| |
| |||||||
Log-Analyse und Auswertung: Windows 7 - Nur noch Verknüpfungen auf USB-StickWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.02.2014, 20:47
| #1 |
| |  Windows 7 - Nur noch Verknüpfungen auf USB-Stick Hallo! Ich habe das Problem, dass plötzlich nur noch Verknüpfungen auf meinem USB-Stick sind. Die Dateien auf dem Stick sind mir egal, mir geht es um meinen Rechner und die Dateien die darauf gespeichert sind. Aber auch wenn ich einen anderen Stick anstöpsel, sind nur noch Verknüpfungen da. Ich muss viel mit diesem Rechner arbeiten, eine Neuinstallation wäre gerade fast unmöglich, ich hoffe man kann noch was retten! Ich habe alles, was ich bisher gemacht habe hier gepostet: Antivir: Code:
ATTFilter Exportierte Ereignisse:
09.02.2014 14:57 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Fabian\AppData\Local\Temp\lyricsPaltmp.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4b19024a.qua'
verschoben!
09.02.2014 14:57 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Fabian\AppData\Local\Microsoft\Windows\Temporary Internet
Files\Content.IE5\UOWLAE00\LyricsPal_1060-8101_v133[1]'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '07a12e3f.qua'
verschoben!
09.02.2014 14:57 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Fabian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\2e1ee8f0-36b4
4ec5'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2013-1493.A.506'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '45af082b.qua'
verschoben!
09.02.2014 14:57 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Fabian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\b388dfa-5bc0d
83f'
enthielt einen Virus oder unerwünschtes Programm 'Java/Lamar.sgf.27' [virus].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5d3f27de.qua'
verschoben!
09.02.2014 14:57 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Fabian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\27dd6a64-5fa4
977d'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2013-1493.A.506'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '17835295.qua'
verschoben!
09.02.2014 14:57 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Fabian\AppData\Local\Temp\LyricsPal_1060-8101_v122.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3402302b.qua'
verschoben!
09.02.2014 14:57 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Fabian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\19e5f914-7b23
6452'
enthielt einen Virus oder unerwünschtes Programm 'Java/Lamar.dhv.9' [virus].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '71b31d55.qua'
verschoben!
08.02.2014 18:45 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Fabian\AppData\Local\Temp\ICReinstall_MusicConverterSetup.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5a2ff90f.qua'
verschoben!
08.02.2014 18:44 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Fabian\AppData\Local\Temp\ICReinstall_MusicConverterSetup.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
08.02.2014 18:44 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Fabian\AppData\Local\Temp\ICReinstall_MusicConverterSetup.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
08.02.2014 18:43 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files (x86)\LyricsPal\Lyrics.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5b50fd9e.qua'
verschoben!
08.02.2014 18:42 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\LyricsPal\Lyrics.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
08.02.2014 18:41 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\LyricsPal\Lyrics.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.01.2014 21:59 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\LyricsPal\Lyrics.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.12.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Fabian :: FABIAN-PC [Administrator] 12.02.2014 17:28:03 MBAM-log-2014-02-12 (18-52-19).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 446024 Laufzeit: 1 Stunde(n), 18 Minute(n), 5 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5526d33c-7120-4326-9097-defcbdfa0dbc} (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Program Files (x86)\LyricsPal (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 26 C:\Users\Fabian\AppData\Local\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\CKYWCeKK.exe.part (PUP.Optional.Somoto) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\DeltaTB.exe (PUP.Optional.DeltaTB) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\dp.exe (PUP.Optional.DealPly.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\HEpFyhZs.exe.part (PUP.Optional.Somoto) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\IminentSetup.exe (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\_6hZbpcp.exe.part (PUP.Optional.Tuguu) -> Keine Aktion durchgeführt. C:\Users\Fabian\AppData\Local\Temp\OCS\Downloads\705f49176579a643660bff5ff6ae3956\3674eca8030cd1cd539084cf3ebbac8c\YTD3.9.6.exe (PUP.Optional.Spigot.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\Desktop\DVDShrink_downloader_by_DVDShrink.exe (PUP.Optional.Somoto) -> Keine Aktion durchgeführt. C:\Users\Fabian\Desktop\Windows7 Treiber für Dell Inspiron1525\Treiber Inspiron 1525 Windows 7\USB\ricoh_r5c83x_84x_driver_v2140005_id868899id.exe (PUP.Adware.MediaGet) -> Keine Aktion durchgeführt. C:\Users\Fabian\Downloads\FreeVideoToMP3Converter.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Fabian\Downloads\Player-Firefox(1).exe (PUP.Optional.OptimumInstaller.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\Downloads\Player-Firefox.exe (PUP.Optional.OptimumInstaller.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\Downloads\Setup(1).exe (PUP.Optional.Tuguu) -> Keine Aktion durchgeführt. C:\Users\Fabian\Downloads\Updater_Setup(1).exe (PUP.Optional.OptimumInstaller.A) -> Keine Aktion durchgeführt. C:\Users\Fabian\Downloads\Updater_Setup.exe (PUP.Optional.OptimumInstaller.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\Lyrics-Pal Update.job (PUP.Optional.Lyrics.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyricsPal\01.crx (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyricsPal\01a.xpi (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyricsPal\133.crx (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyricsPal\133.dat (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyricsPal\133.xpi (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyricsPal\sqlite3.dll (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyricsPal\Uninstall.exe (PUP.Optional.LyricsPal.A) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:43 on 13/02/2014 (Fabian)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 01
Ran by Fabian (administrator) on FABIAN-PC on 13-02-2014 09:46:59
Running from C:\Users\Fabian\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files\ProgDVB\ProgDVBService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
() C:\Users\Fabian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Dropbox, Inc.) C:\Users\Fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [425984 2008-02-15] (IDT, Inc.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3832064 2009-09-11] (O&O Software GmbH)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [OEM02Mon.exe] - C:\Windows\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-686489922-4127905493-3137270334-1000\...\Run: [] - [X]
HKU\S-1-5-21-686489922-4127905493-3137270334-1000\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
HKU\S-1-5-21-686489922-4127905493-3137270334-1000\...\Run: [Amazon Cloud Player] - C:\Users\Fabian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-686489922-4127905493-3137270334-1000\...\Run: [Mozilla] - C:\Users\Fabian\AppData\Roaming\Mozilla.vbs [9694 2013-10-06] ()
Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla.vbs ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x02EC7B611FC4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 62.109.121.1 192.168.0.1
Tcpip\..\Interfaces\{0D91560E-2D71-4AA6-91B7-32E262F11FA2}: [NameServer]62.109.121.1 62.109.121.2
FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default
FF user.js: detected! => C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\user.js
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.0.13 - C:\Users\Fabian\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FireJump - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\Extensions\firejump@firejump.net [2013-05-22]
FF Extension: Xmarks - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\Extensions\foxmarks@kei.com [2013-05-21]
FF Extension: Spartipps von SparPilot.com - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\Extensions\sparpilot@sparpilot.com [2013-05-22]
FF Extension: DownloadHelper - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-09-08]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: Adblock Plus - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-09]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-07-25]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-22]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-07-25]
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\extensions\sparpilot@sparpilot.com
FF Extension: Spartipps von SparPilot.com - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\extensions\sparpilot@sparpilot.com [2013-05-22]
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\z7vcumd7.default\extensions\firejump@firejump.net [2013-05-22]
FF HKCU\...\Firefox\Extensions: [{8f5010e2-9577-4aed-ad42-f2098ea15def}] - C:\Program Files (x86)\LyricsPal\133.xpi
FF Extension: Lyrics-Pal - C:\Program Files (x86)\LyricsPal\133.xpi [2013-09-12]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
==================== Services (Whitelisted) =================
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe [86016 2007-09-20] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 FreemiumSystemStoreService; C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.exe [7244800 2012-09-07] ()
R2 O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2287360 2009-09-11] (O&O Software GmbH)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 ProgDVBService; C:\Program Files\ProgDVB\ProgDVBService.exe [60840 2013-01-28] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe [122880 2008-02-15] (IDT, Inc.)
S2 FreemakeVideoCapture; "C:\Program Files (x86)\Freemake Video Downloader\CaptureLib\CaptureLibService.exe" [X]
==================== Drivers (Whitelisted) ====================
S3 AVerBDA6x_x64; C:\Windows\System32\DRIVERS\AVerBDA716x_x64.sys [1354880 2009-06-05] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 OEM02Dev; C:\Windows\System32\DRIVERS\OEM02Dev.sys [266624 2007-10-10] (Creative Technology Ltd.)
R3 OEM02Vfx; C:\Windows\System32\DRIVERS\OEM02Vfx.sys [12288 2007-03-05] (EyePower Games Pte. Ltd.)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2012-07-24] (Sony Ericsson Mobile Communications)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-13 09:46 - 2014-02-13 09:47 - 00018953 _____ () C:\Users\Fabian\Desktop\FRST.txt
2014-02-13 09:46 - 2014-02-13 09:46 - 00000000 ____D () C:\FRST
2014-02-13 09:45 - 2014-02-13 09:45 - 02152448 _____ (Farbar) C:\Users\Fabian\Desktop\FRST64.exe
2014-02-13 09:43 - 2014-02-13 09:43 - 00000474 _____ () C:\Users\Fabian\Desktop\defogger_disable.log
2014-02-13 09:43 - 2014-02-13 09:43 - 00000000 _____ () C:\Users\Fabian\defogger_reenable
2014-02-13 09:41 - 2014-02-13 09:41 - 00050477 _____ () C:\Users\Fabian\Desktop\Defogger.exe
2014-02-12 21:12 - 2014-02-12 21:12 - 00000000 ____D () C:\Users\Fabian\Desktop\Lehrprobe_Bilder
2014-02-12 17:27 - 2014-02-12 17:27 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Malwarebytes
2014-02-12 17:26 - 2014-02-12 17:26 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-12 17:26 - 2014-02-12 17:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 17:26 - 2014-02-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-12 17:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-12 17:24 - 2014-02-12 17:24 - 00614792 _____ (Chip Digital GmbH) C:\Users\Fabian\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-02-11 14:17 - 2014-02-11 14:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf272b92e7b791.job
2014-02-08 19:23 - 2014-02-08 19:23 - 00003188 _____ () C:\Users\Fabian\Downloads\Drivers.txt
2014-02-08 19:12 - 2014-02-08 19:12 - 00000000 ____D () C:\Users\Fabian\Desktop\PPFScanner Scanfiles 20140208_18_35_20_929_1
2014-02-08 18:31 - 2014-02-08 18:31 - 00000000 ____D () C:\Users\Fabian\Desktop\ppfs
2014-02-08 18:29 - 2014-02-08 18:30 - 07873813 _____ () C:\Users\Fabian\Downloads\PPFScan.zip
2014-02-08 18:14 - 2013-10-06 18:07 - 00009694 ___SH () C:\Users\Fabian\AppData\Roaming\Mozilla.vbs
2014-02-08 18:10 - 2014-02-08 18:40 - 1569118568 _____ () C:\Users\Fabian\Downloads\Dialog_mit_meinem_Gaertner_14.01.30_22-25_3sat_100_TVOON_DE.mpg.HD.avi.otrkey
2014-02-08 18:10 - 2014-02-08 18:10 - 00030192 _____ () C:\Users\Fabian\Downloads\Dialog_mit_meinem_Gaertner_14.01.30_22-25_3sat_100_TVOON_DE.mpg.HD.avi.otrkey.torrent
2014-02-08 16:20 - 2014-02-08 16:20 - 00139104 _____ () C:\Users\Fabian\Downloads\setup.exe
2014-02-08 16:03 - 2014-02-08 16:03 - 01691944 _____ (Premium Installer ) C:\Users\Fabian\Downloads\Updater_Setup(1).exe
2014-02-08 16:02 - 2014-02-08 16:02 - 01691944 _____ (Premium Installer ) C:\Users\Fabian\Downloads\Updater_Setup.exe
2014-02-06 15:52 - 2014-02-06 16:07 - 606657056 _____ () C:\Users\Fabian\Downloads\Wildes_Nairobi_Wo_Leoparden_durch_Gaerten_schleichen_14.02.05_20-15_3sat_45_TVOON_DE.mpg.avi.otrkey
2014-02-05 17:19 - 2014-02-05 17:39 - 793518412 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.02.04_20-15_vox_60_TVOON_DE.mpg.HQ.avi.otrkey
2014-02-04 16:12 - 2014-02-04 16:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-30 19:57 - 2014-01-30 20:18 - 839609300 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.01.28_20-15_vox_60_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-30 15:27 - 2014-01-30 15:27 - 00996352 _____ () C:\Users\Fabian\Downloads\kap_4_geometrie.ppt
2014-01-29 21:24 - 2014-01-29 21:54 - 1177265194 _____ () C:\Users\Fabian\Downloads\Wild_Things_14.01.09_22-10_kabel1_130_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-28 20:15 - 2014-01-28 20:38 - 777278040 _____ () C:\Users\Fabian\Downloads\Terra_X_14.01.26_19-30_zdf_45_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-28 19:32 - 2014-01-28 20:11 - 1482697378 _____ () C:\Users\Fabian\Downloads\Die_Grauzone_14.01.27_23-10_3sat_105_TVOON_DE.mpg.HD.avi.otrkey
2014-01-27 18:47 - 2014-01-27 19:14 - 1073993208 _____ () C:\Users\Fabian\Downloads\Umstaendlich_verliebt_14.01.26_20-15_pro7_135_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-27 18:19 - 2014-01-27 18:45 - 985341178 _____ () C:\Users\Fabian\Downloads\Source_Code_14.01.26_20-15_rtl_105_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-26 18:27 - 2014-01-26 19:08 - 1600083292 _____ () C:\Users\Fabian\Downloads\Und_taeglich_gruesst_das_Murmeltier_14.01.24_20-15_zdfneo_105_TVOON_DE.mpg.HD.avi.otrkey
2014-01-26 17:29 - 2014-01-26 18:25 - 2183184932 _____ () C:\Users\Fabian\Downloads\Speed_Auf_der_Suche_nach_der_verlorenen_Zeit_14.01.22_20-15_arte_95_TVOON_DE.mpg.HD.avi.otrkey
2014-01-25 15:59 - 2014-01-25 15:59 - 01659688 _____ (Premium Installer ) C:\Users\Fabian\Downloads\Player-Firefox(1).exe
2014-01-25 15:42 - 2014-01-25 15:42 - 01659688 _____ (Premium Installer ) C:\Users\Fabian\Downloads\Player-Firefox.exe
2014-01-22 20:59 - 2014-01-22 21:00 - 919955132 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.01.21_20-15_vox_60_TVOON_DE.mpg.HQ.avi
2014-01-22 20:17 - 2014-01-22 20:46 - 919955654 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.01.21_20-15_vox_60_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-22 15:11 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 15:11 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-22 15:11 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-22 15:11 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-22 15:10 - 2014-01-22 15:11 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-21 16:15 - 2014-01-21 17:07 - 2057580902 _____ () C:\Users\Fabian\Downloads\Besser_geht_s_nicht_14.01.20_23-15_ndr_130_TVOON_DE.mpg.HD.avi.otrkey
2014-01-21 13:53 - 2014-01-21 14:27 - 1343516246 _____ () C:\Users\Fabian\Downloads\The_Fog_Nebel_des_Grauens_14.01.20_22-15_arte_90_TVOON_DE.mpg.HD.avi.otrkey
2014-01-21 13:03 - 2014-01-21 13:45 - 1631571240 _____ () C:\Users\Fabian\Downloads\Nichts_fuer_Feiglinge_14.01.10_20-15_ard_90_TVOON_DE.mpg.HD.avi.otrkey
2014-01-19 14:43 - 2014-01-19 14:43 - 00018136 _____ () C:\Users\Fabian\Downloads\88f169fcda95a01c309a3d4935b99fa9.jpeg
2014-01-19 14:20 - 2014-01-19 14:20 - 00051046 _____ () C:\Users\Fabian\Downloads\cd_cover_dot.zip
2014-01-19 14:07 - 2014-01-19 14:07 - 00001214 _____ () C:\Users\Fabian\Desktop\Amazon Cloud Player.lnk
2014-01-19 14:07 - 2014-01-19 14:07 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-01-19 14:07 - 2014-01-19 14:07 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Amazon Cloud Player
2014-01-19 14:06 - 2014-01-19 14:07 - 36160080 _____ (Amazon) C:\Users\Fabian\Downloads\AmazonCloudPlayerInstaller_422.exe
2014-01-19 13:59 - 2014-01-19 14:06 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Amazon
2014-01-19 13:57 - 2014-01-19 14:06 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-01-19 13:57 - 2014-01-19 13:57 - 02328864 _____ () C:\Users\Fabian\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2014-01-19 13:57 - 2014-01-19 13:57 - 00000000 ____D () C:\Users\Fabian\Documents\Amazon MP3
2014-01-18 18:31 - 2014-01-18 18:31 - 00021186 _____ () C:\Users\Fabian\Downloads\Grundwortschatz Bayern 3__4_ Klasse(2).zip
2014-01-17 16:41 - 2014-01-17 16:44 - 36759539 _____ () C:\Users\Fabian\Downloads\win-installer-415.exe
2014-01-17 16:35 - 2014-01-17 17:08 - 1231497446 _____ () C:\Users\Fabian\Downloads\Hot_Shots_2__Der_2__Versuch_14.01.16_22-10_kabel1_110_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-17 15:47 - 2014-01-17 16:15 - 1087572086 _____ () C:\Users\Fabian\Downloads\Hot_Shots_Die_Mutter_aller_Filme_14.01.16_20-15_kabel1_115_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-16 17:57 - 2014-01-16 18:42 - 1745482030 _____ () C:\Users\Fabian\Downloads\Poltergeist_14.01.13_21-50_arte_115_TVOON_DE.mpg.HD.avi.otrkey
2014-01-16 17:25 - 2014-01-16 17:47 - 833519788 _____ () C:\Users\Fabian\Downloads\Frozen_Eiskalter_Abgrund_14.01.13_00-20_pro7_100_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-15 21:57 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 21:57 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 21:57 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 21:57 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 21:57 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 21:57 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 21:57 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 21:57 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 21:57 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 20:27 - 2014-01-15 21:09 - 1625030776 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.01.14_20-15_vox_120_TVOON_DE.mpg.HQ.avi.otrkey
==================== One Month Modified Files and Folders =======
2014-02-13 09:47 - 2014-02-13 09:46 - 00018953 _____ () C:\Users\Fabian\Desktop\FRST.txt
2014-02-13 09:47 - 2013-05-21 17:58 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Free Download Manager
2014-02-13 09:46 - 2014-02-13 09:46 - 00000000 ____D () C:\FRST
2014-02-13 09:45 - 2014-02-13 09:45 - 02152448 _____ (Farbar) C:\Users\Fabian\Desktop\FRST64.exe
2014-02-13 09:43 - 2014-02-13 09:43 - 00000474 _____ () C:\Users\Fabian\Desktop\defogger_disable.log
2014-02-13 09:43 - 2014-02-13 09:43 - 00000000 _____ () C:\Users\Fabian\defogger_reenable
2014-02-13 09:43 - 2012-07-20 20:22 - 00000000 ____D () C:\Users\Fabian
2014-02-13 09:41 - 2014-02-13 09:41 - 00050477 _____ () C:\Users\Fabian\Desktop\Defogger.exe
2014-02-13 09:32 - 2012-07-24 22:47 - 00000000 ____D () C:\Users\Fabian\Documents\Outlook-Dateien
2014-02-13 09:12 - 2012-07-20 22:29 - 00697506 _____ () C:\Windows\system32\perfh007.dat
2014-02-13 09:12 - 2012-07-20 22:29 - 00149442 _____ () C:\Windows\system32\perfc007.dat
2014-02-13 09:12 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-13 09:01 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-13 09:01 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-13 09:00 - 2012-07-20 20:15 - 02090928 _____ () C:\Windows\WindowsUpdate.log
2014-02-13 08:58 - 2013-03-15 15:05 - 00000000 ___RD () C:\Users\Fabian\Dropbox
2014-02-13 08:58 - 2013-03-15 15:01 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Dropbox
2014-02-13 08:55 - 2012-07-21 00:41 - 01298968 _____ () C:\Windows\system32\oodbs.lor
2014-02-13 08:55 - 2009-07-14 05:51 - 00124551 _____ () C:\Windows\setupact.log
2014-02-12 21:12 - 2014-02-12 21:12 - 00000000 ____D () C:\Users\Fabian\Desktop\Lehrprobe_Bilder
2014-02-12 17:27 - 2014-02-12 17:27 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Malwarebytes
2014-02-12 17:26 - 2014-02-12 17:26 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-12 17:26 - 2014-02-12 17:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 17:26 - 2014-02-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-12 17:24 - 2014-02-12 17:24 - 00614792 _____ (Chip Digital GmbH) C:\Users\Fabian\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-02-11 14:32 - 2013-01-10 23:43 - 00000000 ____D () C:\Users\Fabian\Desktop\BBZ_Sicherungen
2014-02-11 14:17 - 2014-02-11 14:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf272b92e7b791.job
2014-02-08 19:23 - 2014-02-08 19:23 - 00003188 _____ () C:\Users\Fabian\Downloads\Drivers.txt
2014-02-08 19:12 - 2014-02-08 19:12 - 00000000 ____D () C:\Users\Fabian\Desktop\PPFScanner Scanfiles 20140208_18_35_20_929_1
2014-02-08 18:43 - 2013-09-12 13:39 - 00000000 ____D () C:\Program Files (x86)\LyricsPal
2014-02-08 18:40 - 2014-02-08 18:10 - 1569118568 _____ () C:\Users\Fabian\Downloads\Dialog_mit_meinem_Gaertner_14.01.30_22-25_3sat_100_TVOON_DE.mpg.HD.avi.otrkey
2014-02-08 18:31 - 2014-02-08 18:31 - 00000000 ____D () C:\Users\Fabian\Desktop\ppfs
2014-02-08 18:30 - 2014-02-08 18:29 - 07873813 _____ () C:\Users\Fabian\Downloads\PPFScan.zip
2014-02-08 18:14 - 2012-07-20 20:24 - 00000000 ___RD () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-08 18:10 - 2014-02-08 18:10 - 00030192 _____ () C:\Users\Fabian\Downloads\Dialog_mit_meinem_Gaertner_14.01.30_22-25_3sat_100_TVOON_DE.mpg.HD.avi.otrkey.torrent
2014-02-08 16:20 - 2014-02-08 16:20 - 00139104 _____ () C:\Users\Fabian\Downloads\setup.exe
2014-02-08 16:10 - 2012-07-23 11:00 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\vlc
2014-02-08 16:03 - 2014-02-08 16:03 - 01691944 _____ (Premium Installer ) C:\Users\Fabian\Downloads\Updater_Setup(1).exe
2014-02-08 16:02 - 2014-02-08 16:02 - 01691944 _____ (Premium Installer ) C:\Users\Fabian\Downloads\Updater_Setup.exe
2014-02-08 14:12 - 2013-02-21 17:51 - 00000000 ____D () C:\Users\Fabian\AppData\Local\ColdCut
2014-02-08 14:10 - 2013-02-21 18:29 - 00036864 _____ () C:\Users\Fabian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-06 16:07 - 2014-02-06 15:52 - 606657056 _____ () C:\Users\Fabian\Downloads\Wildes_Nairobi_Wo_Leoparden_durch_Gaerten_schleichen_14.02.05_20-15_3sat_45_TVOON_DE.mpg.avi.otrkey
2014-02-06 13:41 - 2012-07-23 19:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-05 17:39 - 2014-02-05 17:19 - 793518412 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.02.04_20-15_vox_60_TVOON_DE.mpg.HQ.avi.otrkey
2014-02-04 16:12 - 2014-02-04 16:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-02 12:56 - 2013-04-27 18:36 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Audacity
2014-01-31 16:48 - 2012-09-18 12:56 - 00000000 ____D () C:\Users\Fabian\Desktop\Unterrichtsvorbereitung 1
2014-01-30 20:18 - 2014-01-30 19:57 - 839609300 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.01.28_20-15_vox_60_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-30 15:27 - 2014-01-30 15:27 - 00996352 _____ () C:\Users\Fabian\Downloads\kap_4_geometrie.ppt
2014-01-29 21:54 - 2014-01-29 21:24 - 1177265194 _____ () C:\Users\Fabian\Downloads\Wild_Things_14.01.09_22-10_kabel1_130_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-28 20:38 - 2014-01-28 20:15 - 777278040 _____ () C:\Users\Fabian\Downloads\Terra_X_14.01.26_19-30_zdf_45_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-28 20:11 - 2014-01-28 19:32 - 1482697378 _____ () C:\Users\Fabian\Downloads\Die_Grauzone_14.01.27_23-10_3sat_105_TVOON_DE.mpg.HD.avi.otrkey
2014-01-27 19:14 - 2014-01-27 18:47 - 1073993208 _____ () C:\Users\Fabian\Downloads\Umstaendlich_verliebt_14.01.26_20-15_pro7_135_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-27 18:45 - 2014-01-27 18:19 - 985341178 _____ () C:\Users\Fabian\Downloads\Source_Code_14.01.26_20-15_rtl_105_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-26 19:08 - 2014-01-26 18:27 - 1600083292 _____ () C:\Users\Fabian\Downloads\Und_taeglich_gruesst_das_Murmeltier_14.01.24_20-15_zdfneo_105_TVOON_DE.mpg.HD.avi.otrkey
2014-01-26 18:25 - 2014-01-26 17:29 - 2183184932 _____ () C:\Users\Fabian\Downloads\Speed_Auf_der_Suche_nach_der_verlorenen_Zeit_14.01.22_20-15_arte_95_TVOON_DE.mpg.HD.avi.otrkey
2014-01-25 15:59 - 2014-01-25 15:59 - 01659688 _____ (Premium Installer ) C:\Users\Fabian\Downloads\Player-Firefox(1).exe
2014-01-25 15:42 - 2014-01-25 15:42 - 01659688 _____ (Premium Installer ) C:\Users\Fabian\Downloads\Player-Firefox.exe
2014-01-25 13:13 - 2012-08-03 13:36 - 00000000 ____D () C:\Users\Fabian\Documents\Eigene Scans
2014-01-22 21:00 - 2014-01-22 20:59 - 919955132 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.01.21_20-15_vox_60_TVOON_DE.mpg.HQ.avi
2014-01-22 20:46 - 2014-01-22 20:17 - 919955654 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.01.21_20-15_vox_60_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-22 15:11 - 2014-01-22 15:10 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 15:11 - 2013-10-21 14:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-22 15:11 - 2013-06-22 13:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-21 17:07 - 2014-01-21 16:15 - 2057580902 _____ () C:\Users\Fabian\Downloads\Besser_geht_s_nicht_14.01.20_23-15_ndr_130_TVOON_DE.mpg.HD.avi.otrkey
2014-01-21 14:27 - 2014-01-21 13:53 - 1343516246 _____ () C:\Users\Fabian\Downloads\The_Fog_Nebel_des_Grauens_14.01.20_22-15_arte_90_TVOON_DE.mpg.HD.avi.otrkey
2014-01-21 13:45 - 2014-01-21 13:03 - 1631571240 _____ () C:\Users\Fabian\Downloads\Nichts_fuer_Feiglinge_14.01.10_20-15_ard_90_TVOON_DE.mpg.HD.avi.otrkey
2014-01-19 15:22 - 2013-05-21 22:43 - 00000000 ____D () C:\Users\Fabian\Documents\CD Cover_Karten
2014-01-19 14:43 - 2014-01-19 14:43 - 00018136 _____ () C:\Users\Fabian\Downloads\88f169fcda95a01c309a3d4935b99fa9.jpeg
2014-01-19 14:20 - 2014-01-19 14:20 - 00051046 _____ () C:\Users\Fabian\Downloads\cd_cover_dot.zip
2014-01-19 14:07 - 2014-01-19 14:07 - 00001214 _____ () C:\Users\Fabian\Desktop\Amazon Cloud Player.lnk
2014-01-19 14:07 - 2014-01-19 14:07 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-01-19 14:07 - 2014-01-19 14:07 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Amazon Cloud Player
2014-01-19 14:07 - 2014-01-19 14:06 - 36160080 _____ (Amazon) C:\Users\Fabian\Downloads\AmazonCloudPlayerInstaller_422.exe
2014-01-19 14:06 - 2014-01-19 13:59 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Amazon
2014-01-19 14:06 - 2014-01-19 13:57 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-01-19 13:57 - 2014-01-19 13:57 - 02328864 _____ () C:\Users\Fabian\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2014-01-19 13:57 - 2014-01-19 13:57 - 00000000 ____D () C:\Users\Fabian\Documents\Amazon MP3
2014-01-18 18:31 - 2014-01-18 18:31 - 00021186 _____ () C:\Users\Fabian\Downloads\Grundwortschatz Bayern 3__4_ Klasse(2).zip
2014-01-18 12:36 - 2014-01-03 13:38 - 00001439 _____ () C:\Users\Fabian\Desktop\BBZ.lnk
2014-01-18 12:36 - 2014-01-03 13:38 - 00000000 ____D () C:\Users\Fabian\Desktop\BBZ
2014-01-17 17:08 - 2014-01-17 16:35 - 1231497446 _____ () C:\Users\Fabian\Downloads\Hot_Shots_2__Der_2__Versuch_14.01.16_22-10_kabel1_110_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-17 16:44 - 2014-01-17 16:41 - 36759539 _____ () C:\Users\Fabian\Downloads\win-installer-415.exe
2014-01-17 16:43 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-01-17 16:15 - 2014-01-17 15:47 - 1087572086 _____ () C:\Users\Fabian\Downloads\Hot_Shots_Die_Mutter_aller_Filme_14.01.16_20-15_kabel1_115_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-16 18:42 - 2014-01-16 17:57 - 1745482030 _____ () C:\Users\Fabian\Downloads\Poltergeist_14.01.13_21-50_arte_115_TVOON_DE.mpg.HD.avi.otrkey
2014-01-16 17:47 - 2014-01-16 17:25 - 833519788 _____ () C:\Users\Fabian\Downloads\Frozen_Eiskalter_Abgrund_14.01.13_00-20_pro7_100_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-16 16:01 - 2013-03-15 15:02 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-15 22:35 - 2009-07-14 05:45 - 00443568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 22:05 - 2013-07-18 20:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 21:57 - 2012-07-20 20:55 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 21:09 - 2014-01-15 20:27 - 1625030776 _____ () C:\Users\Fabian\Downloads\Real_Cool_Runnings_Von_Kenia_aufs_Eis_14.01.14_20-15_vox_120_TVOON_DE.mpg.HQ.avi.otrkey
2014-01-15 17:05 - 2012-09-05 10:56 - 00000000 ____D () C:\Users\Fabian\Desktop\Fotos
Some content of TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Fabian\AppData\Local\Temp\AskSLib.dll
C:\Users\Fabian\AppData\Local\Temp\avgnt.exe
C:\Users\Fabian\AppData\Local\Temp\DeltaTB.exe
C:\Users\Fabian\AppData\Local\Temp\DivXSetup.exe
C:\Users\Fabian\AppData\Local\Temp\dp.exe
C:\Users\Fabian\AppData\Local\Temp\dvdshrink32setup.exe
C:\Users\Fabian\AppData\Local\Temp\EasyDownLightfp.exe
C:\Users\Fabian\AppData\Local\Temp\EasyDownLightrtd.exe
C:\Users\Fabian\AppData\Local\Temp\FreemakeVideoDownloader_3.1.0.2.exe
C:\Users\Fabian\AppData\Local\Temp\IminentSetup.exe
C:\Users\Fabian\AppData\Local\Temp\incredibar_installer.exe
C:\Users\Fabian\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Fabian\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Fabian\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Fabian\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Fabian\AppData\Local\Temp\ose00000.exe
C:\Users\Fabian\AppData\Local\Temp\ose00001.exe
C:\Users\Fabian\AppData\Local\Temp\ripsetup.exe
C:\Users\Fabian\AppData\Local\Temp\TubeBoxSetup.exe
C:\Users\Fabian\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Fabian\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Fabian\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Fabian\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Fabian\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Fabian\AppData\Local\Temp\vlc-2.1.2-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-11 08:17
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2014 01
Ran by Fabian at 2014-02-13 09:47:48
Running from C:\Users\Fabian\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
ABC Amber Nokia Converter (x32 Version: - )
ACE Stream Media 2.0.13 (HKCU Version: 2.0.13 - ACE Stream Media)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (x32 Version: 10.1.9 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Amazon Cloud Player (HKCU Version: 2.3.0.422 - Amazon Services LLC)
Any Video Converter 3.5.1 (x32 Version: - Any-Video-Converter.com)
Apple Application Support (x32 Version: 2.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (x32 Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (x32 Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Audacity 2.0.3 (x32 Version: 2.0.3 - Audacity Team)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
AviSynth 2.6 (x32 Version: 2.6.0.2 - GPL Public release.)
AvsP (x32 Version: - )
BBZ (x32 Version: 4.15 - iKuH-Software)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Bundled software uninstaller (x32 Version: - ) <==== ATTENTION
C5200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
C5200_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden
CdCoverCreator 2.5.3 (x32 Version: 2.5.3 - thyanté Software)
ColdCut (x32 Version: ColdCut - © Jan Brummelte)
Compiled Driver Disc (Full) 1.0 (Version: 1.0.4.0 - COMPELSON Labs)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version: - Microsoft)
Desktop Icon für Amazon (Version: 1.0.1 (de) - )
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX-Setup (x32 Version: 2.6.1.24 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
dradio-Recorder Version 3.02.6 (x32 Version: - )
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DVD Shrink 3.2 (x32 Version: - DVD Shrink)
DVD slideshow GUI 0.9.5.4 (x32 Version: 0.9.5.4 - Tin2tin)
Express Rip (x32 Version: 1.94 - NCH Software)
FastStone Image Viewer 4.6 (x32 Version: 4.6 - FastStone Soft)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow [rev 2946] [2009-05-15] (x32 Version: 1.0 - )
FireJump (x32 Version: 1.0.2.7 - FireJump.net)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Download Manager 3.9.2 (x32 Version: - FreeDownloadManager.ORG)
Free PDF to Word Doc Converter v1.1 (x32 Version: 1.1 - www.hellopdf.com)
Free Video to MP3 Converter version 5.0.29.925 (x32 Version: 5.0.29.925 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.0.128 (x32 Version: 3.2.0.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (x32 Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
GIMP 2.8.2 (Version: 2.8.2 - The GIMP Team)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GUI for dvdauthor 1.07 (x32 Version: 1.07 - Boraxsoft)
Haali Media Splitter (x32 Version: - )
Helix YUV Codecs (remove only) (x32 Version: - )
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (Version: 4.51 - HP)
HP Solution Center 13.0 (Version: 13.0 - HP)
HP Update (x32 Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (x32 Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930 - Intel Corporation)
Java 7 Update 21 (64-bit) (Version: 7.0.210 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LAME v3.99.3 (for Windows) (x32 Version: - )
Laptop Integrated Webcam Driver (1.04.01.1011) (Version: - )
Lyrics-Pal (x32 Version: - LyricsPal Soft. LTD) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
mkv2vob (x32 Version: 2.4.9 - 3r1c)
MOBILedit! Support Libraries (x32 Version: 4.0.0 - COMPELSON Labs)
MOBILedit! ver. 6.9.0.2876 (x32 Version: 6.9.0.2876 - COMPELSON Labs)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MP3jam 1.1.0.12 (x32 Version: 1.1.0.12 - MP3jam)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20900 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.01100 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.10001 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (x32 Version: 7.1.172.0 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (x32 Version: 3.8.30.0 - Nokia)
Nokia Suite (x32 Version: 3.8.30.0 - Nokia) Hidden
O&O Defrag Professional (Version: 12.0.197 - O&O Software GmbH)
OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP)
PC Connectivity Solution (x32 Version: 12.0.109.0 - Nokia)
PDF Architect (x32 Version: 1.0.41.8362 - pdfforge)
PDF Split And Merge Basic (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (x32 Version: 1.6.0 - Frank Heindörfer, Philip Chinery)
PDF-to-Word 3.1 Demo (x32 Version: - )
Phone Drivers Downloader 1.1 (Version: 1.1.0.0 - COMPELSON Labs)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
ProgDVB x64 (Version: 6.9x - Prog)
PS_AIO_02_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RICOH R5C83x/84x Media Driver Ver.3.53.02 (x32 Version: 3.53.02 - )
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shop for HP Supplies (Version: 13.0 - HP)
SigmaTel Audio (x32 Version: 5.10.5210.0 - SigmaTel)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SopCast 3.5.0 (x32 Version: 3.5.0 - www.sopcast.com)
SparPilot (x32 Version: 2.0.9 - SparPilot.com)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
System Checkup 3.4 (x32 Version: 3.4.0.53 - iolo technologies, LLC)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vereinfachte Ausgangsschrift (x32 Version: - )
VideoPad Videobearbeitungs-Software (x32 Version: - NCH Software)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.0.2 (Version: 2.0.2 - VideoLAN)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Winamp (x32 Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (x32 Version: 4.1.0.2001 - CACE Technologies)
XMedia Recode Version 3.1.6.4 (x32 Version: 3.1.6.4 - XMedia Recode)
Zattoo4 4.0.5 (x32 Version: 4.0.5 - Zattoo Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00A2C092-7498-43F4-9A08-42B076FEA486} - System32\Tasks\NCH Software\ExpressRipDowngrade => C:\Program Files (x86)\NCH Software\ExpressRip\expressrip.exe [2013-07-18] (NCH Software)
Task: {18DF7539-FB2F-4110-A0F1-F862B79A8D4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {35779821-663F-4B61-AA97-B680442A9704} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5797959A-ECC0-4765-A7A9-75D9647D2AC8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {95DA144F-55F4-4958-8560-510364CB6168} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {B220F13F-3AF5-4E87-9758-3F02C0777773} - System32\Tasks\Lyrics-Pal Update => C:\Program Files (x86)\LyricsPal\Lyrics.exe <==== ATTENTION
Task: {DCDBB6D4-4FA7-43BD-914E-E2CE333F4036} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf272b92e7b791.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics-Pal Update.job => C:\Program Files (x86)\LyricsPal\Lyrics.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-19 14:07 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Fabian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-08-05 11:21 - 2013-08-05 11:16 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-09-07 00:05 - 2012-09-07 00:05 - 07244800 _____ () C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.exe
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Fabian\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-04 16:12 - 2014-02-04 16:12 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-15 20:27 - 2014-01-15 20:27 - 00283648 _____ () C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.1\components\vmsfdmff22.dll
2013-05-21 17:54 - 2013-01-11 02:17 - 00105984 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-21 17:54 - 2013-01-11 02:22 - 03547136 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: dradio-RecorderTimer => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/10/2014 04:01:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: STacSV64.exe, Version: 1.0.5866.0, Zeitstempel: 0x47b615ae
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000280e
ID des fehlerhaften Prozesses: 0x9a8
Startzeit der fehlerhaften Anwendung: 0xSTacSV64.exe0
Pfad der fehlerhaften Anwendung: STacSV64.exe1
Pfad des fehlerhaften Moduls: STacSV64.exe2
Berichtskennung: STacSV64.exe3
Error: (02/03/2014 03:35:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MP3jam.exe, Version: 1.1.0.12, Zeitstempel: 0x5215af32
Name des fehlerhaften Moduls: bass.dll, Version: 2.4.10.0, Zeitstempel: 0x511f8348
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00004e08
ID des fehlerhaften Prozesses: 0x9fc
Startzeit der fehlerhaften Anwendung: 0xMP3jam.exe0
Pfad der fehlerhaften Anwendung: MP3jam.exe1
Pfad des fehlerhaften Moduls: MP3jam.exe2
Berichtskennung: MP3jam.exe3
Error: (02/03/2014 03:35:03 PM) (Source: .NET Runtime) (User: )
Description: Application: MP3jam.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
at Un4seen.Bass.AddOn.Aac.BassAac.BASS_AAC_StreamCreateURLUnicode(System.String, Int32, Un4seen.Bass.BASSFlag, Un4seen.Bass.DOWNLOADPROC, IntPtr)
at Un4seen.Bass.AddOn.Aac.BassAac.BASS_AAC_StreamCreateURL(System.String, Int32, Un4seen.Bass.BASSFlag, Un4seen.Bass.DOWNLOADPROC, IntPtr)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_c(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_b(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_a(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.Initialize(System.String, mp3jamapp.Downloader.Playback.MediaType, Boolean)
at mp3jamapp.Downloader.Playback.BaseContentPlayer.Initialize(mp3jamapp.Downloader.PluginCommons.IContentInfo)
at mp3jamapp.Downloader.Logic.Playback.PlayerSelector.Initialize(mp3jamapp.Downloader.PluginCommons.IContentInfo)
at mp3jamapp.Downloader.Logic.Playback.TrackPlayer.eval_a(System.Object, SafeWaiter, Boolean ByRef)
at mp3jamapp.Miscellaneous.Tools.TaskManagement.DelegatedWaitingTask.Execute()
at mp3jamapp.Miscellaneous.Tools.TaskManagement.SequentalTaskManager.eval_c()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (02/03/2014 03:34:19 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MP3jam.exe, Version: 1.1.0.12, Zeitstempel: 0x5215af32
Name des fehlerhaften Moduls: bass.dll, Version: 2.4.10.0, Zeitstempel: 0x511f8348
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00004e08
ID des fehlerhaften Prozesses: 0x138c
Startzeit der fehlerhaften Anwendung: 0xMP3jam.exe0
Pfad der fehlerhaften Anwendung: MP3jam.exe1
Pfad des fehlerhaften Moduls: MP3jam.exe2
Berichtskennung: MP3jam.exe3
Error: (02/03/2014 03:34:16 PM) (Source: .NET Runtime) (User: )
Description: Application: MP3jam.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
at Un4seen.Bass.AddOn.Aac.BassAac.BASS_AAC_StreamCreateURLUnicode(System.String, Int32, Un4seen.Bass.BASSFlag, Un4seen.Bass.DOWNLOADPROC, IntPtr)
at Un4seen.Bass.AddOn.Aac.BassAac.BASS_AAC_StreamCreateURL(System.String, Int32, Un4seen.Bass.BASSFlag, Un4seen.Bass.DOWNLOADPROC, IntPtr)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_c(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_b(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_a(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.Initialize(System.String, mp3jamapp.Downloader.Playback.MediaType, Boolean)
at mp3jamapp.Downloader.Playback.BaseContentPlayer.Initialize(mp3jamapp.Downloader.PluginCommons.IContentInfo)
at mp3jamapp.Downloader.Logic.Playback.PlayerSelector.Initialize(mp3jamapp.Downloader.PluginCommons.IContentInfo)
at mp3jamapp.Downloader.Logic.Playback.TrackPlayer.eval_a(System.Object, SafeWaiter, Boolean ByRef)
at mp3jamapp.Miscellaneous.Tools.TaskManagement.DelegatedWaitingTask.Execute()
at mp3jamapp.Miscellaneous.Tools.TaskManagement.SequentalTaskManager.eval_c()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (01/28/2014 08:30:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: qotr.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7aa48d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02848954
ID des fehlerhaften Prozesses: 0xcf4
Startzeit der fehlerhaften Anwendung: 0xqotr.exe0
Pfad der fehlerhaften Anwendung: qotr.exe1
Pfad des fehlerhaften Moduls: qotr.exe2
Berichtskennung: qotr.exe3
Error: (01/27/2014 07:37:30 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm qotr.exe wurde wegen dieses Fehlers geschlossen.
Programm: qotr.exe
Datei:
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0
Error: (01/27/2014 07:37:30 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: qotr.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7aa48d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000096
Fehleroffset: 0x025388a4
ID des fehlerhaften Prozesses: 0x161c
Startzeit der fehlerhaften Anwendung: 0xqotr.exe0
Pfad der fehlerhaften Anwendung: qotr.exe1
Pfad des fehlerhaften Moduls: qotr.exe2
Berichtskennung: qotr.exe3
Error: (01/26/2014 11:19:12 AM) (Source: Application Hang) (User: )
Description: Programm fdm.exe, Version 3.9.1303.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1380
Startzeit: 01cf1a7ff37fbde6
Endzeit: 26
Anwendungspfad: C:\Program Files (x86)\Free Download Manager\fdm.exe
Berichts-ID: 3b435933-8673-11e3-9555-001d095f19e1
Error: (01/25/2014 05:34:56 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5e4
Startzeit: 01cf19db77417c80
Endzeit: 4243
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
System errors:
=============
Error: (02/13/2014 08:55:58 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (02/12/2014 09:11:00 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19 gefunden.
Error: (02/12/2014 09:10:59 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19 gefunden.
Error: (02/12/2014 09:10:59 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19 gefunden.
Error: (02/12/2014 09:10:58 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19 gefunden.
Error: (02/12/2014 09:09:20 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19 gefunden.
Error: (02/12/2014 09:09:19 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19 gefunden.
Error: (02/12/2014 09:09:18 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19 gefunden.
Error: (02/12/2014 09:09:18 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19 gefunden.
Error: (02/12/2014 08:55:04 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR18 gefunden.
Microsoft Office Sessions:
=========================
Error: (02/10/2014 04:01:06 PM) (Source: Application Error)(User: )
Description: STacSV64.exe1.0.5866.047b615aemsvcrt.dll7.0.7601.177444eeb033fc0000005000000000000280e9a801cf2668bac6b523C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exeC:\Windows\system32\msvcrt.dll2a8ccad7-9264-11e3-be41-001d095f19e1
Error: (02/03/2014 03:35:03 PM) (Source: Application Error)(User: )
Description: MP3jam.exe1.1.0.125215af32bass.dll2.4.10.0511f8348c000000500004e089fc01cf20ed146f23c6C:\Program Files (x86)\MP3jam\MP3jam.exeC:\Program Files (x86)\MP3jam\bass.dll5da73c16-8ce0-11e3-9ad1-001d095f19e1
Error: (02/03/2014 03:35:03 PM) (Source: .NET Runtime)(User: )
Description: Application: MP3jam.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
at Un4seen.Bass.AddOn.Aac.BassAac.BASS_AAC_StreamCreateURLUnicode(System.String, Int32, Un4seen.Bass.BASSFlag, Un4seen.Bass.DOWNLOADPROC, IntPtr)
at Un4seen.Bass.AddOn.Aac.BassAac.BASS_AAC_StreamCreateURL(System.String, Int32, Un4seen.Bass.BASSFlag, Un4seen.Bass.DOWNLOADPROC, IntPtr)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_c(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_b(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_a(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.Initialize(System.String, mp3jamapp.Downloader.Playback.MediaType, Boolean)
at mp3jamapp.Downloader.Playback.BaseContentPlayer.Initialize(mp3jamapp.Downloader.PluginCommons.IContentInfo)
at mp3jamapp.Downloader.Logic.Playback.PlayerSelector.Initialize(mp3jamapp.Downloader.PluginCommons.IContentInfo)
at mp3jamapp.Downloader.Logic.Playback.TrackPlayer.eval_a(System.Object, SafeWaiter, Boolean ByRef)
at mp3jamapp.Miscellaneous.Tools.TaskManagement.DelegatedWaitingTask.Execute()
at mp3jamapp.Miscellaneous.Tools.TaskManagement.SequentalTaskManager.eval_c()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (02/03/2014 03:34:19 PM) (Source: Application Error)(User: )
Description: MP3jam.exe1.1.0.125215af32bass.dll2.4.10.0511f8348c000000500004e08138c01cf20ecc5ea0b82C:\Program Files (x86)\MP3jam\MP3jam.exeC:\Program Files (x86)\MP3jam\bass.dll438da3a0-8ce0-11e3-9ad1-001d095f19e1
Error: (02/03/2014 03:34:16 PM) (Source: .NET Runtime)(User: )
Description: Application: MP3jam.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
at Un4seen.Bass.AddOn.Aac.BassAac.BASS_AAC_StreamCreateURLUnicode(System.String, Int32, Un4seen.Bass.BASSFlag, Un4seen.Bass.DOWNLOADPROC, IntPtr)
at Un4seen.Bass.AddOn.Aac.BassAac.BASS_AAC_StreamCreateURL(System.String, Int32, Un4seen.Bass.BASSFlag, Un4seen.Bass.DOWNLOADPROC, IntPtr)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_c(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_b(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.eval_a(Int32)
at mp3jamapp.Downloader.Playback.SleeperPlayer.Initialize(System.String, mp3jamapp.Downloader.Playback.MediaType, Boolean)
at mp3jamapp.Downloader.Playback.BaseContentPlayer.Initialize(mp3jamapp.Downloader.PluginCommons.IContentInfo)
at mp3jamapp.Downloader.Logic.Playback.PlayerSelector.Initialize(mp3jamapp.Downloader.PluginCommons.IContentInfo)
at mp3jamapp.Downloader.Logic.Playback.TrackPlayer.eval_a(System.Object, SafeWaiter, Boolean ByRef)
at mp3jamapp.Miscellaneous.Tools.TaskManagement.DelegatedWaitingTask.Execute()
at mp3jamapp.Miscellaneous.Tools.TaskManagement.SequentalTaskManager.eval_c()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (01/28/2014 08:30:03 PM) (Source: Application Error)(User: )
Description: qotr.exe0.0.0.04b7aa48dunknown0.0.0.000000000c000000502848954cf401cf1c5eff809f34C:\Users\Fabian\Desktop\qotrdecoder-win32-0.0.247-r1132\qotr.exeunknown95829d91-8852-11e3-ae49-001d095f19e1
Error: (01/27/2014 07:37:30 PM) (Source: Application Error)(User: )
Description: qotr.exe000000000
Error: (01/27/2014 07:37:30 PM) (Source: Application Error)(User: )
Description: qotr.exe0.0.0.04b7aa48dunknown0.0.0.000000000c0000096025388a4161c01cf1b8ea022772cC:\Users\Fabian\Desktop\qotrdecoder-win32-0.0.247-r1132\qotr.exeunknown13b30637-8782-11e3-bca1-001d095f19e1
Error: (01/26/2014 11:19:12 AM) (Source: Application Hang)(User: )
Description: fdm.exe3.9.1303.0138001cf1a7ff37fbde626C:\Program Files (x86)\Free Download Manager\fdm.exe3b435933-8673-11e3-9555-001d095f19e1
Error: (01/25/2014 05:34:56 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.50875e401cf19db77417c804243C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 4086.04 MB
Available physical RAM: 2243 MB
Total Pagefile: 8170.27 MB
Available Pagefile: 5992.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:30.27 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 00000080)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-13 10:29:55
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 WDC_WD2500BEVS-75UST0 rev.01.01A01 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Fabian\AppData\Local\Temp\uxdiipod.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002e07000 16 bytes [8B, E3, 41, 5F, 41, 5E, 41, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 545 fffff80002e07011 35 bytes {LEA ECX, [RSP+0x70]; CALL 0x3d64f}
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.exe[1612] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075251465 2 bytes [25, 75]
.text C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.exe[1612] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000752514bb 2 bytes [25, 75]
.text ... * 2
.text C:\Users\Fabian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe[1552] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075251465 2 bytes [25, 75]
.text C:\Users\Fabian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe[1552] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752514bb 2 bytes [25, 75]
.text ... * 2
.text C:\Users\Fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe[3152] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000075251465 2 bytes [25, 75]
.text C:\Users\Fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe[3152] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000752514bb 2 bytes [25, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3988:2600] 000007fefe540168
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3988:3044] 000007fefb032a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3988:192] 000007feee5d4830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3988:4184] 000007fef8af5124
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3988:3564] 000007feee559d90
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3988:2164] 000007feee5d4830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3988:1388] 000007fefe540168
---- Processes - GMER 2.1 ----
Process C:\Users\Fabian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (*** suspicious ***) @ C:\Users\Fabian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [1552](2014-01-19 13:07:36) 0000000001240000
Library C:\Users\Fabian\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe [3152](2014-01-03 00:45:04) 0000000003c00000
Library C:\Users\Fabian\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe [3152](2013-10-18 23:55:02) 000000006d100000
Library C:\Users\Fabian\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe [3152] (ICU Data DLL/The ICU Project)(2013-10-18 23:55:00) 000000006c770000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\rdyboost\Parameters@LastBootPlanUserTime ?Do?, ?Feb ?13 ?14, 08:57:31????????????X??????????????????????
---- EOF - GMER 2.1 ----
Gruß |
Baum-Darstellung