| |
| |||||||
Log-Analyse und Auswertung: Windows 8 64bit HDD arbeitet ständigWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.01.2014, 20:12
| #1 |
| |  Windows 8 64bit HDD arbeitet ständig Die Festplatte meines Laptops ist ständig am Arbeiten, des weiteren bleibt der Laptop manchmal stehen, so dass man nicht mehr in der Lage ist auch nur irgendetwas zu unternehmen. Dann bleibt nur eines solange den Ausschalter drücken bis der Laptop ausgeht. Desweiteren befand sich eine Datei mit dem Namen Lollipop.exe auf meinem System. Die Anwendung ließ sich zwar löschen, aber ich bin nicht so ganz davon überzeugt, dass die Anwendung auch wirklich verschwunden ist von meinem Computer. Farbar Recovery Scan FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03
Ran by Michelle (administrator) on MICHELLE-PC on 16-01-2014 17:51:40
Running from C:\Users\Michelle\Downloads
Windows 8.1 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Windows\System32\DlProtectSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Download Protect] - C:\ProgramData\dlprotect.exe [12800 2014-01-16] ()
HKLM-x32\...\Runonce: [DelTr80777796] - cmd.exe /c rd /s /q "C:\Users\Michelle\AppData\Roaming\mysearchdial" [x]
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_CURRENT_USER\Software\SearchProtect /f [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKCU\...\Run: [NextLive] - C:\Users\Michelle\AppData\Roaming\newnext.me\nengine.dll [1283584 2013-11-14] (NewNextDotMe)
HKCU\...\Run: [BackgroundContainer] - C:\Users\Michelle\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [319264 2013-11-06] (Conduit Ltd.) <===== ATTENTION
HKCU\...\Runonce: [DelTr80777796] - cmd.exe /c rd /s /q "C:\Users\Michelle\AppData\Roaming\mysearchdial"
HKCU\...\Runonce: [SpUninstallDeleteDir] - rmdir /s /q "C:\Users\Michelle\AppData\Roaming\SearchProtect"
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=B2C1081196E788C4&affID=120524&tsp=5037
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0FyE0FtD0Dzy0A0ByDtN0D0Tzu0SyBtDyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=368271547&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0FyE0FtD0Dzy0A0ByDtN0D0Tzu0SyBtDyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=368271547&ir=
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0FyE0FtD0Dzy0A0ByDtN0D0Tzu0SyBtDyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=368271547&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0FyE0FtD0Dzy0A0ByDtN0D0Tzu0SyBtDyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=368271547&ir=
SearchScopes: HKLM-x32 - DefaultScope {84289654-DC88-43D2-81F6-991904D010A0} URL =
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=3BE336EE-44B6-44FA-A282-53EBA4BA0005&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {84289654-DC88-43D2-81F6-991904D010A0} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317893&CUI=UN36983348481055011&UM=2
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0FyE0FtD0Dzy0A0ByDtN0D0Tzu0SyBtDyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=368271547&ir=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B2C1081196E788C4&affID=120524&tsp=5037
SearchScopes: HKCU - {84289654-DC88-43D2-81F6-991904D010A0} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317893&CUI=UN36983348481055011&UM=2
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=3BE336EE-44B6-44FA-A282-53EBA4BA0005&ref=toolbox&q={searchTerms}
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://start.mysearchdial.com/?f=1&a=irmsd1103&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0FyE0FtD0Dzy0A0ByDtN0D0Tzu0SyBtDyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=368271547&ir=", "hxxp://start.iminent.com/?appId=3BE336EE-44B6-44FA-A282-53EBA4BA0005", "hxxp://search.conduit.com/?ctid=CT3317893&SearchSource=48&CUI=UN24716719002469316&UM=2"
CHR Extension: (Google Docs) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-11-02]
CHR Extension: (Google Drive) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-11-02]
CHR Extension: (YouTube) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-11-02]
CHR Extension: (Google Search) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-11-02]
CHR Extension: (Google Wallet) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-23]
CHR Extension: (Gmail) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2013-11-02]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Michelle\AppData\Local\mysearchdial-speeddial.crx [2013-12-07]
CHR HKCU\...\Chrome\Extension: [jbaaieplnliapedmcbfgfijinolepige] - C:\Users\Michelle\AppData\Local\CRE\jbaaieplnliapedmcbfgfijinolepige.crx [2014-01-12]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Michelle\AppData\Local\mysearchdial-speeddial.crx [2013-12-07]
CHR HKLM-x32\...\Chrome\Extension: [jbaaieplnliapedmcbfgfijinolepige] - C:\Users\Michelle\AppData\Local\CRE\jbaaieplnliapedmcbfgfijinolepige.crx [2014-01-12]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Michelle\AppData\Local\mysearchdial-speeddial.crx [2013-12-07]
==================== Services (Whitelisted) =================
U2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-31] (Broadcom Corp.)
U2 cacls64; C:\WINDOWS\system32\imapi3fs.exe [118784 2014-01-16] ()
U2 DlProtectSvc; C:\Windows\System32\DlProtectSvc.exe [125440 2014-01-16] ()
U2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
U2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
U2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
U2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2905408 2013-12-16] (Iminent)
U2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2013-10-18] (Enigma Software Group USA, LLC.)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
U2 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-16 17:51 - 2014-01-16 17:52 - 00012852 _____ C:\Users\Michelle\Downloads\FRST.txt
2014-01-16 17:51 - 2014-01-16 17:51 - 00000000 ____D C:\FRST
2014-01-16 17:50 - 2014-01-16 17:50 - 02076160 _____ (Farbar) C:\Users\Michelle\Downloads\FRST64.exe
2014-01-16 16:56 - 2014-01-16 16:56 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2014-01-16 14:58 - 2014-01-16 14:58 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2014-01-16 14:57 - 2014-01-16 14:58 - 00000000 ____D C:\c54de47fdab6bb65d723cd9abcf8
2014-01-16 14:56 - 2014-01-16 14:57 - 13697720 _____ (Microsoft Corporation) C:\Users\Michelle\Downloads\mseinstall.exe
2014-01-16 14:56 - 2014-01-16 14:56 - 00000000 ____D C:\Users\Michelle\AppData\Local\SearchProtect
2014-01-16 10:03 - 2014-01-16 10:03 - 00384458 _____ C:\Users\Michelle\Downloads\Nicht bestätigt 461972.crdownload
2014-01-16 10:02 - 2014-01-16 10:02 - 00621288 _____ C:\Users\Michelle\Downloads\AdwCleaner_Setup_Download (2).exe
2014-01-16 10:02 - 2014-01-16 10:02 - 00125440 _____ C:\WINDOWS\system32\DlProtectSvc.exe
2014-01-16 10:02 - 2014-01-16 10:02 - 00118784 _____ C:\WINDOWS\system32\imapi3fs.exe
2014-01-16 10:02 - 2014-01-16 10:02 - 00012800 _____ C:\ProgramData\dlprotect.exe
2014-01-16 10:02 - 2014-01-16 10:02 - 00003388 _____ C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
2014-01-16 10:02 - 2014-01-16 10:02 - 00000000 ____D C:\ProgramData\Conduit
2014-01-16 10:02 - 2014-01-16 10:02 - 00000000 ____D C:\Program Files (x86)\Conduit
2014-01-16 10:01 - 2014-01-16 15:19 - 00000000 ____D C:\Users\Michelle\AppData\Local\Conduit
2014-01-16 10:01 - 2014-01-16 10:03 - 43055452 _____ (Emsisoft GmbH ) C:\Users\Michelle\Downloads\Nicht bestätigt 964405.crdownload
2014-01-16 10:01 - 2014-01-16 10:01 - 00621288 _____ C:\Users\Michelle\Downloads\AdwCleaner_Setup_Download (1).exe
2014-01-16 10:01 - 2014-01-16 10:01 - 00000000 ____D C:\Users\Michelle\AppData\Local\NativeMessaging
2014-01-16 10:01 - 2014-01-16 10:01 - 00000000 ____D C:\Users\Michelle\AppData\Local\CRE
2014-01-16 10:00 - 2014-01-16 10:02 - 00000009 _____ C:\END
2014-01-16 09:59 - 2014-01-16 10:03 - 00000000 ____D C:\Users\Michelle\AppData\Local\DownloadGuide
2014-01-16 09:59 - 2014-01-16 09:59 - 00621288 _____ C:\Users\Michelle\Downloads\AdwCleaner_Setup_Download.exe
2014-01-16 09:54 - 2014-01-16 09:59 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-16 09:54 - 2014-01-16 09:54 - 00001395 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-16 09:54 - 2014-01-16 09:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2014-01-16 09:54 - 2014-01-16 09:54 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-16 09:54 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-01-16 09:52 - 2014-01-16 09:53 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Michelle\Downloads\spybot-2.2.25.exe
2014-01-16 09:25 - 2014-01-16 09:25 - 00000000 _____ C:\autoexec.bat
2014-01-16 09:24 - 2014-01-16 09:24 - 00003344 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2014-01-16 09:24 - 2014-01-16 09:24 - 00002280 _____ C:\Users\Michelle\Desktop\SpyHunter.lnk
2014-01-16 09:24 - 2014-01-16 09:24 - 00000000 ____D C:\WINDOWS\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-16 09:24 - 2014-01-16 09:24 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-01-16 09:24 - 2014-01-16 09:24 - 00000000 ____D C:\sh4ldr
2014-01-16 09:24 - 2014-01-16 09:24 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-16 09:24 - 2012-06-22 11:01 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2014-01-16 09:22 - 2014-01-16 09:22 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Michelle\Downloads\SpyHunter-Installer.exe
2014-01-16 09:22 - 2014-01-16 09:22 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Michelle\Downloads\SpyHunter-Installer (1).exe
2014-01-10 12:02 - 2014-01-10 12:02 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-10 12:02 - 2014-01-10 12:02 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-10 12:02 - 2014-01-10 12:02 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-10 12:02 - 2014-01-10 12:02 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-10 12:02 - 2014-01-10 12:02 - 00000000 ____D C:\ProgramData\Oracle
2014-01-10 12:02 - 2014-01-10 12:02 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-06 11:15 - 2014-01-06 11:15 - 00000000 _____ C:\Users\Michelle\Desktop\SharePodSettings.xml
2014-01-06 11:12 - 2014-01-16 09:24 - 00000000 ____D C:\Users\Michelle\Desktop\music neu
2014-01-06 10:56 - 2014-01-06 10:56 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\SharePod
2014-01-06 10:31 - 2014-01-06 12:03 - 00000000 ____D C:\Users\Michelle\Desktop\Sharepod
2014-01-06 10:30 - 2014-01-12 20:19 - 00000000 ____D C:\Users\Michelle\Desktop\sonstiges
2014-01-06 10:29 - 2014-01-06 10:43 - 00030408 _____ C:\Users\Michelle\Desktop\SharePod.log
2014-01-06 10:28 - 2014-01-06 10:28 - 00000635 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2014-01-06 10:28 - 2014-01-06 10:28 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\Windows Net Data
2014-01-06 10:26 - 2014-01-06 10:26 - 00401744 _____ (Softonic ) C:\Users\Michelle\Downloads\SoftonicDownloader_fuer_sharepod.exe
2014-01-05 21:48 - 2014-01-05 21:50 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\Apple Computer
2014-01-05 21:48 - 2014-01-05 21:48 - 00000000 ____D C:\Users\Michelle\AppData\Local\Apple Computer
2014-01-05 21:48 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-01-05 21:47 - 2014-01-05 21:48 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-05 21:47 - 2014-01-05 21:48 - 00000000 ____D C:\Program Files\iTunes
2014-01-05 21:47 - 2014-01-05 21:48 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-05 21:47 - 2014-01-05 21:47 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-05 21:47 - 2014-01-05 21:47 - 00000000 ____D C:\Program Files\iPod
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Users\Michelle\AppData\Local\Apple
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\ProgramData\Apple
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Program Files\Bonjour
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-01-05 21:45 - 2014-01-05 21:46 - 100400976 _____ (Apple Inc.) C:\Users\Michelle\Downloads\iTunes64Setup.exe
2013-12-31 17:32 - 2013-12-31 17:32 - 00000000 ____D C:\ProgramData\Sun
2013-12-31 17:31 - 2013-12-31 17:31 - 00000000 ____D C:\Users\Michelle\.android
2013-12-31 17:30 - 2014-01-16 17:30 - 00000328 _____ C:\WINDOWS\Tasks\UpdaterEX.job
2013-12-31 17:30 - 2014-01-16 14:55 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\newnext.me
2013-12-31 17:30 - 2013-12-31 17:34 - 00000000 ____D C:\Users\Michelle\AppData\Local\Mobogenie
2013-12-31 17:30 - 2013-12-31 17:30 - 00002666 _____ C:\WINDOWS\System32\Tasks\UpdaterEX
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\Documents\Mobogenie
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\UpdaterEX
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\AppData\Local\genienext
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\AppData\Local\cache
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 _____ C:\Users\Michelle\daemonprocess.txt
2013-12-31 17:30 - 2013-12-31 17:29 - 31441840 _____ (Oracle Corporation) C:\Users\Michelle\Downloads\download-jre-7u25-windows-i586.exe
2013-12-31 17:28 - 2013-12-31 17:28 - 00755792 _____ C:\Users\Michelle\Downloads\java_setup.exe
2013-12-30 11:58 - 2013-12-30 11:59 - 00000000 ____D C:\Users\Public\Documents\Konz2014
2013-12-27 23:41 - 2013-12-29 01:19 - 00204117 _____ C:\Users\Michelle\Desktop\Backscheider, Dominik.V2013
2013-12-27 16:34 - 2013-12-28 09:33 - 00000437 _____ C:\WINDOWS\wiso.ini
2013-12-27 16:34 - 2013-12-27 16:34 - 00001937 _____ C:\Users\Public\Desktop\Steuer 2013.lnk
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Visagesoft
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\AIM
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\Buhl Data Service
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\Users\Michelle\AppData\Local\Buhl Data Service
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\Users\Michelle\AppData\Local\Buhl
2013-12-27 16:34 - 2003-12-04 15:58 - 00000696 _____ C:\WINDOWS\SysWOW64\jetodbc.rsp
2013-12-27 16:34 - 2002-12-11 19:12 - 00760968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSDMOD.DLL
2013-12-27 16:34 - 2002-12-11 19:12 - 00316040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DMOD.DLL
2013-12-27 16:34 - 2002-12-11 19:10 - 00816264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDMOD.DLL
2013-12-27 16:34 - 2002-12-11 17:34 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DMOD.DLL
2013-12-27 16:34 - 2002-12-11 15:16 - 00384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDMOD.DLL
2013-12-27 16:34 - 2002-08-29 03:43 - 00278559 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMV8DS32.AX
2013-12-27 16:34 - 2002-08-29 03:43 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDS32.AX
2013-12-27 16:34 - 2002-08-29 03:43 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSADDS32.AX
2013-12-27 16:34 - 2002-04-29 19:47 - 00121160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscal.ocx
2013-12-27 16:34 - 2000-06-13 00:00 - 01046288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL
2013-12-27 16:34 - 2000-06-13 00:00 - 00415504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL
2013-12-27 16:34 - 1999-03-05 22:15 - 00074000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrclr40.dll
2013-12-27 16:34 - 1999-03-05 22:15 - 00028944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrecr40.dll
2013-12-27 16:34 - 1998-04-24 00:00 - 00368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR332.DLL
2013-12-27 16:34 - 1998-04-24 00:00 - 00148240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL
2013-12-27 16:34 - 1997-07-01 10:45 - 00250128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSEXCL35.DLL
2013-12-27 16:34 - 1997-06-23 09:06 - 00330000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSEXCH35.DLL
2013-12-27 16:34 - 1997-06-23 09:06 - 00287504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXBSE35.DLL
2013-12-27 16:34 - 1997-06-23 09:06 - 00252176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X35.DLL
2013-12-27 16:34 - 1997-06-23 09:06 - 00250128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPDOX35.DLL
2013-12-27 16:34 - 1997-06-23 09:06 - 00166160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSLTUS35.DLL
2013-12-27 16:34 - 1997-06-23 09:06 - 00165648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSTEXT35.DLL
2013-12-27 16:34 - 1997-06-23 09:06 - 00024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL
2013-12-27 16:33 - 2013-12-27 16:33 - 00000000 ____D C:\Program Files (x86)\USM
2013-12-27 16:30 - 2014-01-06 10:23 - 00000000 ____D C:\Program Files (x86)\Steuer 2013
2013-12-27 16:30 - 2013-12-27 16:35 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-12-27 16:30 - 2013-12-27 16:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\Program Files\MSBuild
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-27 16:27 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-12-27 16:27 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-27 16:27 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-12-27 16:27 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-12-27 16:27 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-27 16:27 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-12-23 21:21 - 2014-01-15 22:22 - 00000110 _____ C:\Users\Michelle\AppData\Roaming\WB.CFG
==================== One Month Modified Files and Folders =======
2014-01-16 17:52 - 2014-01-16 17:51 - 00012852 _____ C:\Users\Michelle\Downloads\FRST.txt
2014-01-16 17:51 - 2014-01-16 17:51 - 00000000 ____D C:\FRST
2014-01-16 17:50 - 2014-01-16 17:50 - 02076160 _____ (Farbar) C:\Users\Michelle\Downloads\FRST64.exe
2014-01-16 17:31 - 2013-11-02 12:21 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-16 17:30 - 2013-12-31 17:30 - 00000328 _____ C:\WINDOWS\Tasks\UpdaterEX.job
2014-01-16 17:23 - 2013-05-03 22:40 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1825290939-2035482200-3538793863-1000
2014-01-16 17:21 - 2013-12-07 00:21 - 00000328 _____ C:\WINDOWS\Tasks\MySearchDial.job
2014-01-16 17:21 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-16 16:56 - 2014-01-16 16:56 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2014-01-16 16:41 - 2013-11-05 03:05 - 01417687 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-16 15:42 - 2013-11-13 10:00 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D3A081E2-6A7C-44AD-B398-1C24520C8691}
2014-01-16 15:19 - 2014-01-16 10:01 - 00000000 ____D C:\Users\Michelle\AppData\Local\Conduit
2014-01-16 14:58 - 2014-01-16 14:58 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2014-01-16 14:58 - 2014-01-16 14:57 - 00000000 ____D C:\c54de47fdab6bb65d723cd9abcf8
2014-01-16 14:58 - 2012-11-23 14:01 - 00000000 ____D C:\Users\Michelle\Desktop\Naruto songs
2014-01-16 14:57 - 2014-01-16 14:56 - 13697720 _____ (Microsoft Corporation) C:\Users\Michelle\Downloads\mseinstall.exe
2014-01-16 14:56 - 2014-01-16 14:56 - 00000000 ____D C:\Users\Michelle\AppData\Local\SearchProtect
2014-01-16 14:55 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\newnext.me
2014-01-16 14:55 - 2013-11-05 10:43 - 00000000 __RDO C:\Users\Michelle\SkyDrive
2014-01-16 14:55 - 2013-11-02 12:21 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-16 10:03 - 2014-01-16 10:03 - 00384458 _____ C:\Users\Michelle\Downloads\Nicht bestätigt 461972.crdownload
2014-01-16 10:03 - 2014-01-16 10:01 - 43055452 _____ (Emsisoft GmbH ) C:\Users\Michelle\Downloads\Nicht bestätigt 964405.crdownload
2014-01-16 10:03 - 2014-01-16 09:59 - 00000000 ____D C:\Users\Michelle\AppData\Local\DownloadGuide
2014-01-16 10:02 - 2014-01-16 10:02 - 00621288 _____ C:\Users\Michelle\Downloads\AdwCleaner_Setup_Download (2).exe
2014-01-16 10:02 - 2014-01-16 10:02 - 00125440 _____ C:\WINDOWS\system32\DlProtectSvc.exe
2014-01-16 10:02 - 2014-01-16 10:02 - 00118784 _____ C:\WINDOWS\system32\imapi3fs.exe
2014-01-16 10:02 - 2014-01-16 10:02 - 00012800 _____ C:\ProgramData\dlprotect.exe
2014-01-16 10:02 - 2014-01-16 10:02 - 00003388 _____ C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
2014-01-16 10:02 - 2014-01-16 10:02 - 00000000 ____D C:\ProgramData\Conduit
2014-01-16 10:02 - 2014-01-16 10:02 - 00000000 ____D C:\Program Files (x86)\Conduit
2014-01-16 10:02 - 2014-01-16 10:00 - 00000009 _____ C:\END
2014-01-16 10:01 - 2014-01-16 10:01 - 00621288 _____ C:\Users\Michelle\Downloads\AdwCleaner_Setup_Download (1).exe
2014-01-16 10:01 - 2014-01-16 10:01 - 00000000 ____D C:\Users\Michelle\AppData\Local\NativeMessaging
2014-01-16 10:01 - 2014-01-16 10:01 - 00000000 ____D C:\Users\Michelle\AppData\Local\CRE
2014-01-16 09:59 - 2014-01-16 09:59 - 00621288 _____ C:\Users\Michelle\Downloads\AdwCleaner_Setup_Download.exe
2014-01-16 09:59 - 2014-01-16 09:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-16 09:54 - 2014-01-16 09:54 - 00001395 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-16 09:54 - 2014-01-16 09:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2014-01-16 09:54 - 2014-01-16 09:54 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-16 09:53 - 2014-01-16 09:52 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Michelle\Downloads\spybot-2.2.25.exe
2014-01-16 09:25 - 2014-01-16 09:25 - 00000000 _____ C:\autoexec.bat
2014-01-16 09:24 - 2014-01-16 09:24 - 00003344 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2014-01-16 09:24 - 2014-01-16 09:24 - 00002280 _____ C:\Users\Michelle\Desktop\SpyHunter.lnk
2014-01-16 09:24 - 2014-01-16 09:24 - 00000000 ____D C:\WINDOWS\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-16 09:24 - 2014-01-16 09:24 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-01-16 09:24 - 2014-01-16 09:24 - 00000000 ____D C:\sh4ldr
2014-01-16 09:24 - 2014-01-16 09:24 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-16 09:24 - 2014-01-06 11:12 - 00000000 ____D C:\Users\Michelle\Desktop\music neu
2014-01-16 09:22 - 2014-01-16 09:22 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Michelle\Downloads\SpyHunter-Installer.exe
2014-01-16 09:22 - 2014-01-16 09:22 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Michelle\Downloads\SpyHunter-Installer (1).exe
2014-01-15 22:44 - 2013-08-19 23:40 - 00000000 ____D C:\Users\Michelle\AppData\Local\Battle.net
2014-01-15 22:22 - 2013-12-23 21:21 - 00000110 _____ C:\Users\Michelle\AppData\Roaming\WB.CFG
2014-01-15 18:05 - 2013-08-19 11:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 18:04 - 2013-05-05 21:54 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 17:01 - 2013-11-05 03:10 - 00000000 ____D C:\Users\Michelle
2014-01-15 16:51 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-14 08:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-12 20:19 - 2014-01-06 10:30 - 00000000 ____D C:\Users\Michelle\Desktop\sonstiges
2014-01-11 20:44 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-11 20:44 - 2013-09-30 04:58 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-11 20:44 - 2013-09-30 04:58 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-10 12:03 - 2013-05-03 22:42 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2014-01-10 12:02 - 2014-01-10 12:02 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-10 12:02 - 2014-01-10 12:02 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-10 12:02 - 2014-01-10 12:02 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-10 12:02 - 2014-01-10 12:02 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-10 12:02 - 2014-01-10 12:02 - 00000000 ____D C:\ProgramData\Oracle
2014-01-10 12:02 - 2014-01-10 12:02 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-08 20:18 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-08 20:15 - 2013-09-29 20:05 - 00029370 _____ C:\WINDOWS\PFRO.log
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 12:03 - 2014-01-06 10:31 - 00000000 ____D C:\Users\Michelle\Desktop\Sharepod
2014-01-06 11:15 - 2014-01-06 11:15 - 00000000 _____ C:\Users\Michelle\Desktop\SharePodSettings.xml
2014-01-06 11:15 - 2013-05-03 22:26 - 00000000 ____D C:\Users\Michelle\AppData\Local\VirtualStore
2014-01-06 11:09 - 2013-08-22 15:46 - 00323112 _____ C:\WINDOWS\setupact.log
2014-01-06 10:56 - 2014-01-06 10:56 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\SharePod
2014-01-06 10:43 - 2014-01-06 10:29 - 00030408 _____ C:\Users\Michelle\Desktop\SharePod.log
2014-01-06 10:28 - 2014-01-06 10:28 - 00000635 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2014-01-06 10:28 - 2014-01-06 10:28 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\Windows Net Data
2014-01-06 10:26 - 2014-01-06 10:26 - 00401744 _____ (Softonic ) C:\Users\Michelle\Downloads\SoftonicDownloader_fuer_sharepod.exe
2014-01-06 10:23 - 2013-12-27 16:30 - 00000000 ____D C:\Program Files (x86)\Steuer 2013
2014-01-05 23:27 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-05 21:50 - 2014-01-05 21:48 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\Apple Computer
2014-01-05 21:48 - 2014-01-05 21:48 - 00000000 ____D C:\Users\Michelle\AppData\Local\Apple Computer
2014-01-05 21:48 - 2014-01-05 21:47 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-05 21:48 - 2014-01-05 21:47 - 00000000 ____D C:\Program Files\iTunes
2014-01-05 21:48 - 2014-01-05 21:47 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-05 21:47 - 2014-01-05 21:47 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-05 21:47 - 2014-01-05 21:47 - 00000000 ____D C:\Program Files\iPod
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Users\Michelle\AppData\Local\Apple
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\ProgramData\Apple
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Program Files\Bonjour
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-05 21:46 - 2014-01-05 21:46 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-01-05 21:46 - 2014-01-05 21:45 - 100400976 _____ (Apple Inc.) C:\Users\Michelle\Downloads\iTunes64Setup.exe
2014-01-04 14:04 - 2013-06-18 21:36 - 00000000 ____D C:\Program Files (x86)\Diablo III
2014-01-04 14:03 - 2013-08-19 23:40 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-31 17:34 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\AppData\Local\Mobogenie
2013-12-31 17:32 - 2013-12-31 17:32 - 00000000 ____D C:\ProgramData\Sun
2013-12-31 17:31 - 2013-12-31 17:31 - 00000000 ____D C:\Users\Michelle\.android
2013-12-31 17:30 - 2013-12-31 17:30 - 00002666 _____ C:\WINDOWS\System32\Tasks\UpdaterEX
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\Documents\Mobogenie
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\UpdaterEX
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\AppData\Local\genienext
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 ____D C:\Users\Michelle\AppData\Local\cache
2013-12-31 17:30 - 2013-12-31 17:30 - 00000000 _____ C:\Users\Michelle\daemonprocess.txt
2013-12-31 17:29 - 2013-12-31 17:30 - 31441840 _____ (Oracle Corporation) C:\Users\Michelle\Downloads\download-jre-7u25-windows-i586.exe
2013-12-31 17:28 - 2013-12-31 17:28 - 00755792 _____ C:\Users\Michelle\Downloads\java_setup.exe
2013-12-30 12:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-30 11:59 - 2013-12-30 11:58 - 00000000 ____D C:\Users\Public\Documents\Konz2014
2013-12-29 01:19 - 2013-12-27 23:41 - 00204117 _____ C:\Users\Michelle\Desktop\Backscheider, Dominik.V2013
2013-12-28 09:33 - 2013-12-27 16:34 - 00000437 _____ C:\WINDOWS\wiso.ini
2013-12-27 16:35 - 2013-12-27 16:30 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-12-27 16:34 - 2013-12-27 16:34 - 00001937 _____ C:\Users\Public\Desktop\Steuer 2013.lnk
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Visagesoft
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\AIM
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\Buhl Data Service
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\Users\Michelle\AppData\Local\Buhl Data Service
2013-12-27 16:34 - 2013-12-27 16:34 - 00000000 ____D C:\Users\Michelle\AppData\Local\Buhl
2013-12-27 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2013-12-27 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-27 16:34 - 2012-02-28 22:50 - 00000000 ____D C:\Users\Michelle\Documents\Steuer
2013-12-27 16:33 - 2013-12-27 16:33 - 00000000 ____D C:\Program Files (x86)\USM
2013-12-27 16:33 - 2013-12-27 16:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\Program Files\MSBuild
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-27 16:28 - 2013-12-27 16:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-25 22:19 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-25 22:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-25 22:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-25 22:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-25 22:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
Files to move or delete:
====================
C:\Users\Michelle\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll
C:\ProgramData\dlprotect.exe
Some content of TEMP:
====================
C:\Users\Michelle\AppData\Local\Temp\75571uninstall.exe
C:\Users\Michelle\AppData\Local\Temp\nsbAC15.exe
C:\Users\Michelle\AppData\Local\Temp\nsi644B.tmp.tbRadi.dll
C:\Users\Michelle\AppData\Local\Temp\nsmA125.exe
C:\Users\Michelle\AppData\Local\Temp\nso1A64.exe
C:\Users\Michelle\AppData\Local\Temp\nst6DEA.exe
C:\Users\Michelle\AppData\Local\Temp\nsyFF19.exe
C:\Users\Michelle\AppData\Local\Temp\Quarantine.exe
C:\Users\Michelle\AppData\Local\Temp\SPStub.exe
C:\Users\Michelle\AppData\Local\Temp\Sqlite3.dll
C:\Users\Michelle\AppData\Local\Temp\tbRadi.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-15 17:57
==================== End Of Log ============================
Farbar Recovery Scan Additional Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014 03
Ran by Michelle at 2014-01-16 17:52:59
Running from C:\Users\Michelle\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Battle.net (x32 Version: - Blizzard Entertainment)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (Version: 15.4.8.1 - Broadcom Corporation)
Diablo III (x32 Version: - Blizzard Entertainment)
DMUninstaller (x32 Version: - )
Download Protect (HKCU Version: - Download Protect)
Extended Update (HKCU Version: - )
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Iminent (x32 Version: 6.46.1.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932 - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Grafiktreiber 307.17 (Version: 307.17 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Spybot - Search & Destroy (x32 Version: 2.2.25 - Safer-Networking Ltd.)
SpyHunter (Version: 4.16.5.4290 - Enigma Software Group USA, LLC)
Steuer 2013 (x32 Version: 21.00.8480 - Buhl Data Service GmbH)
VIS (x32 Version: - )
World of Warcraft (x32 Version: - Blizzard Entertainment)
==================== Restore Points =========================
31-12-2013 16:31:08 Installed Java 7 Update 10
05-01-2014 20:46:58 Installed iTunes
10-01-2014 11:01:20 Installed Java 7 Update 45
15-01-2014 16:57:32 Windows Update
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0AF23CDC-79F8-4A12-93BE-212D08F0E014} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {25C03328-3BFA-4208-91D0-5418CC4581C7} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Michelle\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {45A67831-D9E9-4A67-A902-6FAD62E8EB7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5BBFDB41-76DE-43DE-8C43-C86268F13A11} - System32\Tasks\MySearchDial => C:\Users\Michelle\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {5ECDD7DB-0DC2-4414-B6F0-925EF3A92397} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {700C30CB-CA6B-4025-B426-48FB4D3AFF89} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FCA3DC8-F524-46A5-A7B7-C82AD2B6D872} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2013-10-18] (Enigma Software Group USA, LLC.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AECFE5CD-2731-48FA-98A4-241C31B3FE31} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B4B5F38B-A4BE-442D-99E7-443DF7E09897} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {CF6CD402-0C76-42E9-9384-FADF6C03CAFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D6449968-7E0D-4691-80BF-9651AE5BE5D3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-15] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB2C6B59-64F2-43C4-82F2-ABBF5150A7FC} - System32\Tasks\UpdaterEX => C:\Users\Michelle\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MySearchDial.job => C:\Users\Michelle\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\Michelle\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-11-05 11:13 - 2013-11-05 11:13 - 00347136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\e0e7493cf161f0e0899caa7eb5e0e259\Windows.Globalization.ni.dll
2013-11-05 11:13 - 2013-11-05 11:13 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\432868bf54b081b16eaf68729020b30a\Windows.Foundation.ni.dll
2013-11-05 11:13 - 2013-11-05 11:13 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\e8f8737bea4f0df4b88bbc4bf24fa2a8\Windows.System.ni.dll
2013-11-05 11:13 - 2013-11-05 11:13 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\4c323000d6c8d1d462abb0968333c937\Windows.Storage.ni.dll
2013-12-30 12:23 - 2013-12-30 12:23 - 00028160 _____ () C:\Users\Michelle\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\5bf99992f103eeb416af8751401af835\Microsoft.PerfTrack.ni.dll
2013-11-05 11:13 - 2013-11-05 11:13 - 01782272 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\600862031eb4d4cfdc6f4d2025a7990e\Windows.ApplicationModel.ni.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Michelle\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 8043.86 MB
Available physical RAM: 5577.69 MB
Total Pagefile: 9323.86 MB
Available Pagefile: 6713.8 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:596.07 GB) (Free:514.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 6B018443)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
Baum-Darstellung