| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Webseiten werden auf Werbung umgeleitet und Rechner langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.11.2013, 14:28
| #1 |
| |  Windows 7: Webseiten werden auf Werbung umgeleitet und Rechner langsam Hallo, ich habe seit einigen Wochen das Problem, dass ich immer wieder Pop Ups von "Ad Server Plus" erhalte. Zwar habe ich meinen Firefox Browser zurück gesetzt und die Pop Up Werbungen erscheinen nicht mehr. Jedoch ist mein Rechner weiterhin sehr langsam. ich möchte gerne meinen Laptop bereinigen und mich zudem für die Zukunft sicherer und besser aufstellen. Schätzungsweise habe ich mir die Suppe durch Anschauen von Werbe-Videos eingebrockt. Die Videos brachten mir Münzen/Token für ein Online Fußball Manager Spiel (Top Eleven) ein. Eine, wohl höhere, Wahrscheinlichkeit liegt darin, dass ich sogar andere Spiele herunter geladen habe. Wenn ich diese Spiele anfing zu zocken, habe ich ebenfalls Münzen erhalten. Gibt es eine Möglichkeit, dass ich die Videos künftig anschauen bzw. Spiele herunterladen kann, ohne mir etwas einzufangen? Oder habe ich die Malware gar nicht durch das Video schauen oder die Downloads? Der "Defogger" funktionierte irgendwie nicht. Ich habe die Software herunter geladen. jedoch konnte ich nach dem Start der Software nur "Disable" oder "Re-enable" anklicken. Egal, welches Fenster ich anklickte, konnte ich auf "Continue" klicken, so dass dann "Finished!" kam, welches durch den "OK" Button zu bestätigen war. Infos zu meinem Laptop: Hersteller: HP Modell: HP Pavilion dv7 Notebook PC Windows 7 Home Premium Systemtyp: 64 Bit Für Rückfragen stehe ich gerne zur Verfügung. Ich freue mich über Eure Hilfe! Nachstehend alle mir zur Verfügung stehenden Texte/Auswertungen/Funde (GMER Infos siehe im Anhang): FRST TXT Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013 Ran by themonument (administrator) on THEMONUMENT-HP on 21-11-2013 11:11:09 Running from C:\Users\themonument\Downloads Windows 7 Home Premium (X64) OS Language: German Standard Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe (Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe (Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe () C:\Program Files (x86)\AAVUpdateManager\aavus.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe (CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Intel Corporation) C:\Windows\system32\hkcmd.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (Dropbox, Inc.) C:\Users\themonument\AppData\Roaming\Dropbox\bin\Dropbox.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (DonationCoder) C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe (Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe () C:\Users\themonument\Downloads\gmer_2.1.19163.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-28] (Synaptics Incorporated) HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] () HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company) HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-07-22] (IDT, Inc.) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-05] (Hewlett-Packard) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] () HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company) HKCU\...\Run: [SSync] - C:\Users\themonument\AppData\Roaming\SSync\SSync.exe [36864 2013-04-09] () HKCU\...\Run: [DataMgr] - C:\Users\themonument\AppData\Roaming\DataMgr\DataMgr.exe [168824 2013-07-21] (HTTO Group, Ltd.) HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.) HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.) HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe HKCU\...\Run: [SCheck] - C:\Users\themonument\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-09] () HKCU\...\Run: [Snoozer] - C:\Users\themonument\AppData\Roaming\Snz\Snz.exe [1226843 2013-10-10] () HKCU\...\Run: [Intermediate] - C:\Users\themonument\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-09] () HKCU\...\Run: [OMESupervisor] - C:\Users\themonument\AppData\Local\omesuperv.exe [2220366 2013-10-10] () MountPoints2: {b2e916d4-81ec-11e0-9f80-806e6f6e6963} - E:\start.exe /auto HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-06-02] (EasyBits Software AS) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.) HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] () HKU\Gast\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] () HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company) HKU\Gast\...\Run: [SSync] - C:\Users\themonument\AppData\Roaming\SSync\SSync.exe [36864 2013-04-09] () HKU\Gast\...\Run: [DataMgr] - C:\Users\themonument\AppData\Roaming\DataMgr\DataMgr.exe [168824 2013-07-21] (HTTO Group, Ltd.) HKU\Gast\...\Run: [SCheck] - C:\Users\themonument\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-09] () HKU\Gast\...\Run: [Snoozer] - C:\Users\themonument\AppData\Roaming\Snz\Snz.exe [1226843 2013-10-10] () HKU\Gast\...\Run: [Intermediate] - C:\Users\themonument\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-09] () HKU\Gast\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.) HKU\Gast\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.) HKU\Gast\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe AppInit_DLLs: C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetyldr.dll [22536 2013-09-25] () AppInit_DLLs-x32: c:\progra~2\movies~1\safety~1\safety~2.dll c:\progra~3\wincert\win32c~1.dll [7168 2013-09-22] () Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\Users\themonument\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\themonument\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\themonument\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) Startup: C:\Users\themonument\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll [485384 2013-09-25] () HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll [657928 2013-09-25] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {72A31713-C0D3-43AA-B4DC-90F320C07F35} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM - {0FA206D8-4C2E-44F1-803C-2F7EA238B7F0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM - {2A3CF4CF-B57E-4102-9B40-0D182E68B4E4} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=n9397-126&apn_uid=6146202344444283&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {72A31713-C0D3-43AA-B4DC-90F320C07F35} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 - {0FA206D8-4C2E-44F1-803C-2F7EA238B7F0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 - {2A3CF4CF-B57E-4102-9B40-0D182E68B4E4} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=n9397-126&apn_uid=6146202344444283&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms} SearchScopes: HKCU - {0FA206D8-4C2E-44F1-803C-2F7EA238B7F0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKCU - {2A3CF4CF-B57E-4102-9B40-0D182E68B4E4} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=n9397-126&apn_uid=6146202344444283&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms} BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\Program Files (x86)\Movies Toolbar\SafetyNut\SRTOOL~1\IE\searchresultsDx.dll () BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH) Toolbar: HKLM-x32 - Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\Program Files (x86)\Movies Toolbar\SafetyNut\SRTOOL~1\IE\searchresultsDx.dll () Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2010-07-21] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194 FireFox: ======== FF ProfilePath: C:\Users\themonument\AppData\Roaming\Mozilla\Firefox\Profiles\7hthov0m.default-1384853009079 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: om - C:\Users\themonument\AppData\Roaming\Mozilla\Firefox\Profiles\7hthov0m.default-1384853009079\Extensions\om@offermosquito.com.xpi FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt Chrome: ======= CHR Extension: (Movies Toolbar) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic\21.56058_0 CHR Extension: (Google Docs) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (OfferMosquito) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.8_0 CHR Extension: (AdBlock) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\THEMON~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\themonument\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx ==================== Services (Whitelisted) ================= R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG) R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 SafetyNutManager; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3419144 2013-09-25] (SafetyNut Inc.) R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-12] (Avira Operations GmbH & Co. KG) U3 fxlcypod; \??\C:\Users\THEMON~1\AppData\Local\Temp\fxlcypod.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-21 11:12 - 2013-11-21 11:12 - 00050477 _____ C:\Users\themonument\Downloads\Defogger.exe 2013-11-21 11:11 - 2013-11-21 11:12 - 00026505 _____ C:\Users\themonument\Downloads\FRST.txt 2013-11-21 11:10 - 2013-11-21 11:10 - 00377856 _____ C:\Users\themonument\Downloads\gmer_2.1.19163.exe 2013-11-21 11:10 - 2013-11-21 11:10 - 00000000 ____D C:\FRST 2013-11-21 11:09 - 2013-11-21 11:10 - 01957964 _____ (Farbar) C:\Users\themonument\Downloads\FRST64.exe 2013-11-21 10:59 - 2013-11-21 10:59 - 00680560 _____ C:\Users\themonument\Downloads\ZipExtractorSetup(3).exe 2013-11-21 10:51 - 2013-11-21 10:51 - 00680560 _____ C:\Users\themonument\Downloads\ZipExtractorSetup(2).exe 2013-11-21 10:51 - 2013-11-21 10:51 - 00001204 _____ C:\Users\Gast\Desktop\Continue Zip Extractor Installation.lnk 2013-11-21 10:51 - 2013-11-21 10:51 - 00001174 _____ C:\Users\themonument\Desktop\Continue Zip Extractor Installation.lnk 2013-11-21 10:46 - 2013-11-21 10:46 - 00680560 _____ C:\Users\themonument\Downloads\ZipExtractorSetup(1).exe 2013-11-21 10:24 - 2013-11-21 10:24 - 00004050 _____ C:\Windows\System32\Tasks\LaunchApp 2013-11-21 10:23 - 2013-11-21 10:23 - 00001653 _____ C:\Users\themonument\Desktop\Sync Folder.lnk 2013-11-21 10:23 - 2013-11-21 10:23 - 00000000 ____D C:\Users\themonument\SyncFolder 2013-11-21 10:16 - 2013-11-21 10:16 - 105483598 _____ C:\Windows\SysWOW64\칿䟛 2013-11-20 19:22 - 2013-11-21 10:24 - 00000000 ____D C:\Program Files (x86)\MyPC Backup 2013-11-20 19:22 - 2013-11-20 19:22 - 00001091 _____ C:\Users\themonument\Desktop\MyPC Backup.lnk 2013-11-20 19:22 - 2013-11-20 19:22 - 00000000 ____D C:\Users\themonument\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2013-11-20 19:21 - 2013-11-20 19:21 - 00001114 _____ C:\Users\Public\Desktop\Open It!.lnk 2013-11-20 19:21 - 2013-11-20 19:21 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-11-20 19:21 - 2013-11-20 19:21 - 00000000 ____D C:\Program Files (x86)\metaCrawler 2013-11-20 19:19 - 2013-11-20 19:20 - 00680560 _____ C:\Users\themonument\Downloads\ZipExtractorSetup.exe 2013-11-19 16:11 - 2013-11-19 16:12 - 00000000 ____D C:\Users\themonument\Documents\Steuererklärung 2012 2013-11-19 15:46 - 2013-11-19 15:46 - 00000000 ____D C:\Windows\SysWOW64\Visagesoft 2013-11-19 15:46 - 2013-11-19 15:46 - 00000000 ____D C:\Windows\SysWOW64\AIM 2013-11-19 15:46 - 2003-12-04 15:58 - 00000696 _____ C:\Windows\SysWOW64\jetodbc.rsp 2013-11-19 15:46 - 2002-12-11 19:12 - 00760968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSDMOD.DLL 2013-11-19 15:46 - 2002-12-11 19:12 - 00316040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DMOD.DLL 2013-11-19 15:46 - 2002-12-11 19:10 - 00816264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDMOD.DLL 2013-11-19 15:46 - 2002-12-11 17:34 - 00241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DMOD.DLL 2013-11-19 15:46 - 2002-12-11 15:16 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDMOD.DLL 2013-11-19 15:46 - 2002-08-29 03:43 - 00278559 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMV8DS32.AX 2013-11-19 15:46 - 2002-08-29 03:43 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDS32.AX 2013-11-19 15:46 - 2002-08-29 03:43 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSADDS32.AX 2013-11-19 15:46 - 2002-04-29 19:47 - 00121160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscal.ocx 2013-11-19 15:46 - 2000-06-13 00:00 - 01046288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJET35.DLL 2013-11-19 15:46 - 2000-06-13 00:00 - 00415504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSREPL35.DLL 2013-11-19 15:46 - 1999-03-05 22:15 - 00074000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrclr40.dll 2013-11-19 15:46 - 1999-03-05 22:15 - 00028944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrecr40.dll 2013-11-19 15:46 - 1998-04-24 00:00 - 00368912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBAR332.DLL 2013-11-19 15:46 - 1998-04-24 00:00 - 00148240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJINT35.DLL 2013-11-19 15:46 - 1997-07-01 10:45 - 00250128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSEXCL35.DLL 2013-11-19 15:46 - 1997-06-23 09:06 - 00330000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSEXCH35.DLL 2013-11-19 15:46 - 1997-06-23 09:06 - 00287504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSXBSE35.DLL 2013-11-19 15:46 - 1997-06-23 09:06 - 00252176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRD2X35.DLL 2013-11-19 15:46 - 1997-06-23 09:06 - 00250128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPDOX35.DLL 2013-11-19 15:46 - 1997-06-23 09:06 - 00166160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSLTUS35.DLL 2013-11-19 15:46 - 1997-06-23 09:06 - 00165648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSTEXT35.DLL 2013-11-19 15:46 - 1997-06-23 09:06 - 00024848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJTER35.DLL 2013-11-19 15:45 - 2013-11-19 15:52 - 00000000 ____D C:\Users\themonument\AppData\Local\Buhl 2013-11-19 15:45 - 2013-11-19 15:45 - 00002061 _____ C:\Users\Public\Desktop\KONZ-Steuer-2013.lnk 2013-11-19 15:45 - 2013-11-19 15:45 - 00001925 _____ C:\Users\Public\Desktop\Steuer 2012.lnk 2013-11-19 15:45 - 2013-11-19 15:45 - 00000066 _____ C:\Windows\wiso.ini 2013-11-19 15:45 - 2013-11-19 15:45 - 00000000 ____D C:\Program Files (x86)\USM 2013-11-19 15:38 - 2013-11-19 15:40 - 00000000 ____D C:\Program Files (x86)\Steuer 2012 2013-11-19 15:37 - 2013-11-19 15:53 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH 2013-11-19 11:21 - 2013-11-19 12:00 - 00000000 ____D C:\Users\themonument\Documents\Wiesn 2014 2013-11-16 15:04 - 2013-11-16 15:26 - 00000000 ____D C:\Users\themonument\Desktop\Thailand 2013 Best of 2013-11-14 17:54 - 2013-11-16 14:46 - 00000000 ____D C:\Users\themonument\Desktop\Thailand 2013 2013-11-14 14:43 - 2013-11-14 14:49 - 00000000 ____D C:\Users\themonument\Desktop\Thailand Caros Bilder 2013-10-22 11:15 - 2013-11-14 12:48 - 00000000 ____D C:\Program Files\McAfee Security Scan ==================== One Month Modified Files and Folders ======= 2013-11-21 11:12 - 2013-11-21 11:12 - 00050477 _____ C:\Users\themonument\Downloads\Defogger.exe 2013-11-21 11:12 - 2013-11-21 11:11 - 00026505 _____ C:\Users\themonument\Downloads\FRST.txt 2013-11-21 11:12 - 2013-10-05 14:00 - 00000000 ____D C:\ProgramData\SafetyNut 2013-11-21 11:10 - 2013-11-21 11:10 - 00377856 _____ C:\Users\themonument\Downloads\gmer_2.1.19163.exe 2013-11-21 11:10 - 2013-11-21 11:10 - 00000000 ____D C:\FRST 2013-11-21 11:10 - 2013-11-21 11:09 - 01957964 _____ (Farbar) C:\Users\themonument\Downloads\FRST64.exe 2013-11-21 11:01 - 2013-07-26 09:17 - 00000000 ____D C:\Users\themonument\Documents\Postbank 2013-11-21 10:59 - 2013-11-21 10:59 - 00680560 _____ C:\Users\themonument\Downloads\ZipExtractorSetup(3).exe 2013-11-21 10:54 - 2011-08-09 16:15 - 00000000 ____D C:\Users\themonument\AppData\Roaming\Dropbox 2013-11-21 10:53 - 2010-09-16 00:49 - 01937642 _____ C:\Windows\WindowsUpdate.log 2013-11-21 10:51 - 2013-11-21 10:51 - 00680560 _____ C:\Users\themonument\Downloads\ZipExtractorSetup(2).exe 2013-11-21 10:51 - 2013-11-21 10:51 - 00001204 _____ C:\Users\Gast\Desktop\Continue Zip Extractor Installation.lnk 2013-11-21 10:51 - 2013-11-21 10:51 - 00001174 _____ C:\Users\themonument\Desktop\Continue Zip Extractor Installation.lnk 2013-11-21 10:46 - 2013-11-21 10:46 - 00680560 _____ C:\Users\themonument\Downloads\ZipExtractorSetup(1).exe 2013-11-21 10:42 - 2013-08-01 08:10 - 00000058 _____ C:\Users\themonument\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat 2013-11-21 10:24 - 2013-11-21 10:24 - 00004050 _____ C:\Windows\System32\Tasks\LaunchApp 2013-11-21 10:24 - 2013-11-20 19:22 - 00000000 ____D C:\Program Files (x86)\MyPC Backup 2013-11-21 10:24 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-21 10:24 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-21 10:23 - 2013-11-21 10:23 - 00001653 _____ C:\Users\themonument\Desktop\Sync Folder.lnk 2013-11-21 10:23 - 2013-11-21 10:23 - 00000000 ____D C:\Users\themonument\SyncFolder 2013-11-21 10:23 - 2011-05-19 19:00 - 00000000 ____D C:\Users\themonument 2013-11-21 10:23 - 2010-07-21 18:34 - 00700134 _____ C:\Windows\system32\perfh007.dat 2013-11-21 10:23 - 2010-07-21 18:34 - 00149984 _____ C:\Windows\system32\perfc007.dat 2013-11-21 10:23 - 2009-07-14 06:13 - 01622236 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-21 10:22 - 2013-09-20 07:12 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-21 10:19 - 2011-08-09 16:16 - 00000000 ___RD C:\Users\themonument\Dropbox 2013-11-21 10:16 - 2013-11-21 10:16 - 105483598 _____ C:\Windows\SysWOW64\칿䟛 2013-11-21 10:15 - 2013-09-20 07:12 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-21 10:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-21 10:15 - 2009-07-14 05:51 - 00138253 _____ C:\Windows\setupact.log 2013-11-20 19:22 - 2013-11-20 19:22 - 00001091 _____ C:\Users\themonument\Desktop\MyPC Backup.lnk 2013-11-20 19:22 - 2013-11-20 19:22 - 00000000 ____D C:\Users\themonument\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2013-11-20 19:22 - 2011-05-19 19:07 - 00000000 ___RD C:\Users\themonument\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-20 19:21 - 2013-11-20 19:21 - 00001114 _____ C:\Users\Public\Desktop\Open It!.lnk 2013-11-20 19:21 - 2013-11-20 19:21 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-11-20 19:21 - 2013-11-20 19:21 - 00000000 ____D C:\Program Files (x86)\metaCrawler 2013-11-20 19:20 - 2013-11-20 19:19 - 00680560 _____ C:\Users\themonument\Downloads\ZipExtractorSetup.exe 2013-11-20 19:18 - 2011-05-22 17:21 - 00000000 ____D C:\Users\themonument\AppData\Local\CrashDumps 2013-11-20 18:11 - 2012-08-10 16:36 - 00000000 ____D C:\Users\themonument\AppData\Roaming\Skype 2013-11-20 18:11 - 2012-08-10 16:35 - 00000000 ____D C:\ProgramData\Skype 2013-11-19 16:12 - 2013-11-19 16:11 - 00000000 ____D C:\Users\themonument\Documents\Steuererklärung 2012 2013-11-19 15:53 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH 2013-11-19 15:52 - 2013-11-19 15:45 - 00000000 ____D C:\Users\themonument\AppData\Local\Buhl 2013-11-19 15:46 - 2013-11-19 15:46 - 00000000 ____D C:\Windows\SysWOW64\Visagesoft 2013-11-19 15:46 - 2013-11-19 15:46 - 00000000 ____D C:\Windows\SysWOW64\AIM 2013-11-19 15:46 - 2010-07-21 09:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2013-11-19 15:46 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-11-19 15:45 - 2013-11-19 15:45 - 00002061 _____ C:\Users\Public\Desktop\KONZ-Steuer-2013.lnk 2013-11-19 15:45 - 2013-11-19 15:45 - 00001925 _____ C:\Users\Public\Desktop\Steuer 2012.lnk 2013-11-19 15:45 - 2013-11-19 15:45 - 00000066 _____ C:\Windows\wiso.ini 2013-11-19 15:45 - 2013-11-19 15:45 - 00000000 ____D C:\Program Files (x86)\USM 2013-11-19 15:45 - 2010-07-21 09:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-19 15:40 - 2013-11-19 15:38 - 00000000 ____D C:\Program Files (x86)\Steuer 2012 2013-11-19 12:44 - 2013-07-31 13:35 - 00000000 ____D C:\Users\themonument\Documents\Anschreiben 2013-11-19 12:00 - 2013-11-19 11:21 - 00000000 ____D C:\Users\themonument\Documents\Wiesn 2014 2013-11-19 10:30 - 2013-03-09 18:48 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0 2013-11-19 10:23 - 2013-10-13 11:53 - 00000000 ____D C:\Users\themonument\Desktop\Alte Firefox-Daten 2013-11-19 10:16 - 2013-07-25 18:12 - 00000000 ____D C:\Users\themonument\Documents\DKB 2013-11-19 09:45 - 2013-08-19 08:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-19 09:33 - 2013-02-22 17:19 - 00003222 _____ C:\Windows\System32\Tasks\HPCeeScheduleForthemonument 2013-11-19 09:33 - 2013-02-22 17:19 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForthemonument.job 2013-11-18 07:34 - 2011-11-23 22:12 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-11-18 07:34 - 2011-05-22 16:59 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2013-11-18 07:29 - 2013-08-26 10:47 - 00000000 ____D C:\Users\themonument\Documents\Versicherungen 2013-11-18 07:22 - 2010-09-16 00:54 - 00319906 _____ C:\Windows\PFRO.log 2013-11-16 17:14 - 2012-08-01 14:39 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-16 17:14 - 2009-07-14 03:34 - 00000513 _____ C:\Windows\win.ini 2013-11-16 15:26 - 2013-11-16 15:04 - 00000000 ____D C:\Users\themonument\Desktop\Thailand 2013 Best of 2013-11-16 14:46 - 2013-11-14 17:54 - 00000000 ____D C:\Users\themonument\Desktop\Thailand 2013 2013-11-14 20:32 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2013-11-14 18:24 - 2013-08-14 18:46 - 00000000 ____D C:\Windows\system32\MRT 2013-11-14 18:22 - 2011-06-18 11:41 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-14 14:49 - 2013-11-14 14:43 - 00000000 ____D C:\Users\themonument\Desktop\Thailand Caros Bilder 2013-11-14 12:50 - 2011-06-22 18:41 - 00000000 ____D C:\Users\themonument\AppData\Roaming\HpUpdate 2013-11-14 12:48 - 2013-10-22 11:15 - 00000000 ____D C:\Program Files\McAfee Security Scan 2013-11-14 12:48 - 2013-02-22 17:12 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2013-10-25 11:04 - 2013-07-26 09:51 - 00000000 ____D C:\Users\themonument\Documents\Wohnung Provinopark 2013-10-24 13:51 - 2013-08-04 18:22 - 00000000 ____D C:\Users\themonument\Documents\Urlaub Thailand 2013 2013-10-22 18:36 - 2013-10-21 12:42 - 00000000 ____D C:\Users\themonument\Documents\Tattoo 2013-10-22 09:06 - 2013-07-24 09:49 - 00000000 ____D C:\Users\themonument\Documents\Privat Files to move or delete: ==================== C:\Users\themonument\setup.exe Some content of TEMP: ==================== C:\Users\themonument\AppData\Local\Temp\701.3619295693371_Update.exe C:\Users\themonument\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe C:\Users\themonument\AppData\Local\Temp\appshat-distribution.exe C:\Users\themonument\AppData\Local\Temp\AskSLib.dll C:\Users\themonument\AppData\Local\Temp\AutoRun.exe C:\Users\themonument\AppData\Local\Temp\AutoRunGUI.dll C:\Users\themonument\AppData\Local\Temp\BabylonTB.exe C:\Users\themonument\AppData\Local\Temp\BackupSetup.exe C:\Users\themonument\AppData\Local\Temp\bi_cleaner.exe C:\Users\themonument\AppData\Local\Temp\eauninstall.exe C:\Users\themonument\AppData\Local\Temp\Extract.exe C:\Users\themonument\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe C:\Users\themonument\AppData\Local\Temp\HPHelpUpdater.exe C:\Users\themonument\AppData\Local\Temp\HPQSi.exe C:\Users\themonument\AppData\Local\Temp\ICReinstall_ZipExtractorSetup(2).exe C:\Users\themonument\AppData\Local\Temp\IminentSetup.exe C:\Users\themonument\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe C:\Users\themonument\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe C:\Users\themonument\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe C:\Users\themonument\AppData\Local\Temp\MoviesToolbarSetup_Somoto29_9_13.exe C:\Users\themonument\AppData\Local\Temp\NEventMessages.dll C:\Users\themonument\AppData\Local\Temp\NOSEventMessages.dll C:\Users\themonument\AppData\Local\Temp\OptimizerPro.exe C:\Users\themonument\AppData\Local\Temp\PDFCreator-1_3_2_setup.exe C:\Users\themonument\AppData\Local\Temp\PixelPlanetpdrv7.dll C:\Users\themonument\AppData\Local\Temp\PixelPlanetpdui7.dll C:\Users\themonument\AppData\Local\Temp\Resource.exe C:\Users\themonument\AppData\Local\Temp\SHSetup.exe C:\Users\themonument\AppData\Local\Temp\SimCity 4 Deluxe_uninst.exe C:\Users\themonument\AppData\Local\Temp\SkypeSetup.exe C:\Users\themonument\AppData\Local\Temp\SP52093.exe C:\Users\themonument\AppData\Local\Temp\sp52110.exe.exe C:\Users\themonument\AppData\Local\Temp\SP52264.exe C:\Users\themonument\AppData\Local\Temp\SP52407.exe C:\Users\themonument\AppData\Local\Temp\SP52509.exe C:\Users\themonument\AppData\Local\Temp\SP52615.exe C:\Users\themonument\AppData\Local\Temp\SP53546.exe C:\Users\themonument\AppData\Local\Temp\SP53794.exe C:\Users\themonument\AppData\Local\Temp\sp54373.exe C:\Users\themonument\AppData\Local\Temp\sp54620.exe C:\Users\themonument\AppData\Local\Temp\SP54714.exe C:\Users\themonument\AppData\Local\Temp\SP56215.exe C:\Users\themonument\AppData\Local\Temp\SP56878.exe C:\Users\themonument\AppData\Local\Temp\SP56929.exe C:\Users\themonument\AppData\Local\Temp\SP57232.exe C:\Users\themonument\AppData\Local\Temp\sp58915.exe C:\Users\themonument\AppData\Local\Temp\UninstallHPSA.exe C:\Users\themonument\AppData\Local\Temp\UninstallHPTCA.exe C:\Users\themonument\AppData\Local\Temp\UpdateCheckerSetup.exe C:\Users\themonument\AppData\Local\Temp\ytb.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-20 15:01 ==================== End Of Log ============================ Addition txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013 Ran by themonument at 2013-11-21 11:13:23 Running from C:\Users\themonument\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 64 Bit HP CIO Components Installer (Version: 7.2.8) AAVUpdateManager (x32 Version: 12.00.0000) Acrobat.com (x32 Version: 1.6.65) Adobe AIR (x32 Version: 1.5.0.7220) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5) Adobe Shockwave Player 11.5 (x32 Version: 11.5.7.609) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) ATI Catalyst Install Manager (Version: 3.0.778.0) AVAFX (remove only) (x32) Avira Free Antivirus (x32 Version: 13.0.0.4052) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95) Bonjour (Version: 3.0.0.10) bpd_scan (x32 Version: 3.00.0000) Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0621.2137.36973) Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0621.2137.36973) Catalyst Control Center InstallProxy (x32 Version: 2010.0621.2137.36973) Catalyst Control Center Localization All (x32 Version: 2010.0621.2137.36973) CCC Help Chinese Standard (x32 Version: 2010.0621.2136.36973) CCC Help Chinese Traditional (x32 Version: 2010.0621.2136.36973) CCC Help Czech (x32 Version: 2010.0621.2136.36973) CCC Help Danish (x32 Version: 2010.0621.2136.36973) CCC Help Dutch (x32 Version: 2010.0621.2136.36973) CCC Help English (x32 Version: 2010.0621.2136.36973) CCC Help Finnish (x32 Version: 2010.0621.2136.36973) CCC Help French (x32 Version: 2010.0621.2136.36973) CCC Help German (x32 Version: 2010.0621.2136.36973) CCC Help Greek (x32 Version: 2010.0621.2136.36973) CCC Help Hungarian (x32 Version: 2010.0621.2136.36973) CCC Help Italian (x32 Version: 2010.0621.2136.36973) CCC Help Japanese (x32 Version: 2010.0621.2136.36973) CCC Help Korean (x32 Version: 2010.0621.2136.36973) CCC Help Norwegian (x32 Version: 2010.0621.2136.36973) CCC Help Polish (x32 Version: 2010.0621.2136.36973) CCC Help Portuguese (x32 Version: 2010.0621.2136.36973) CCC Help Russian (x32 Version: 2010.0621.2136.36973) CCC Help Spanish (x32 Version: 2010.0621.2136.36973) CCC Help Swedish (x32 Version: 2010.0621.2136.36973) CCC Help Thai (x32 Version: 2010.0621.2136.36973) CCC Help Turkish (x32 Version: 2010.0621.2136.36973) ccc-core-static (x32 Version: 2010.0621.2137.36973) ccc-utility64 (Version: 2010.0621.2137.36973) Chuzzle Deluxe (x32 Version: 2.2.0.95) Contents (x32 Version: 1.6.0.286) Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000) Corel PaintShop Photo Pro X3 (x32 Version: 1.6.1.116) Corel VideoStudio Pro X3 (x32 Version: 1.6.0.286) CyberLink DVD Suite (x32 Version: 7.0.3003) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) DeviceIO (x32 Version: 1.6.0.286) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95) Dropbox (HKCU Version: 2.4.2) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121) Energy Star Digital Logo (x32 Version: 1.0.1) ESU for Microsoft Windows 7 (x32 Version: 1.0.0) FATE (x32 Version: 2.2.0.95) Google Update Helper (x32 Version: 1.3.21.165) Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000) HP 3D DriveGuard (Version: 4.1.16.1) HP Advisor (x32 Version: 3.4.10262.3295) HP Customer Experience Enhancements (x32 Version: 6.0.1.4) HP Documentation (x32 Version: 1.1.2.0) HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43) HP Game Console (x32) HP Games (x32 Version: 1.0.1.3) HP MediaSmart DVD (x32 Version: 4.1.4229) HP MediaSmart Movies and TV (Version: 1.0.0.10) HP MediaSmart Music (x32 Version: 4.1.4215) HP MediaSmart Photo (x32 Version: 4.1.4211) HP MediaSmart SmartMenu (Version: 3.1.1.12) HP MediaSmart Video (x32 Version: 4.1.4214) HP MediaSmart Webcam (x32 Version: 4.1.3024) HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (Version: 22.50.231.0) HP Officejet 6500 E710a-f Hilfe (x32 Version: 140.0.2.2) HP Power Manager (x32 Version: 1.4.7) HP Product Detection (x32 Version: 11.15.0009) HP Quick Launch (x32 Version: 2.7.2) HP Setup (x32 Version: 8.1.4186.3400) HP SimplePass Identity Protection (Version: 5.10.175) HP Software Framework (x32 Version: 4.5.10.1) HP Support Assistant (x32 Version: 7.0.39.15) HP Update (x32 Version: 5.003.001.001) HP Wireless Assistant (Version: 4.0.9.0) HPDiagnosticAlert (x32 Version: 1.00.0000) I.R.I.S. OCR (x32 Version: 12.3.4.0) ICA (x32 Version: 1.6.0.286) ICA (x32 Version: 1.6.1.116) iCloud (Version: 3.0.2.163) IDT Audio (x32 Version: 1.0.6292.0) Insaniquarium Deluxe (x32 Version: 2.2.0.95) Intel(R) Management Engine Components (x32 Version: 6.0.0.1179) Intel(R) Rapid Storage Technology (x32 Version: 9.6.2.1001) Intel(R) Turbo Boost Technology Driver (x32 Version: 01.00.01.1002) IPM_PSP_Pro (x32 Version: 1.00.0000) IPM_VS_Pro (x32 Version: 13.0) ISCOM (x32 Version: 1.6.0.286) ISCOM (x32 Version: 1.6.1.116) iTunes (Version: 11.1.1.11) Java Auto Updater (x32 Version: 2.0.7.1) Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200) Java(TM) 6 Update 22 (x32 Version: 6.0.220) Java(TM) 6 Update 33 (x32 Version: 6.0.330) Jewel Quest II (x32 Version: 2.2.0.95) Jewel Quest Solitaire (x32 Version: 2.2.0.95) John Deere Drive Green (x32 Version: 2.2.0.95) Junk Mail filter update (x32 Version: 14.0.8117.416) Konz 2013 (x32 Version: 1.00.0000) LabelPrint (x32 Version: 2.5.2907) LightScribe System Software (x32 Version: 1.18.16.1) Magic Desktop (x32) Marketsplash Schnellzugriffe (x32 Version: 1.0.1.7) McAfee Security Scan Plus (Version: 3.8.130.10) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4.5 (Version: 4.5.50709) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000) Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1) Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) MSVC80_x64_v2 (Version: 1.0.3.0) MSVC80_x86_v2 (x32 Version: 1.0.3.0) MSVC90_x64 (Version: 1.0.1.2) MSVC90_x86 (x32 Version: 1.0.1.2) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MyPC Backup (Version: ) Norton Online Backup (x32 Version: 2.1.17869) Open It! (x32 Version: 1.1.1) OpenOffice.org 3.3 (x32 Version: 3.3.9567) PDF Architect (x32 Version: 1.1.83.9982) Penguins! (x32 Version: 2.2.0.95) PhotoNow! (x32 Version: 1.1.6904) Plants vs. Zombies (x32 Version: 2.2.0.95) Polar Bowler (x32 Version: 2.2.0.95) Power2Go (x32 Version: 6.1.4204) PowerDirector (x32 Version: 8.0.3003) PSPPContent (x32 Version: 1.00.0000) PSPPRO_DCRAW (x32 Version: 13.0.0) PureHD (x32 Version: 1.6.0.286) PX Profile Update (x32 Version: 1.00.1.) QuickTime (x32 Version: 7.74.80.86) Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30111) Recovery Manager (x32 Version: 5.5.3023) Screenshot Captor 2.102.01 (x32) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32) Setup (x32 Version: 1.6.0.286) Setup (x32 Version: 1.6.1.116) Share (x32 Version: 1.6.0.286) Share64 (Version: 1.6.0.286) Slingo Deluxe (x32 Version: 2.2.0.95) StarMoney (x32 Version: 3.0.5.8) StarMoney 8.0 (x32 Version: 8.0) Steuer 2012 (x32 Version: 20.00.8137) Studie zur Verbesserung von HP Officejet 6500 E710a-f Produkten (Version: 22.50.231.0) Synaptics Pointing Device Driver (Version: 15.0.17.4) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32) Validity Sensors DDK (Version: 4.1.139.0) VIO (x32 Version: 1.6.0.286) Virtual Villagers - The Secret City (x32 Version: 2.2.0.95) VSClassic (x32 Version: 1.6.0.286) VSPro (x32 Version: 1.6.0.286) Wedding Dash (x32 Version: 2.2.0.95) Windows Live Call (x32 Version: 14.0.8117.0416) Windows Live Communications Platform (x32 Version: 14.0.8117.416) Windows Live Essentials (x32 Version: 14.0.8117.0416) Windows Live Essentials (x32 Version: 14.0.8117.416) Windows Live Fotogalerie (x32 Version: 14.0.8117.416) Windows Live ID Sign-in Assistant (Version: 6.500.3165.0) Windows Live Mail (x32 Version: 14.0.8117.0416) Windows Live Messenger (x32 Version: 14.0.8117.0416) Windows Live Sync (x32 Version: 14.0.8117.416) Windows Live Writer (x32 Version: 14.0.8117.0416) Windows Live-Uploadtool (x32 Version: 14.0.8014.1029) Windows Media Encoder 9 Series (x32 Version: 9.00.2980) Windows Media Encoder 9 Series (x32) Yahoo! Detect (x32) Zuma Deluxe (x32 Version: 2.2.0.95) ==================== Restore Points ========================= 16-10-2013 17:06:54 Windows Update 22-10-2013 08:52:55 Windows Update 14-11-2013 12:03:36 Windows Update 14-11-2013 17:20:33 Windows Update 16-11-2013 16:07:48 Windows Update 19-11-2013 14:37:48 Installiert Steuer 2012 19-11-2013 14:45:32 Installiert Konz 2013 20-11-2013 17:07:24 Removed Skype™ 5.10 20-11-2013 18:22:52 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {07FAFC86-E88B-43BE-8A56-1FE6BD83488B} - System32\Tasks\HPCeeScheduleForthemonument => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard) Task: {1068E9D4-8D9E-41F1-AE04-3D93BF8F959B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {14FF9F2B-F9EF-42D5-96EA-12EB98B99D60} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {2AF9AC4F-C475-4822-83AA-AB1B0F48A5EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company) Task: {2DBB57F9-E229-4D68-B767-D1C0EF35077D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {3D1B35A5-C4AE-4541-852C-94877FA56EF6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2013-09-19] (MyPCBackup.com) Task: {4E3CB1B3-8A60-41A0-B42F-40B2F7C8431B} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.) Task: {6C31043F-7B51-483D-82FE-D50B4D6DEE2B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] () Task: {89F26FB2-A2EB-4432-A034-C2B74D12F136} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink) Task: {95793A23-F540-47DD-A3FA-BFEA0A43DA87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.) Task: {9CEB8EFA-7CA2-4018-9A01-170DB4E37F35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard) Task: {A3CD4104-B908-4A2A-BF50-5B3F1D30784D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.) Task: {BDC59E61-EB5B-4DD1-8C73-7D6FC63D0579} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] () Task: {D00728D0-8BA9-451E-8619-290E25DABEFA} - System32\Tasks\{37459E1B-6047-4A39-AA55-775858439E3E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?page=tsMain Task: {D69C4565-440C-45DE-8A6B-FF9DA4D962D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {EBC15B74-E0FD-40F7-8AF5-3DC4DA373B44} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] () Task: {F0B51FDC-2246-447F-B55F-2B20937B86F5} - System32\Tasks\{1F00C4D4-DD2F-4D99-9E19-6FF2A053A882} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.166.321/de/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForthemonument.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2013-10-05 14:00 - 2013-09-25 06:19 - 00657928 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll 2010-06-10 16:12 - 2010-06-10 16:12 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-06-21 20:36 - 2010-06-21 20:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2010-06-18 15:26 - 2010-06-18 15:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll 2010-06-18 15:26 - 2010-06-18 15:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll 2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll 2013-09-19 23:37 - 2013-09-19 23:37 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll 2013-09-19 23:32 - 2013-09-19 23:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll 2013-02-24 11:05 - 2013-02-22 19:40 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 2013-10-05 14:00 - 2013-09-25 06:19 - 00485384 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll 2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-10-05 14:00 - 2013-09-25 06:19 - 00018952 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetyldr.dll 2013-03-09 18:51 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0\ouservice\PATCHW32.dll 2010-06-16 11:48 - 2010-06-16 11:48 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll 2010-06-16 11:48 - 2010-06-16 11:48 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll 2010-06-16 11:48 - 2010-06-16 11:48 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\themonument\AppData\Roaming\Dropbox\bin\libcef.dll 2011-01-17 15:19 - 2011-06-22 17:01 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2010-02-09 17:58 - 2010-02-09 17:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll 2010-02-09 17:58 - 2010-02-09 17:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll 2010-02-09 17:58 - 2010-02-09 17:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll 2010-02-09 17:58 - 2010-02-09 17:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll 2010-02-09 17:58 - 2010-02-09 17:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll 2010-02-09 17:58 - 2010-02-09 17:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll 2010-02-09 17:58 - 2010-02-09 17:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll 2010-02-09 17:58 - 2010-02-09 17:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll 2013-08-19 08:53 - 2013-11-19 09:45 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-09-19 23:37 - 2013-09-19 23:37 - 03889152 _____ () C:\Program Files (x86)\MyPC Backup\MPCBIconOverlays.dll 2013-09-19 23:32 - 2013-09-19 23:32 - 00904704 _____ () C:\Program Files (x86)\MyPC Backup\x86\System.Data.SQLite.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2013-09-11 08:35 - 2013-09-11 08:35 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/20/2013 07:21:30 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Das erforderliche "name"-Attribut fehlt im assemblyIdentity-Element. Error: (11/20/2013 07:15:26 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: iTunes.exe, Version: 11.1.1.11, Zeitstempel: 0x524a8521 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.17206, Zeitstempel: 0x50e6605e Ausnahmecode: 0x80000003 Fehleroffset: 0x00013219 ID des fehlerhaften Prozesses: 0x18c4 Startzeit der fehlerhaften Anwendung: 0xiTunes.exe0 Pfad der fehlerhaften Anwendung: iTunes.exe1 Pfad des fehlerhaften Moduls: iTunes.exe2 Berichtskennung: iTunes.exe3 Error: (11/20/2013 07:15:05 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1022291 Error: (11/20/2013 07:15:05 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1022291 Error: (11/20/2013 07:15:05 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/20/2013 07:15:04 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1021292 Error: (11/20/2013 07:15:04 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1021292 Error: (11/20/2013 07:15:04 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/20/2013 07:15:03 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1020294 Error: (11/20/2013 07:15:03 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1020294 System errors: ============= Error: (11/21/2013 10:16:19 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/21/2013 10:16:19 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht. Error: (11/14/2013 03:52:57 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht. Error: (11/14/2013 03:16:16 PM) (Source: WMPNetworkSvc) (User: ) Description: 0x80004004-1 Error: (11/14/2013 00:46:32 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/14/2013 00:46:32 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht. Error: (11/14/2013 00:46:11 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HPWMISVC erreicht. Error: (11/14/2013 00:46:02 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/14/2013 00:46:02 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht. Error: (10/25/2013 09:07:29 AM) (Source: DCOM) (User: ) Description: 1053hpqwmiex{F5539356-2F02-40D4-999E-FA61F45FE12E} Microsoft Office Sessions: ========================= Error: (11/20/2013 07:21:30 PM) (Source: SideBySide)(User: ) Description: assemblyIdentitynameC:\Users\THEMON~1\AppData\Local\Temp\701.3619295693371_Update.exeC:\Users\THEMON~1\AppData\Local\Temp\701.3619295693371_Update.exe 3 Error: (11/20/2013 07:15:26 PM) (Source: Application Error)(User: ) Description: iTunes.exe11.1.1.11524a8521KERNELBASE.dll6.1.7600.1720650e6605e800000030001321918c401cee6124335a75eC:\Program Files (x86)\iTunes\iTunes.exeC:\Windows\syswow64\KERNELBASE.dllba0d3c37-520f-11e3-b8f5-91cd62d7d722 Error: (11/20/2013 07:15:05 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1022291 Error: (11/20/2013 07:15:05 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1022291 Error: (11/20/2013 07:15:05 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/20/2013 07:15:04 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1021292 Error: (11/20/2013 07:15:04 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1021292 Error: (11/20/2013 07:15:04 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/20/2013 07:15:03 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1020294 Error: (11/20/2013 07:15:03 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1020294 ==================== Memory info =========================== Percentage of memory in use: 57% Total physical RAM: 3893.86 MB Available physical RAM: 1663.63 MB Total Pagefile: 7785.86 MB Available Pagefile: 4919.1 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:275.82 GB) (Free:145.72 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:21.97 GB) (Free:3.47 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (Steuer2012) (CDROM) (Total:0.5 GB) (Free:0 GB) CDFS Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298 GB) (Disk ID: 80E95C80) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=276 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=22 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ==================== End Of Log ============================ AVIRA Funde: 3 (Datum/Uhrzeit: 20.11.2013, 19:21 h, Typen: Fund) 1. In der Datei C:\Users\themonument\AppData\Local\Temp\is1590112554\18266017_stp\uninstaller.exe'wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Übergeben an Scanner 2. In der Datei 'C:\Users\themonument\AppData\Local\Temp\is1590112554\18266017_stp\uninstaller.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 3. In der Datei 'C:\Users\themonument\AppData\Local\Temp\is1590112554\18266017_stp\uninstaller.exe'wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern |
| Themen zu Windows 7: Webseiten werden auf Werbung umgeleitet und Rechner langsam |
| adblock, adware/installcore.gen, auf werbung umgeleitet, branding, continue, device driver, farbar recovery scan tool, firefox 25.0.1, flash player, icreinstall, iexplore.exe, java/exploit.agent.ptz, launch, malware, officejet, plug-in, programm, pup.optional.datamngr.a, pup.optional.downloadsponsor.a, pup.optional.installcore.a, pup.optional.jumpyapps, pup.optional.moviestoolbar.a, pup.optional.offermosquito.a, pup.optional.optimizerpro.a, pup.optional.optimzerpro.a, pup.optional.safetynut.a, richtlinie, software, somoto, starmoney, vista, wlansvc |
Baum-Darstellung