Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden

WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden


Plagegeister aller Art und deren Bekämpfung: WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.01.2014, 19:50   #1
laika
 
WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden - Standard

WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden


Hallo,

der heutige Scan von Malwarebytes hat den "PUP.Optional.OpenCandy" gefunden. Was kann ich tun, um das Teil von meinem System zu bekommen?
Ist mein Banking momentan mit einer Banksoftware gefährdet?

Anbei meine heutigen Logs:
Malwarebytes
Code:
ATTFilter
 Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.05.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Arbeit :: CORINA-PC [limitiert]

05.01.2014 15:06:08
MBAM-log-2014-01-05 (17-02-59).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 379664
Laufzeit: 1 Stunde(n), 24 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Users\Corina\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

Infizierte Dateien: 2
C:\Sandbox\Arbeit\DVDStyler\drive\C\Users\Corina\AppData\Local\Temp\is-ELHV3.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
D:\Downloads\PhotoStudio\PhotoScape_V3.6.5.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

(Ende)
FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Corina (administrator) on CORINA-PC on 05-01-2014 17:43:02
Running from C:\Users\Arbeit\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) D:\Programme\COMODO\COMODO Internet Security\cmdagent.exe
(Sandboxie Holdings, LLC) D:\Programme\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY (BIT Software)) C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(UASSOFT.COM) D:\Programme\Multimedia Keyboard Driver\V5\KMWDSrv.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(COMODO) D:\Programme\COMODO\COMODO Internet Security\cfp.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sandboxie Holdings, LLC) D:\Programme\Sandboxie\SbieCtrl.exe
(Samsung) D:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() D:\Programme\Audials\Audials 10\AudialsNotifier.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(UASSOFT.COM) D:\Programme\Multimedia Keyboard Driver\V5\StartAutorun.exe
(UASSOFT.COM) D:\Programme\Multimedia Keyboard Driver\V5\KMConfig.exe
(1UP Industries LLC) C:\Program Files\1UPIndustries\Bins\v1.1.0.247\Bins.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(UASSOFT.COM) D:\Programme\Multimedia Keyboard Driver\V5\KMProcess.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(CyberLink Corp.) D:\Programme\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe
() C:\Program Files\1UPIndustries\Bins\v1.1.0.247\Bins32on64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sandboxie Holdings, LLC) D:\Programme\Sandboxie\SbieSvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] - D:\Programme\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Run: [Bins] - C:\Program Files\1UPIndustries\Bins\BinsLauncher.exe [1141296 2013-10-04] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [NPSStartup] - [x]
HKLM-x32\...\Run: [KMConfig] - "D:\Programme\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LexwareInfoService] - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-04-02] (cyberlink)
HKLM-x32\...\Run: [RemoteControl10] - D:\Programme\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] - D:\Programme\KP\KeePass.exe [2065408 2013-11-03] (Dominik Reichl)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - d:\Programme\Malwarebytes\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Policies\Explorer: [NoInternetOpenWith] 1
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
AppInit_DLLs: C:\Windows\System32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32:          C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
Startup: C:\Users\Corina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bins.lnk
ShortcutTarget: Bins.lnk -> C:\Program Files\1UPIndustries\Bins\BinsLauncher.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x66EE1310D47CCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\..\Interfaces\{14EF49D1-697A-47A6-B346-82191205289F}: [NameServer]217.0.43.97,217.0.43.113

FireFox:
========
FF ProfilePath: C:\Users\Corina\AppData\Roaming\Mozilla\Firefox\Profiles\atxh33nn.default
FF Homepage: hxxp://192.168.1.1/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 - d:\Programme\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - D:\Programme\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - d:\Programme\VLC\npvlc.dll No File
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - d:\Programme\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
S2 CLKMSVC10_B6C1BDED; d:\Programme\CyberLink\PowerDVD10\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-04-02] (CyberLink)
R2 cmdAgent; D:\Programme\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 KMWDSERVICE; D:\Programme\Multimedia Keyboard Driver\V5\KMWDSrv.exe [2179072 2007-05-08] (UASSOFT.COM)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 SbieSvc; d:\Programme\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [229520 2011-07-05] (soft Xpansion)

==================== Drivers (Whitelisted) ====================

S2 ASPI32; No ImagePath
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2010-11-05] (C-Media Inc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc.              )
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R2 Jcpacket; C:\Windows\System32\DRIVERS\Jcpacket.sys [23848 2007-04-20] ()
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-10-07] (Audials AG)
S3 rt70x64; C:\Windows\System32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corp.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 SbieDrv; d:\Programme\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
R3 WBSCR; C:\Windows\System32\drivers\wbscr_x64.sys [34304 2005-06-13] (Winbond Electronics Corp.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
S3 PLTurbh; system32\drivers\plturbh.sys [x]
S3 PLTurbo; system32\drivers\plturbo.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-05 17:43 - 2014-01-05 17:43 - 00012250 _____ C:\Users\Arbeit\Desktop\FRST.txt
2014-01-05 17:42 - 2014-01-05 17:42 - 00000000 ____D C:\FRST
2014-01-05 17:40 - 2014-01-05 17:40 - 00377856 _____ C:\Users\Arbeit\Desktop\gmer_2.1.19163.exe
2014-01-05 17:38 - 2014-01-05 17:39 - 01931368 _____ (Farbar) C:\Users\Arbeit\Desktop\FRST64.exe
2014-01-05 12:27 - 2014-01-05 15:05 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\TV-Browser
2014-01-05 11:57 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-05 11:08 - 2014-01-05 11:51 - 00000112 _____ C:\Windows\setupact.log
2014-01-05 11:08 - 2014-01-05 11:08 - 00000000 _____ C:\Windows\setuperr.log
2014-01-04 00:20 - 2014-01-04 00:21 - 00001397 _____ C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-01-04 00:20 - 2014-01-04 00:20 - 00002207 _____ C:\Users\Arbeit\Desktop\Torch.lnk
2014-01-04 00:20 - 2014-01-04 00:20 - 00000000 ____D C:\Users\Corina\AppData\Roaming\TFP
2014-01-04 00:20 - 2014-01-04 00:20 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-01-04 00:20 - 2014-01-04 00:20 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2014-01-04 00:20 - 2012-05-11 15:47 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2014-01-04 00:20 - 2012-05-11 15:47 - 00119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2014-01-04 00:20 - 2012-05-11 15:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2014-01-04 00:19 - 2014-01-04 00:20 - 00000000 ____D C:\Users\Arbeit\AppData\Local\Torch
2014-01-01 23:48 - 2014-01-01 23:48 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kalender-Excel-8.10
2014-01-01 23:21 - 2014-01-01 23:21 - 00000000 ____D C:\Excelvorlage Geburtstagskalender
2014-01-01 23:17 - 2014-01-01 23:17 - 00163718 _____ C:\Users\Arbeit\Desktop\Garageneinfahrt.odt
2013-12-14 12:46 - 2013-12-14 12:46 - 00000000 ____D C:\Users\Corina\AppData\Local\calibre-cache
2013-12-13 13:34 - 2013-12-13 13:44 - 00000000 ____D C:\Users\Arbeit\Documents\My Kindle Content
2013-12-13 13:34 - 2013-12-13 13:34 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-12-13 13:34 - 2013-12-13 13:34 - 00000000 ____D C:\Users\Arbeit\AppData\Local\Amazon
2013-12-12 23:12 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 23:12 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 23:12 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 23:12 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 23:09 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 23:09 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 23:09 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 23:09 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 23:09 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 23:09 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 23:09 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 23:09 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 23:09 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 23:09 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 23:09 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 23:09 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 23:09 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 23:09 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 23:09 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 23:09 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 23:09 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 23:09 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 23:09 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 23:09 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 23:09 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 23:09 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 23:09 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 23:09 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 23:09 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 23:09 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 23:09 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 23:09 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 23:09 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 23:09 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 23:09 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 13:54 - 2013-12-12 13:54 - 00009380 _____ C:\Users\Arbeit\Desktop\DRM.odt
2013-12-12 13:12 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 13:12 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 13:12 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 13:12 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 13:12 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 13:12 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 13:12 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 13:12 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 13:12 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 13:12 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 13:12 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 13:12 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 13:12 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 13:12 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 13:12 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 13:12 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 13:12 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 13:12 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 13:12 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 13:08 - 2013-12-12 14:08 - 09293192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-08 21:56 - 2013-12-09 00:03 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\PhotoScape
2013-12-08 20:50 - 2013-12-08 21:33 - 00000000 ____D C:\Users\Corina\AppData\Roaming\PhotoScape
2013-12-08 20:50 - 2013-12-08 20:50 - 00000678 _____ C:\Users\Corina\Desktop\PhotoScape.lnk
2013-12-08 19:58 - 2013-12-08 20:04 - 00001042 _____ C:\Users\Corina\Desktop\DigiFoto4.lnk

==================== One Month Modified Files and Folders =======

2014-01-05 17:43 - 2014-01-05 17:43 - 00012250 _____ C:\Users\Arbeit\Desktop\FRST.txt
2014-01-05 17:42 - 2014-01-05 17:42 - 00000000 ____D C:\FRST
2014-01-05 17:40 - 2014-01-05 17:40 - 00377856 _____ C:\Users\Arbeit\Desktop\gmer_2.1.19163.exe
2014-01-05 17:40 - 2011-07-05 16:09 - 00008188 _____ C:\Windows\Sandboxie.ini
2014-01-05 17:39 - 2014-01-05 17:38 - 01931368 _____ (Farbar) C:\Users\Arbeit\Desktop\FRST64.exe
2014-01-05 17:08 - 2012-12-29 18:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-05 15:05 - 2014-01-05 12:27 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\TV-Browser
2014-01-05 12:11 - 2010-11-05 11:08 - 01941803 _____ C:\Windows\WindowsUpdate.log
2014-01-05 11:58 - 2009-07-14 05:45 - 00013536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 11:58 - 2009-07-14 05:45 - 00013536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 11:51 - 2014-01-05 11:08 - 00000112 _____ C:\Windows\setupact.log
2014-01-05 11:51 - 2011-10-07 18:46 - 00000518 _____ C:\Windows\Tasks\MAGIX Treiberinstallation.job
2014-01-05 11:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 11:08 - 2014-01-05 11:08 - 00000000 _____ C:\Windows\setuperr.log
2014-01-04 20:24 - 2010-11-05 11:05 - 00000000 ____D C:\Windows\Panther
2014-01-04 00:21 - 2014-01-04 00:20 - 00001397 _____ C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-01-04 00:20 - 2014-01-04 00:20 - 00002207 _____ C:\Users\Arbeit\Desktop\Torch.lnk
2014-01-04 00:20 - 2014-01-04 00:20 - 00000000 ____D C:\Users\Corina\AppData\Roaming\TFP
2014-01-04 00:20 - 2014-01-04 00:20 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-01-04 00:20 - 2014-01-04 00:20 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2014-01-04 00:20 - 2014-01-04 00:19 - 00000000 ____D C:\Users\Arbeit\AppData\Local\Torch
2014-01-02 10:02 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-01 23:48 - 2014-01-01 23:48 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kalender-Excel-8.10
2014-01-01 23:21 - 2014-01-01 23:21 - 00000000 ____D C:\Excelvorlage Geburtstagskalender
2014-01-01 23:17 - 2014-01-01 23:17 - 00163718 _____ C:\Users\Arbeit\Desktop\Garageneinfahrt.odt
2014-01-01 15:50 - 2010-11-06 14:39 - 00002568 ___SH C:\ProgramData\KGyGaAvL.sys
2013-12-31 15:04 - 2009-07-14 18:58 - 00654150 _____ C:\Windows\system32\perfh007.dat
2013-12-31 15:04 - 2009-07-14 18:58 - 00130022 _____ C:\Windows\system32\perfc007.dat
2013-12-31 15:04 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 19:56 - 2011-10-20 10:48 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-12-27 14:14 - 2013-11-18 17:52 - 00000000 _____ C:\Windows\lgfwup.ini
2013-12-17 19:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2013-12-16 22:21 - 2013-04-01 18:19 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Mp3tag
2013-12-16 11:51 - 2013-10-06 11:13 - 00000000 ____D C:\Users\Arbeit\Documents\PowerLame
2013-12-16 10:23 - 2013-08-14 16:48 - 00000000 ____D C:\Windows\system32\MRT
2013-12-16 10:16 - 2010-11-05 11:37 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 12:46 - 2013-12-14 12:46 - 00000000 ____D C:\Users\Corina\AppData\Local\calibre-cache
2013-12-14 12:46 - 2011-10-31 19:24 - 00000000 ____D C:\Users\Corina\AppData\Roaming\calibre
2013-12-14 12:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 13:44 - 2013-12-13 13:34 - 00000000 ____D C:\Users\Arbeit\Documents\My Kindle Content
2013-12-13 13:34 - 2013-12-13 13:34 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-12-13 13:34 - 2013-12-13 13:34 - 00000000 ____D C:\Users\Arbeit\AppData\Local\Amazon
2013-12-13 13:06 - 2009-07-14 05:45 - 00393248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 18:57 - 2011-10-20 10:49 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\calibre
2013-12-12 15:08 - 2012-12-29 18:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-12 14:08 - 2013-12-12 13:08 - 09293192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-12 14:08 - 2012-12-29 18:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-12 14:08 - 2012-12-29 18:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 13:54 - 2013-12-12 13:54 - 00009380 _____ C:\Users\Arbeit\Desktop\DRM.odt
2013-12-10 12:26 - 2013-03-27 17:28 - 00000000 ____D C:\Users\Arbeit\Documents\My Digital Editions
2013-12-09 00:03 - 2013-12-08 21:56 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\PhotoScape
2013-12-08 21:33 - 2013-12-08 20:50 - 00000000 ____D C:\Users\Corina\AppData\Roaming\PhotoScape
2013-12-08 20:50 - 2013-12-08 20:50 - 00000678 _____ C:\Users\Corina\Desktop\PhotoScape.lnk
2013-12-08 20:04 - 2013-12-08 19:58 - 00001042 _____ C:\Users\Corina\Desktop\DigiFoto4.lnk
2013-12-08 19:56 - 2010-11-05 16:20 - 00102576 _____ C:\Users\Arbeit\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-08 19:50 - 2010-11-05 12:49 - 00102576 _____ C:\Users\Corina\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-08 19:33 - 2010-11-05 11:14 - 00000000 ____D C:\Users\Corina

Some content of TEMP:
====================
C:\Users\Arbeit\AppData\Local\Temp\SandboxieInstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 14:22

==================== End Of Log ============================
Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by Corina at 2014-01-05 17:44:14
Running from C:\Users\Arbeit\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Professional Edition (x32 Version: 9.00.724.5507 - ABBYY)
AdminManager (Version: 4.0.0 - silex technology, Inc.)
Adobe Digital Editions 2.0 (x32 Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Audials (x32 Version: 10.3.34300.0 - Audials AG)
Bins (Version:  - 1UP Industries LLC)
calibre (x32 Version: 1.17.0 - Kovid Goyal)
Canon Inkjet Printer Driver Add-On Module (Version:  - )
Canon My Printer (x32 Version: 3.0.0 - Canon Inc.)
CCleaner (Version: 4.09 - Piriform)
CD-LabelPrint (x32 Version:  - )
COMODO Internet Security (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
CompuLearn Franzoesisch (x32 Version:  - )
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang BR (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang EN (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang FR (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang IT (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang NL (x32 Version: 14.2 - Uw bedrijfsnaam) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (x32 Version:  - Corel Corporation)
CPUID CPU-Z 1.60 (Version:  - )
CrystalDiskInfo 3.10.0 (x32 Version: 3.10.0 - Crystal Dew World)
CX Print (Version: 2.6.0 - silex technology, Inc.)
CyberLink PowerDVD 10 (x32 Version: 10.0.5202.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.5202.52 - CyberLink Corp.) Hidden
DDBAC (x32 Version: 5.3.20 - DataDesign)
DDBAC (x32 Version: 5.3.21 - DataDesign)
ESET NOD32 Antivirus (Version: 7.0.302.26 - ESET, spol s r. o.)
GalleryImages (x32 Version: 1.00.0000 - Your Company Name) Hidden
HTML Studio (x32 Version:  - Michael Elsdörfer)
Java 7 Update 40 (x32 Version: 7.0.400 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 2.24 (x32 Version: 2.24 - Dominik Reichl)
L&H TTS3000 Deutsch (x32 Version:  - )
Lexware Info Service (x32 Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (x32 Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Keyboard Driver (x32 Version: 2.0 - Ihr Firmenname)
Multimedia Keyboard Driver (x32 Version: 2.0 - Ihr Firmenname) Hidden
MusicBee 2.0 (x32 Version: 2.0 - Steven Mayall)
MyFreeCodec (HKCU Version:  - )
MyMDb 3.6 (x32 Version:  - )
MyPhoneExplorer (x32 Version: 1.8.4 - F.J. Wechselberger)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1 - NAVIGON)
Nitro Reader 3 (Version: 3.5.2.10 - Nitro)
NVIDIA Display Control Panel (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 307.83 (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
PHOTOfunSTUDIO (x32 Version: 3.00.000 - Panasonic)
PhotoScape (x32 Version:  - )
PowerLame (remove only) (x32 Version: 4.0 - Marcel Dyka)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quicken DELUXE 2014 (x32 Version: 21.36.00.0178 - Haufe-Lexware GmbH & Co.KG)
Quicken Jubiläumsversion (x32 Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)
Recuva (Version: 1.43 - Piriform)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.06 (64-bit) (Version: 4.06 - Sandboxie Holdings, LLC)
ScanWizard 5 (x32 Version:  - )
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
soft Xpansion Perfect Print 6 Express (x32 Version: 6.6.3 - soft Xpansion)
SP2GalleryImages (x32 Version: 1.00.0000 - Your Company Name) Hidden
Speccy (Version: 1.17 - Piriform)
Sun ODF Plugin for Microsoft Office 3.2 (x32 Version: 3.2.9483 - Sun Microsystems)
t@x 2013 (x32 Version: 20.00.8137 - Buhl Data Service GmbH)
TV-Browser 3.3.3 (x32 Version: 3.3.3 - TV-Browser Team)
UnderCoverXP 1.23 (x32 Version:  - Wicked & Wild Inc.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Wise Disk Cleaner 7.62 (x32 Version:  - WiseCleaner.com, Inc.)
Wise Registry Cleaner 7.44 (x32 Version:  - WiseCleaner.com, Inc.)
Wondershare Photo Story Platinum 3.4.1.3 (x32 Version: 3.4.1.3 - Wondershare Software Co.,Ltd.)
Wondershare Style Resources version 3.2.1 (x32 Version: 3.2.1 - Wondershare Software Co.,Ltd.)
Xilisoft Video Converter Platinum 6 (x32 Version: 6.0.7.0825 - Xilisoft)

==================== Restore Points  =========================

12-12-2013 22:06:57 Windows Update
14-12-2013 11:43:02 Installed calibre
16-12-2013 09:14:47 Windows Update
17-12-2013 18:48:19 DDBAC wird installiert
23-12-2013 21:18:20 Installed calibre
28-12-2013 18:51:10 Installed calibre

==================== Hosts content: ==========================

2009-07-14 03:34 - 2011-07-05 17:16 - 00000825 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00B6E6EA-22BF-413A-A505-1CDFCD21FE00} - System32\Tasks\{4E274EBB-16EA-4A61-8226-741B9DF1E6E7} => F:\CYGiS0\keygen.exe
Task: {1B9ADA6A-A8CC-4B9D-A5BF-EAD9A2F6CF9E} - System32\Tasks\{5A805F22-0047-41DF-AFBD-A411A4674331} => F:\CYGiS0\keygen.exe
Task: {34C5348B-6E7B-4577-A342-9BEE87E46E24} - System32\Tasks\{40C1F912-114D-40E7-A360-1F99D471379A} => F:\CYGiS0\keygen.exe
Task: {77A42456-CED0-43D7-A9A2-9D97523A4DFE} - System32\Tasks\{116A5785-D28C-4894-A707-C69B44A1BFB0} => F:\CYGiS0\keygen.exe
Task: {7F516CD8-05AA-4170-AD80-AE6FF31A895E} - System32\Tasks\Bins-UAC-Helper => C:\Program Files\1UPIndustries\Bins\v1.1.0.247\Bins.exe [2013-10-04] (1UP Industries LLC)
Task: {82DDD7C8-1CB7-4425-AA95-53E3B7409F0B} - System32\Tasks\{885B972D-58FA-4168-B587-73D9E32E139C} => F:\CYGiS0\keygen.exe
Task: {9C46A389-66B6-4AA1-85AB-FF0F12724648} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A49E5DEE-5112-4177-8203-3828F85C831A} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {B7B2E0CA-FF2A-486C-8FCC-971CCA5CFF75} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12] (Adobe Systems Incorporated)
Task: {D7208FAB-4955-4EBC-8AAE-B2CF1727EEA0} - System32\Tasks\MAGIX Treiberinstallation => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-Version\DriverInstaller.exe
Task: {FC867506-B5B3-43BA-85C9-2C59E6297907} - System32\Tasks\{7AC35726-DFDD-46A2-A0E4-09BAB994E3E2} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\MAGIX Treiberinstallation.job => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-Version\DriverInstaller.exe

==================== Loaded Modules (whitelisted) =============

2013-10-17 22:34 - 2013-10-04 02:22 - 00767488 _____ () C:\Program Files\1UPIndustries\Bins\v1.1.0.247\TaskbarDockAppIntegration64.dll
2013-10-17 22:34 - 2010-07-27 13:56 - 00654336 _____ () C:\Program Files\1UPIndustries\Bins\v1.1.0.247\EasyHook64.dll
2013-10-17 22:34 - 2013-10-04 02:22 - 01539632 _____ () C:\Program Files\1UPIndustries\Bins\v1.1.0.247\TaskbarDockShellIntegration64.dll
2013-10-17 22:34 - 2013-10-04 02:22 - 00634368 _____ () C:\Program Files\1UPIndustries\Bins\v1.1.0.247\TaskbarDockAppIntegration32.dll
2013-10-17 22:34 - 2010-07-27 13:56 - 00552960 _____ () C:\Program Files\1UPIndustries\Bins\v1.1.0.247\EasyHook32.dll
2013-10-23 11:03 - 2013-10-23 11:03 - 00585216 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\ManagedInterfaces\ee4d1a77713160787342b4c11fdeeabe\ManagedInterfaces.ni.dll
2013-10-23 11:04 - 2013-10-23 11:04 - 02529792 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\AudialsComponents\a7c4d67b040c3aa527661c5b36127f56\AudialsComponents.ni.dll
2013-10-23 11:04 - 2013-10-23 11:04 - 00043008 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\jData\dea2c080d134b2fc034e7f2b5f65b833\jData.ni.dll
2013-10-23 11:04 - 2013-10-23 11:04 - 00267264 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\Utils\e667b1523c75a821973fce851d5177df\Utils.ni.dll
2013-10-23 11:04 - 2013-10-23 11:04 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\fastJSON\120618aefc9cc7aea43ee04bcfaac3dd\fastJSON.ni.dll
2013-10-23 11:04 - 2013-10-23 11:04 - 00223232 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\SmartThreadPool\ddac9ea887ba52ea598349f61fd9431b\SmartThreadPool.ni.dll
2013-10-23 11:04 - 2013-10-23 11:04 - 00480256 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\RSControls\7eff44928b0cb32575355b9a7355aef5\RSControls.ni.dll
2013-10-23 11:04 - 2013-10-23 11:04 - 00073216 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\CrashHandlerNET\456adb8b7ab3411f00e91de7348016c7\CrashHandlerNET.ni.dll
2013-10-07 08:01 - 2013-10-07 08:01 - 00046080 _____ () D:\Programme\Audials\Audials 10\boost_thread-vc90-mt-1_39.dll
2013-10-07 08:01 - 2013-10-07 08:01 - 00045056 _____ () D:\Programme\Audials\Audials 10\boost_date_time-vc90-mt-1_39.dll
2013-10-07 08:02 - 2013-10-07 08:02 - 00545032 _____ () D:\Programme\Audials\Audials 10\StreamingClient.dll
2013-10-07 08:01 - 2013-10-07 08:01 - 00012800 _____ () D:\Programme\Audials\Audials 10\boost_system-vc90-mt-1_39.dll
2013-10-07 08:01 - 2013-10-07 08:01 - 00068360 _____ () D:\Programme\Audials\Audials 10\CrashRpt.dll
2013-10-07 08:02 - 2013-10-07 08:02 - 00409352 _____ () D:\Programme\Audials\Audials 10\SQLite3.dll
2013-10-07 08:01 - 2013-10-07 08:01 - 00614912 _____ () D:\Programme\Audials\Audials 10\boost_regex-vc90-mt-1_39.dll
2013-10-07 08:01 - 2013-10-07 08:01 - 00249096 _____ () D:\Programme\Audials\Audials 10\de-DE\AudialsNotifier.resources.dll
2007-08-05 21:31 - 2007-08-05 21:31 - 00114688 _____ () D:\Programme\Multimedia Keyboard Driver\V5\keydll.dll
2007-08-05 22:53 - 2007-08-05 22:53 - 00053248 _____ () D:\Programme\Multimedia Keyboard Driver\V5\MouseHook.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: MSI Bluetooth Device
Description: MSI Bluetooth Device
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: MicroStar
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: RT2500 USB Wireless LAN Card
Description: RT2500 USB Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology Corp.
Service: rt70x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2014 11:09:30 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:30 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:30 AM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:30 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (01/05/2014 11:09:21 AM) (Source: ESENT) (User: )
Description: Windows (3172) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS003E3.log.


System errors:
=============
Error: (01/05/2014 01:06:30 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (01/05/2014 11:51:17 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/05/2014 11:09:30 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/05/2014 11:09:30 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (01/05/2014 11:08:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/04/2014 07:59:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/03/2014 07:10:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/02/2014 02:21:50 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (01/02/2014 00:35:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/02/2014 10:19:01 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.


Microsoft Office Sessions:
=========================
Error: (01/05/2014 11:09:30 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:30 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:30 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/05/2014 11:09:30 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (01/05/2014 11:09:21 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (01/05/2014 11:09:21 AM) (Source: ESENT)(User: )
Description: Windows3172Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS003E3.log-1811


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 2815.55 MB
Available physical RAM: 1460.86 MB
Total Pagefile: 6909.73 MB
Available Pagefile: 5021.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:73.4 GB) (Free:26.08 GB) NTFS
Drive d: () (Fixed) (Total:75.55 GB) (Free:16.65 GB) NTFS
Drive g: () (Fixed) (Total:149.05 GB) (Free:25.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 97559755)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=76 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 20452044)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Der Logfile von GMER ist zu groß. Deshalb als Anhang.

Für Eure Hilfe im voraus ein großes Danke.

Grüße
laika

 

Themen zu WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden
.com, 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, converter, cpu-z, defender, explorer, flash player, helper, home, homepage, logfile, mozilla, mp3, neustart, plug-in, realtek, registry, rundll, scan, security, services.exe, svchost.exe, system, temp, usb, warnung, winlogon.exe


« "Nation Zoom" eingefangen, nicht zu entfernen | Interpol-Sperrbildschirm,Windows7Professional, PC startet im abgesichterten Modus von alleine neu »


Ähnliche Themen: WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden


  1. Malwarebytes findet PUP.Optional.Koyote und PUP.Optional.OpenCandy
    Log-Analyse und Auswertung - 16.10.2014 (1)
  2. Windows XP: Malwarebytes hat PUP.Optional.OpenCandy gefunden
    Log-Analyse und Auswertung - 28.07.2014 (3)
  3. Security.Hijack, PUP.Optional.OpenCandy, PUP.Optional.Somoto, PUP.Optional.MoviesToolBar etc gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (1)
  4. PUP.Optional.OpenCandy mit Malwarebytes
    Log-Analyse und Auswertung - 10.02.2014 (21)
  5. Malwarebytes findet PUP.Optional.Iminent.A und PUP.Optional.OpenCandy
    Log-Analyse und Auswertung - 25.01.2014 (7)
  6. Malwarebytes hat PUP.Optional.OpenCandy und noch mehr Malware gefunden. 9 Funde insgesamt.
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (3)
  7. pup.optional.opencandy und .installcore.A mit Malwarebytes
    Log-Analyse und Auswertung - 16.12.2013 (3)
  8. PUP.Optional.OpenCandy mit Malwarebytes gefunden
    Log-Analyse und Auswertung - 09.12.2013 (9)
  9. PUP.Optional.Opencandy: 3 Virenfunde durch Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 07.12.2013 (6)
  10. Malwarebytes 13 Funde (PUP.Optional.OpenCandy etc.)
    Log-Analyse und Auswertung - 16.11.2013 (9)
  11. malwarebytes findet Pup.optional.Tarma.a, Pup.optional.OpenCandy und Trojan.Downloader
    Log-Analyse und Auswertung - 13.10.2013 (12)
  12. Malwarebytes und Avira finden PUP.Optional.OpenCandy, PUP.Optional.Softonic, ADWARE/InstallCo.HF
    Log-Analyse und Auswertung - 14.09.2013 (9)
  13. Malwarebytes findet PUP.optional.opencandy
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (15)
  14. pup.optional.opencandy von Malwarebytes gefunden
    Log-Analyse und Auswertung - 28.08.2013 (4)
  15. pup.optional.opencandy von Malwarebytes gefunden
    Log-Analyse und Auswertung - 20.08.2013 (7)
  16. PUP.Optional.OpenCandy mit Malwarebytes auf Win7 (64bit) gefunden
    Log-Analyse und Auswertung - 19.08.2013 (8)
  17. Windows 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.08.2013 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden - Hallo, der heutige Scan von Malwarebytes hat den "PUP.Optional.OpenCandy" gefunden. Was kann ich tun, um das Teil von meinem System zu bekommen? Ist mein Banking momentan mit einer Banksoftware gefährdet? - WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden...
Archiv
Du betrachtest: WIN 7: PUP.Optional.OpenCandy mit Malwarebytes gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131