desktop\x
2013-09-08 13:16 - 2013-02-17 20:13 - 00001914 _____ D:\Temp\repos.paint
2013-09-08 13:14 - 2008-03-01 12:02 - 00000000 ___HD C:\Users\jls\Documents\KORRESPONDENZ
2013-08-23 00:48 - 2013-08-23 00:48 - 00000000 ____D D:\Temp\{7054b159-bc18-4660-abd4-da46e6a2a0b1}
2013-08-23 00:48 - 2013-08-23 00:48 - 00000000 ____D D:\Temp\{08dde04d-eade-4a85-bffd-0ffb95f7d027}
2013-08-23 00:47 - 2013-08-23 00:47 - 00000000 ____D D:\Temp\{db4cc0c2-40e5-4451-a9f4-6ad1ea8931b2}
2013-08-16 08:10 - 2013-07-22 08:12 - 00000000 ____D C:\Users\jls\AppData\Roaming\FinalMediaPlayer
2013-08-16 08:10 - 2013-07-20 13:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-16 08:10 - 2013-07-09 16:44 - 00000000 ____D C:\Users\jls\Desktop\NEUFIBU
2013-08-16 08:10 - 2012-05-03 07:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-16 08:10 - 2009-10-30 22:10 - 00000000 ___HD C:\Users\jls\Downloads\iAresContact
2013-08-16 08:10 - 2008-01-14 16:20 - 00000000 ___HD C:\Users\jls
2013-08-16 08:10 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2013-08-16 08:10 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-08-16 08:10 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2013-08-16 08:10 - 2006-11-02 12:22 - 50855936 _____ C:\Windows\system32\config\software_previous
2013-08-16 08:10 - 2006-11-02 12:22 - 27262976 _____ C:\Windows\system32\config\system_previous
2013-08-16 08:02 - 2006-11-02 12:22 - 43778048 _____ C:\Windows\system32\config\components_previous
2013-08-16 08:02 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-08-15 23:50 - 2013-08-15 23:50 - 00001316 _____ D:\Temp\wmplog16.sqm
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibC526.tmp
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibBF7A.tmp
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibBF79.tmp
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibBF78.tmp
2013-08-15 23:49 - 2013-08-15 23:49 - 00000000 _____ D:\Temp\ibBF77.tmp
2013-08-15 23:39 - 2013-03-29 16:28 - 00007087 _____ C:\Windows\setupact.log
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib93E9.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib92CF.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib9290.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib928F.tmp
2013-08-15 23:32 - 2013-08-15 23:32 - 00000000 _____ D:\Temp\ib928E.tmp
2013-08-15 22:57 - 2009-04-02 10:56 - 00000000 ____D C:\Users\jls\Desktop\WERBUNG
2013-08-15 22:50 - 2013-08-15 22:50 - 00000000 ____D D:\Temp\{6315ee8b-8323-45fc-bee0-e39e949daa3d}
2013-08-15 22:50 - 2013-08-15 22:50 - 00000000 ____D D:\Temp\{000109da-a10f-4b78-96d1-8bd6cf4beb80}
2013-08-15 22:35 - 2013-07-20 16:55 - 00008561 _____ D:\Temp\nsemail-3.eml
2013-08-15 22:35 - 2013-05-30 16:18 - 00000881 _____ D:\Temp\nsemail-2.eml
2013-08-15 22:35 - 2013-05-14 15:29 - 02196853 _____ D:\Temp\nsemail-1.eml
2013-08-15 22:13 - 2013-05-09 11:15 - 00001827 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-15 22:13 - 2006-11-02 12:23 - 00002577 _____ C:\Windows\system32\config.nt
ZeroAccess:
C:\Windows\Installer\{b1bbcc10-2988-685d-2df9-5b0bb1a171d9}
C:\Windows\Installer\{b1bbcc10-2988-685d-2df9-5b0bb1a171d9}\@
ZeroAccess:
C:\Users\jls\AppData\Local\{b1bbcc10-2988-685d-2df9-5b0bb1a171d9}
C:\Users\jls\AppData\Local\{b1bbcc10-2988-685d-2df9-5b0bb1a171d9}\@
C:\ProgramData\Konz2012.exe
C:\Users\jls\RegistryW.exe
C:\Users\Administrator\AppData\Local\Temp\RtkBtMnt.exe
D:\Temp\Mozilla ThunderbirdUpdateSetup.exe
D:\Temp\RtkBtMnt.exe
D:\Temp\SkypeSetup.exe
D:\Temp\SoftwareUpdateSetup.exe
D:\Temp\ThunderbirdUpdateSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-11 11:18
==================== End Of Log ============================ --- --- ---
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:69.77 GB) (Free:3.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:64.22 GB) (Free:48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 623F07CA)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=70 GB) - (Type=06)
Partition 3: (Not Active) - (Size=64 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=OF Extended)
==================== End Of Log ============================ --- --- --- |