| |
| |||||||
Log-Analyse und Auswertung: Windows 8, 64 Bit. Probleme mit Topic Torch/ Wise EnhanceWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.04.2014, 12:36
| #1 |
| |  Windows 8, 64 Bit. Probleme mit Topic Torch/ Wise Enhance Hallo, ich habe seit einigen Tagen das Problem, dass vom Laptop einfach Programme und Browser geschlossen werden. Entweder kommt dann eine Fehlermeldung, (Das Programm funktioniert nicht mehr) oder es geht einfach ohne Fehlermeldung zu. Gestern fiel mir dann auf, dass beim Surfen plötzlich zwei Werbefenster sind, die vorher nicht da waren. Eines Links am Rand, klickt man auf dieses kommt man auf die Seite Topic Torch, auf der seite kann man dann disable anklicken, woraufhin aber nichts geschieht. Klickt man auf das zweite Werbefenster unten am Rand, kommt man auf die Seite Wise Enhance - Review Ich hab in den Google Chrome Einstellungen nachgeschaut, diese Erweiterungen werden mir aber nicht angezeigt. In der Systemsteuerung ist auch nichts zu finden davon. Ich habe dann gegoogelt und mir die Software Malwarebytes rungtergeladen und ausgeführt. Das Problem besteht aber immer noch. Dann habe ich dieses Forum entdeckt, und die Sachen alle runtergeladen und ausgeführt, aber das Programm GMER startet nicht bei mir. Da kommt immer dass ein anderer Prozess darauf zugreift und es geschlossen wird. Falls ich nun was vergessen habe, entschuldige ich mich schon mal Liebe grüße und Vielen Dank schon mal FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014 Ran by ******* (administrator) on *******LAPTOP on 30-04-2014 12:25:26 Running from C:\Users\*****\Downloads Windows 8.1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\WINDOWS\system32\atiesrxx.exe (AMD) C:\WINDOWS\system32\atieclxx.exe (Hewlett-Packard Company) C:\WINDOWS\system32\Hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (Side Effects Software Inc.) C:\WINDOWS\system32\sesinetd.exe (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe (Side Effects Software Inc.) C:\WINDOWS\system32\hserver.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SESDBN.EXE (Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SEPWDN.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe (Microsoft Corporation) C:\Windows\System32\skydrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\WINDOWS\system32\wwahost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Quick Start\HPQuickstart.exe () C:\Users\*******\Downloads\adwcleaner.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\*******\Downloads\Defogger.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-18] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2994928 2013-06-05] (Synaptics Incorporated) HKLM\...\Run: [SEQLU] => C:\Program Files\EPSON_P2\Printer Software\SEQLUZ.EXE [950704 2012-11-16] (SEIKO EPSON CORPORATION) HKLM\...\Run: [SESMPSP] => C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE [459184 2012-11-16] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company) HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1686528 2012-03-27] (Wondershare) HKU\S-1-5-21-298893599-2156876346-56307058-1002\...\Run: [Corel Photo Downloader] => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup HKU\S-1-5-21-298893599-2156876346-56307058-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Corel Photo Downloader] => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4 SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_18_ch&cd=2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCyEtB0FtAzytD0BtCtCtN0D0Tzu0SzzyDtDtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyzyyD0AyByCtAtGtAtB0B0FtG0FyE0D0EtGtA0A0D0FtGtAtD0BtBtDtD0A0AtB0AyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0A0CyDyByC0AzytGtCtD0A0DtGtAyDyC0DtG0EyByCtDtGtAzztCzztCzztC0FzztA0Czz2Q&cr=1290861712&ir= SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_18_ch&cd=2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCyEtB0FtAzytD0BtCtCtN0D0Tzu0SzzyDtDtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyzyyD0AyByCtAtGtAtB0B0FtG0FyE0D0EtGtA0A0D0FtGtAtD0BtBtDtD0A0AtB0AyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0A0CyDyByC0AzytGtCtD0A0DtGtAyDyC0DtG0EyByCtDtGtAzztCzztCzztC0FzztA0Czz2Q&cr=1290861712&ir= SearchScopes: HKLM - {2F0BA1A6-09CE-47C6-B10A-D1F1FCC65C43} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM-x32 - {2F0BA1A6-09CE-47C6-B10A-D1F1FCC65C43} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_18_ch&cd=2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCyEtB0FtAzytD0BtCtCtN0D0Tzu0SzzyDtDtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyzyyD0AyByCtAtGtAtB0B0FtG0FyE0D0EtGtA0A0D0FtGtAtD0BtBtDtD0A0AtB0AyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0A0CyDyByC0AzytGtCtD0A0DtGtAyDyC0DtG0EyByCtDtGtAzztCzztCzztC0FzztA0Czz2Q&cr=1290861712&ir= SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_18_ch&cd=2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCyEtB0FtAzytD0BtCtCtN0D0Tzu0SzzyDtDtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyzyyD0AyByCtAtGtAtB0B0FtG0FyE0D0EtGtA0A0D0FtGtAtD0BtBtDtD0A0AtB0AyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0A0CyDyByC0AzytGtCtD0A0DtGtAyDyC0DtG0EyByCtDtGtAzztCzztCzztC0FzztA0Czz2Q&cr=1290861712&ir= SearchScopes: HKCU - {2F0BA1A6-09CE-47C6-B10A-D1F1FCC65C43} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\bx12fuek.default FF user.js: detected! => C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\bx12fuek.default\user.js FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*'))%20%7B%20return%20'PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D" FF NetworkProxy: "type", 2 FF SelectedSearchEngine: Mysearchdial FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\bx12fuek.default\Extensions\staged [2014-04-29] FF Extension: ProxMate - Proxy on steroids! - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\bx12fuek.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2014-01-14] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\ [] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF [2014-01-04] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=dsites03_14_18_ch&cd=2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCyEtB0FtAzytD0BtCtCtN0D0Tzu0SzzyDtDtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyzyyD0AyByCtAtGtAtB0B0FtG0FyE0D0EtGtA0A0D0FtGtAtD0BtBtDtD0A0AtB0AyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0A0CyDyByC0AzytGtCtD0A0DtGtAyDyC0DtG0EyByCtDtGtAzztCzztCzztC0FzztA0Czz2Q&cr=1290861712&ir=" CHR Extension: (Google Docs) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-04] CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-04] CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-04] CHR Extension: (Google-Suche) - C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-04] CHR Extension: (Norton Identity Protection) - C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-04] CHR Extension: (Google Wallet) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-04] CHR Extension: (Google Mail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-04] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-02-01] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-26] (CyberLink) R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-26] (CyberLink) R2 HoudiniLicenseServer; C:\WINDOWS\system32\sesinetd.exe [2613760 2014-01-10] (Side Effects Software Inc.) R2 HoudiniServer; C:\WINDOWS\system32\hserver.exe [2460160 2014-01-10] (Side Effects Software Inc.) R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor) R2 SESMPWD; C:\Program Files\EPSON_P2\Status Monitor\SEPWDN.EXE [155568 2012-11-16] (SEIKO EPSON CORPORATION) R2 SESMSDB; C:\Program Files\EPSON_P2\Status Monitor\SESDBN.EXE [343472 2012-11-16] (SEIKO EPSON CORPORATION) R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-04] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-24] (Advanced Micro Devices) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation) R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-03] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-03] (Symantec Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140303.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-04] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-30] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140304.032\ENG64.SYS [126040 2014-02-26] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140304.032\EX64.SYS [2099288 2014-02-26] (Symantec Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] () S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288840 2013-04-11] (Realtek Semiconductor Corp.) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-04] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-05] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-06-05] (Synaptics Incorporated) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation) R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation) R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-11-15] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-01-04] (Symantec Corporation) R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) R1 {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64; C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys [61120 2014-04-24] (StdLib) S1 MpKsl9bbdc4c8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2A37FAD-C72B-4FE9-928D-CD8DAB99F952}\MpKsl9bbdc4c8.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-30 12:25 - 2014-04-30 12:25 - 00380416 _____ () C:\Users\******\Downloads\Gmer-19357.exe 2014-04-30 12:25 - 2014-04-30 12:25 - 00027306 _____ () C:\Users\*******\Downloads\FRST.txt 2014-04-30 12:24 - 2014-04-30 12:25 - 00000000 ___DC () C:\FRST 2014-04-30 12:24 - 2014-04-30 12:24 - 02061824 _____ (Farbar) C:\Users\******\Downloads\FRST64.exe 2014-04-30 12:23 - 2014-04-30 12:23 - 00050477 _____ () C:\Users\*******\Downloads\Defogger.exe 2014-04-30 12:23 - 2014-04-30 12:23 - 00000478 _____ () C:\Users\******\Downloads\defogger_disable.log 2014-04-30 12:23 - 2014-04-30 12:23 - 00000000 _____ () C:\Users\*******\defogger_reenable 2014-04-30 11:01 - 2014-04-30 11:01 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\******\Downloads\SpyHunter-Installer.exe 2014-04-30 10:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2014-04-30 10:49 - 2014-04-30 10:49 - 00000000 ___DC () C:\AdwCleaner 2014-04-30 10:47 - 2014-04-30 10:47 - 01310621 _____ () C:\Users\*******\Downloads\adwcleaner.exe 2014-04-30 09:05 - 2014-04-30 10:38 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-04-30 09:04 - 2014-04-30 09:04 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-30 09:04 - 2014-04-30 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-30 09:04 - 2014-04-30 09:04 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-30 09:04 - 2014-04-30 09:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-30 09:04 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-04-30 09:04 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-04-30 09:04 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-04-30 09:03 - 2014-04-30 09:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\******\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-29 19:03 - 2014-04-29 19:03 - 00000043 _____ () C:\Users\******\AppData\Roaming\WB.CFG 2014-04-29 18:58 - 2014-04-24 12:32 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys 2014-04-29 18:03 - 2014-04-30 11:03 - 00000334 _____ () C:\WINDOWS\Tasks\MySearchDial.job 2014-04-29 18:03 - 2014-04-29 18:04 - 24677393 _____ () C:\Users\*******\Downloads\vlc-2.1.3-win32 (1).exe 2014-04-29 18:03 - 2014-04-29 18:03 - 00002672 _____ () C:\WINDOWS\System32\Tasks\MySearchDial 2014-04-29 17:38 - 2014-04-29 17:39 - 00000000 ____D () C:\Users\*******\AppData\Roaming\vlc 2014-04-29 17:37 - 2014-04-29 17:37 - 00001085 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-29 17:37 - 2014-04-29 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-04-29 17:37 - 2014-04-29 17:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-29 17:34 - 2014-04-29 17:36 - 24677393 _____ () C:\Users\*******\Downloads\vlc-2.1.3-win32.exe 2014-04-29 17:33 - 2014-04-29 17:33 - 02090619 _____ () C:\Users\*******\Downloads\Nicht bestätigt 479646.crdownload 2014-04-29 17:24 - 2014-04-29 17:24 - 00001094 _____ () C:\Users\Public\Desktop\VideoConverter.lnk 2014-04-29 17:24 - 2014-04-29 17:24 - 00000000 ____D () C:\Users\*******\AppData\Roaming\1H1Q 2014-04-29 17:24 - 2014-04-29 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoConverter 2014-04-29 17:24 - 2014-04-29 17:24 - 00000000 ____D () C:\Program Files (x86)\VideoConverter 2014-04-29 11:56 - 2014-04-29 11:56 - 00000000 ____D () C:\Users\******\AppData\Local\Media Markt Fotoservice 2014-04-29 11:54 - 2014-04-29 11:54 - 00001115 _____ () C:\Users\Public\Desktop\Media Markt Fotoservice.lnk 2014-04-29 11:54 - 2014-04-29 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Markt Fotoservice 2014-04-29 11:53 - 2014-04-29 11:53 - 00000000 ____D () C:\ProgramData\Media Markt Fotoservice 2014-04-29 11:52 - 2014-04-29 11:56 - 00000000 ____D () C:\Program Files (x86)\Media Markt Fotoservice 2014-04-29 11:47 - 2014-04-29 11:51 - 132019488 _____ ( ) C:\Users\********\Downloads\MediaMarkt_Fotoservice.exe 2014-04-28 17:17 - 2014-04-28 17:20 - 00000000 ____D () C:\Users\********\Documents\Designer Files 2014-04-28 17:17 - 2014-04-28 17:17 - 00000000 ____D () C:\Users\******\AppData\Roaming\fotobuch.de AG 2014-04-28 17:17 - 2014-04-28 17:17 - 00000000 ____D () C:\ProgramData\fotobuch.de AG 2014-04-28 17:12 - 2014-04-28 17:12 - 00002094 _____ () C:\Users\*******\Desktop\Designer 2.0.lnk 2014-04-28 17:12 - 2014-04-28 17:12 - 00002094 _____ () C:\Users\******\Desktop\Designer 2.0.lnk 2014-04-28 17:12 - 2014-04-28 17:12 - 00002094 _____ () C:\Users\Gast\Desktop\Designer 2.0.lnk 2014-04-28 17:12 - 2014-04-28 17:12 - 00002094 _____ () C:\Users\*******\Desktop\Designer 2.0.lnk 2014-04-28 17:12 - 2014-04-28 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fotobuch.de 2014-04-28 17:08 - 2014-04-28 17:10 - 00000000 ____D () C:\Program Files (x86)\fotobuch.de 2014-04-28 17:08 - 2014-04-28 17:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\artworks 2014-04-28 17:02 - 2014-04-28 17:04 - 17609480 _____ (Fomanu AG ) C:\Users\******\Downloads\template_spirit_02.exe 2014-04-28 16:58 - 2014-04-28 17:04 - 202388600 _____ (Fomanu AG ) C:\Users\******\Downloads\designer_20.exe 2014-04-28 16:54 - 2014-04-28 16:54 - 00001264 _____ () C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk 2014-04-28 16:54 - 2014-04-28 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 8.1.1 2014-04-28 16:54 - 2014-04-28 16:54 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1 2014-04-28 16:54 - 2013-09-30 16:26 - 03050808 _____ () C:\WINDOWS\system32\pwNative.exe 2014-04-28 16:54 - 2013-09-30 16:26 - 00019152 ____N () C:\WINDOWS\system32\pwdrvio.sys 2014-04-28 16:54 - 2013-09-30 16:26 - 00012504 ____N () C:\WINDOWS\system32\pwdspio.sys 2014-04-28 16:53 - 2014-04-28 16:54 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\******\Downloads\pwhe811.exe 2014-04-24 12:39 - 2014-04-24 12:39 - 00001287 _____ () C:\Users\******\Desktop\DSCF4937 - Verknüpfung.lnk 2014-04-18 15:33 - 2014-04-18 15:33 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Total Eclipse 2014-04-18 15:32 - 2014-04-18 15:32 - 00002237 _____ () C:\Users\******\Desktop\Fashion Boutique spielen.lnk 2014-04-18 15:32 - 2014-04-18 15:32 - 00002237 _____ () C:\Users\*****\Desktop\Fashion Boutique spielen.lnk 2014-04-18 15:32 - 2014-04-18 15:32 - 00002237 _____ () C:\Users\Gast\Desktop\Fashion Boutique spielen.lnk 2014-04-18 15:32 - 2014-04-18 15:32 - 00002237 _____ () C:\Users\******\Desktop\Fashion Boutique spielen.lnk 2014-04-18 13:46 - 2014-04-18 15:32 - 00001081 _____ () C:\Users\*****\Desktop\Spielkiste.lnk 2014-04-18 13:46 - 2014-04-18 15:32 - 00001081 _____ () C:\Users\*****\Desktop\Spielkiste.lnk 2014-04-18 13:46 - 2014-04-18 15:32 - 00001081 _____ () C:\Users\Gast\Desktop\Spielkiste.lnk 2014-04-18 13:46 - 2014-04-18 15:32 - 00001081 _____ () C:\Users\******\Desktop\Spielkiste.lnk 2014-04-18 13:46 - 2014-04-18 15:32 - 00000000 ____D () C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Einfach Spielen 2014-04-18 13:46 - 2014-04-18 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Einfach Spielen 2014-04-18 13:46 - 2014-04-18 15:32 - 00000000 ____D () C:\Program Files (x86)\Einfach_Spielen 2014-04-18 13:46 - 2014-04-18 13:46 - 00002198 _____ () C:\Users\*****\Desktop\The Great Tree spielen.lnk 2014-04-18 13:46 - 2014-04-18 13:46 - 00002198 _____ () C:\Users\*****\Desktop\The Great Tree spielen.lnk 2014-04-18 13:46 - 2014-04-18 13:46 - 00002198 _____ () C:\Users\Gast\Desktop\The Great Tree spielen.lnk 2014-04-18 13:46 - 2014-04-18 13:46 - 00002198 _____ () C:\Users\******\Desktop\The Great Tree spielen.lnk 2014-04-13 14:54 - 2014-04-13 14:54 - 00000000 _____ () C:\Users\*****\AppData\Roaming\TS3Patch.lck 2014-04-13 14:53 - 2014-04-13 14:53 - 00000000 ____D () C:\Users\****\Documents\Electronic Arts 2014-04-13 14:25 - 2014-04-13 14:25 - 00018385 _____ () C:\Users\******\Desktop\Google-Ergebnis für http www.wandtattoo4all.de images articles c364eca7101b119a412c7539b5f70d7e_5.png.htm 2014-04-13 14:25 - 2014-04-13 14:25 - 00000000 ____D () C:\Users\******\Desktop\Google-Ergebnis für http www.wandtattoo4all.de images articles c364eca7101b119a412c7539b5f70d7e_5.png_files 2014-04-05 09:04 - 2014-04-05 09:04 - 00092672 ___SH () C:\Users\******\Downloads\Thumbs.db 2014-04-05 08:57 - 2014-04-06 22:41 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-298893599-2156876346-56307058-1006 2014-04-05 08:54 - 2014-04-06 11:20 - 00000000 ____D () C:\Users\******\AppData\Local\CrashDumps 2014-04-05 08:53 - 2014-04-06 10:52 - 00000000 __RDO () C:\Users\******\SkyDrive 2014-04-05 08:53 - 2014-04-05 08:53 - 00000000 ____D () C:\Users\*******\AppData\Local\Google 2014-04-05 08:52 - 2014-04-06 10:53 - 00000000 ____D () C:\Users\******\Documents\Youcam 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Roaming\Synaptics 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\*******\AppData\Roaming\simplitec 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Roaming\ATI 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Local\Wondershare 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Local\CyberLink 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\*******\AppData\Local\ATI 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Local\AMD 2014-04-05 08:50 - 2014-04-06 11:20 - 00000000 ____D () C:\Users\*******\AppData\Local\Packages 2014-04-05 08:50 - 2014-04-05 08:54 - 00002270 _____ () C:\Users\*******\Desktop\Google Chrome.lnk 2014-04-05 08:50 - 2014-04-05 08:50 - 00001453 _____ () C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ____D () C:\Users\******\AppData\Roaming\Adobe 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ____D () C:\Users\*******\AppData\Local\VirtualStore 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ____D () C:\Users\******\AppData\Local\Hewlett-Packard 2014-04-05 08:49 - 2014-04-05 08:53 - 00000000 ____D () C:\Users\***** 2014-04-05 08:49 - 2014-04-05 08:49 - 00000020 ___SH () C:\Users\*****\ntuser.ini 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\*****\Vorlagen 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\*****\Startmenü 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\*****\Netzwerkumgebung 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\*****\Lokale Einstellungen 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Eigene Dateien 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Druckumgebung 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Documents\Eigene Musik 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Documents\Eigene Bilder 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\AppData\Local\Verlauf 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\AppData\Local\Anwendungsdaten 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Anwendungsdaten 2014-04-05 08:49 - 2014-03-13 18:30 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-04-05 08:49 - 2014-01-04 19:16 - 00000000 ____D () C:\Users\******\Documents\hp.system.package.metadata 2014-04-05 08:49 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-05 08:49 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-04-05 08:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-03-31 06:46 - 2014-03-31 06:46 - 00000000 ____D () C:\Users\******\AppData\Local\Wondershare ==================== One Month Modified Files and Folders ======= 2014-04-30 12:25 - 2014-04-30 12:25 - 00380416 _____ () C:\Users\******\Downloads\Gmer-19357.exe 2014-04-30 12:25 - 2014-04-30 12:25 - 00027306 _____ () C:\Users\******\Downloads\FRST.txt 2014-04-30 12:25 - 2014-04-30 12:24 - 00000000 ___DC () C:\FRST 2014-04-30 12:24 - 2014-04-30 12:24 - 02061824 _____ (Farbar) C:\Users\******\Downloads\FRST64.exe 2014-04-30 12:23 - 2014-04-30 12:23 - 00050477 _____ () C:\Users\******\Downloads\Defogger.exe 2014-04-30 12:23 - 2014-04-30 12:23 - 00000478 _____ () C:\Users\******\Downloads\defogger_disable.log 2014-04-30 12:23 - 2014-04-30 12:23 - 00000000 _____ () C:\Users\******\defogger_reenable 2014-04-30 12:23 - 2014-01-04 19:11 - 00000000 ____D () C:\Users\****** 2014-04-30 12:21 - 2014-01-04 19:24 - 01547259 _____ () C:\WINDOWS\WindowsUpdate.log 2014-04-30 12:19 - 2014-01-12 15:37 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DF5DD767-92A8-444D-A483-EB1DC0AF79C8} 2014-04-30 12:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-04-30 11:08 - 2014-01-04 08:41 - 00001144 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-30 11:03 - 2014-04-29 18:03 - 00000334 _____ () C:\WINDOWS\Tasks\MySearchDial.job 2014-04-30 11:01 - 2014-04-30 11:01 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\******\Downloads\SpyHunter-Installer.exe 2014-04-30 10:49 - 2014-04-30 10:49 - 00000000 ___DC () C:\AdwCleaner 2014-04-30 10:47 - 2014-04-30 10:47 - 01310621 _____ () C:\Users\******\Downloads\adwcleaner.exe 2014-04-30 10:38 - 2014-04-30 09:05 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-04-30 10:28 - 2014-01-03 14:40 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-298893599-2156876346-56307058-1002 2014-04-30 10:09 - 2013-11-14 09:27 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-04-30 10:09 - 2013-11-14 09:11 - 00842568 _____ () C:\WINDOWS\system32\perfh007.dat 2014-04-30 10:09 - 2013-11-14 09:11 - 00191764 _____ () C:\WINDOWS\system32\perfc007.dat 2014-04-30 10:06 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-04-30 10:05 - 2014-01-03 14:35 - 00000000 ____D () C:\Users\******\Documents\Youcam 2014-04-30 10:04 - 2014-01-07 22:22 - 00000000 __RDO () C:\Users\******\SkyDrive 2014-04-30 10:04 - 2014-01-04 08:41 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-30 10:03 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-04-30 10:03 - 2013-08-22 16:44 - 00493304 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-30 10:02 - 2013-11-14 00:18 - 00028344 _____ () C:\WINDOWS\PFRO.log 2014-04-30 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Globalization 2014-04-30 10:02 - 2013-08-22 15:25 - 01835008 ___SH () C:\WINDOWS\system32\config\BBI 2014-04-30 10:02 - 2013-08-22 15:25 - 00000194 _____ () C:\WINDOWS\win.ini 2014-04-30 09:40 - 2014-03-23 13:55 - 00000000 ____D () C:\Users\******\AppData\Roaming\Systweak 2014-04-30 09:04 - 2014-04-30 09:04 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-30 09:04 - 2014-04-30 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-30 09:04 - 2014-04-30 09:04 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-30 09:04 - 2014-04-30 09:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-30 09:03 - 2014-04-30 09:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\******\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-30 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-04-29 19:48 - 2014-01-24 22:02 - 00450048 ___SH () C:\Users\******\Desktop\Thumbs.db 2014-04-29 19:03 - 2014-04-29 19:03 - 00000043 _____ () C:\Users\******\AppData\Roaming\WB.CFG 2014-04-29 18:04 - 2014-04-29 18:03 - 24677393 _____ () C:\Users\******\Downloads\vlc-2.1.3-win32 (1).exe 2014-04-29 18:03 - 2014-04-29 18:03 - 00002672 _____ () C:\WINDOWS\System32\Tasks\MySearchDial 2014-04-29 17:39 - 2014-04-29 17:38 - 00000000 ____D () C:\Users\******\AppData\Roaming\vlc 2014-04-29 17:37 - 2014-04-29 17:37 - 00001085 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-29 17:37 - 2014-04-29 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-04-29 17:37 - 2014-04-29 17:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-29 17:36 - 2014-04-29 17:34 - 24677393 _____ () C:\Users\******\Downloads\vlc-2.1.3-win32.exe 2014-04-29 17:33 - 2014-04-29 17:33 - 02090619 _____ () C:\Users\******\Downloads\Nicht bestätigt 479646.crdownload 2014-04-29 17:24 - 2014-04-29 17:24 - 00001094 _____ () C:\Users\Public\Desktop\VideoConverter.lnk 2014-04-29 17:24 - 2014-04-29 17:24 - 00000000 ____D () C:\Users\******\AppData\Roaming\1H1Q 2014-04-29 17:24 - 2014-04-29 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoConverter 2014-04-29 17:24 - 2014-04-29 17:24 - 00000000 ____D () C:\Program Files (x86)\VideoConverter 2014-04-29 11:56 - 2014-04-29 11:56 - 00000000 ____D () C:\Users\******\AppData\Local\Media Markt Fotoservice 2014-04-29 11:56 - 2014-04-29 11:52 - 00000000 ____D () C:\Program Files (x86)\Media Markt Fotoservice 2014-04-29 11:56 - 2013-07-19 22:55 - 00409304 _____ () C:\WINDOWS\DirectX.log 2014-04-29 11:54 - 2014-04-29 11:54 - 00001115 _____ () C:\Users\Public\Desktop\Media Markt Fotoservice.lnk 2014-04-29 11:54 - 2014-04-29 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Markt Fotoservice 2014-04-29 11:53 - 2014-04-29 11:53 - 00000000 ____D () C:\ProgramData\Media Markt Fotoservice 2014-04-29 11:51 - 2014-04-29 11:47 - 132019488 _____ ( ) C:\Users\******\Downloads\MediaMarkt_Fotoservice.exe 2014-04-28 17:20 - 2014-04-28 17:17 - 00000000 ____D () C:\Users\******\Documents\Designer Files 2014-04-28 17:17 - 2014-04-28 17:17 - 00000000 ____D () C:\Users\******\AppData\Roaming\fotobuch.de AG 2014-04-28 17:17 - 2014-04-28 17:17 - 00000000 ____D () C:\ProgramData\fotobuch.de AG 2014-04-28 17:12 - 2014-04-28 17:12 - 00002094 _____ () C:\Users\******\Desktop\Designer 2.0.lnk 2014-04-28 17:12 - 2014-04-28 17:12 - 00002094 _____ () C:\Users\******\Desktop\Designer 2.0.lnk 2014-04-28 17:12 - 2014-04-28 17:12 - 00002094 _____ () C:\Users\******\Desktop\Designer 2.0.lnk 2014-04-28 17:12 - 2014-04-28 17:12 - 00002094 _____ () C:\Users\******\Desktop\Designer 2.0.lnk 2014-04-28 17:12 - 2014-04-28 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fotobuch.de 2014-04-28 17:10 - 2014-04-28 17:08 - 00000000 ____D () C:\Program Files (x86)\fotobuch.de 2014-04-28 17:08 - 2014-04-28 17:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\artworks 2014-04-28 17:04 - 2014-04-28 17:02 - 17609480 _____ (Fomanu AG ) C:\Users\******\Downloads\template_spirit_02.exe 2014-04-28 17:04 - 2014-04-28 16:58 - 202388600 _____ (Fomanu AG ) C:\Users\******\Downloads\designer_20.exe 2014-04-28 16:54 - 2014-04-28 16:54 - 00001264 _____ () C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk 2014-04-28 16:54 - 2014-04-28 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 8.1.1 2014-04-28 16:54 - 2014-04-28 16:54 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1 2014-04-28 16:54 - 2014-04-28 16:53 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\******\Downloads\pwhe811.exe 2014-04-28 16:42 - 2013-07-19 23:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-28 15:59 - 2013-11-12 12:31 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2014-04-28 15:45 - 2013-07-19 22:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2014-04-28 15:43 - 2014-03-07 00:36 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo 2014-04-28 15:43 - 2014-03-07 00:36 - 00000000 ____D () C:\Program Files (x86)\Ashampoo 2014-04-27 00:16 - 2014-03-19 18:32 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3B319A45-4A65-42F4-A293-DCA0B531A2B2} 2014-04-26 20:40 - 2014-03-06 11:06 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-298893599-2156876346-56307058-1005 2014-04-26 18:45 - 2014-03-06 11:08 - 00000000 ____D () C:\Users\******\AppData\Local\CrashDumps 2014-04-26 18:44 - 2014-01-03 16:36 - 00000000 ____D () C:\Users\******\AppData\Local\CrashDumps 2014-04-26 10:35 - 2014-03-06 11:02 - 00000000 ____D () C:\Users\******\Documents\Youcam 2014-04-26 10:34 - 2014-03-06 11:02 - 00000000 __RDO () C:\Users\******\SkyDrive 2014-04-24 12:39 - 2014-04-24 12:39 - 00001287 _____ () C:\Users\******\Desktop\DSCF4937 - Verknüpfung.lnk 2014-04-24 12:32 - 2014-04-29 18:58 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys 2014-04-21 17:12 - 2013-08-22 16:46 - 00315466 _____ () C:\WINDOWS\setupact.log 2014-04-18 15:33 - 2014-04-18 15:33 - 00000000 ____D () C:\Users\******\AppData\Roaming\Total Eclipse 2014-04-18 15:32 - 2014-04-18 15:32 - 00002237 _____ () C:\Users\******\Desktop\Fashion Boutique spielen.lnk 2014-04-18 15:32 - 2014-04-18 15:32 - 00002237 _____ () C:\Users\******\Desktop\Fashion Boutique spielen.lnk 2014-04-18 15:32 - 2014-04-18 15:32 - 00002237 _____ () C:\Users\Gast\Desktop\Fashion Boutique spielen.lnk 2014-04-18 15:32 - 2014-04-18 15:32 - 00002237 _____ () C:\Users\******\Desktop\Fashion Boutique spielen.lnk 2014-04-18 15:32 - 2014-04-18 13:46 - 00001081 _____ () C:\Users\******\Desktop\Spielkiste.lnk 2014-04-18 15:32 - 2014-04-18 13:46 - 00001081 _____ () C:\Users\******\Desktop\Spielkiste.lnk 2014-04-18 15:32 - 2014-04-18 13:46 - 00001081 _____ () C:\Users\Gast\Desktop\Spielkiste.lnk 2014-04-18 15:32 - 2014-04-18 13:46 - 00001081 _____ () C:\Users\******\Desktop\Spielkiste.lnk 2014-04-18 15:32 - 2014-04-18 13:46 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Einfach Spielen 2014-04-18 15:32 - 2014-04-18 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Einfach Spielen 2014-04-18 15:32 - 2014-04-18 13:46 - 00000000 ____D () C:\Program Files (x86)\Einfach_Spielen 2014-04-18 13:47 - 2014-01-03 14:31 - 00000000 ____D () C:\Users\******\AppData\Local\VirtualStore 2014-04-18 13:46 - 2014-04-18 13:46 - 00002198 _____ () C:\Users\******\Desktop\The Great Tree spielen.lnk 2014-04-18 13:46 - 2014-04-18 13:46 - 00002198 _____ () C:\Users\******\Desktop\The Great Tree spielen.lnk 2014-04-18 13:46 - 2014-04-18 13:46 - 00002198 _____ () C:\Users\Gast\Desktop\The Great Tree spielen.lnk 2014-04-18 13:46 - 2014-04-18 13:46 - 00002198 _____ () C:\Users\******\Desktop\The Great Tree spielen.lnk 2014-04-13 14:54 - 2014-04-13 14:54 - 00000000 _____ () C:\Users\******\AppData\Roaming\TS3Patch.lck 2014-04-13 14:53 - 2014-04-13 14:53 - 00000000 ____D () C:\Users\******\Documents\Electronic Arts 2014-04-13 14:25 - 2014-04-13 14:25 - 00018385 _____ () C:\Users\******\Desktop\Google-Ergebnis für http www.wandtattoo4all.de images articles c364eca7101b119a412c7539b5f70d7e_5.png.htm 2014-04-13 14:25 - 2014-04-13 14:25 - 00000000 ____D () C:\Users\******\Desktop\Google-Ergebnis für http www.wandtattoo4all.de images articles c364eca7101b119a412c7539b5f70d7e_5.png_files 2014-04-09 12:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-04-06 22:41 - 2014-04-05 08:57 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-298893599-2156876346-56307058-1006 2014-04-06 12:30 - 2014-03-06 11:00 - 00000000 ____D () C:\Users\******\AppData\Local\Packages 2014-04-06 11:20 - 2014-04-05 08:54 - 00000000 ____D () C:\Users\******\AppData\Local\CrashDumps 2014-04-06 11:20 - 2014-04-05 08:50 - 00000000 ____D () C:\Users\******\AppData\Local\Packages 2014-04-06 10:53 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\Documents\Youcam 2014-04-06 10:52 - 2014-04-05 08:53 - 00000000 __RDO () C:\Users\******\SkyDrive 2014-04-05 09:04 - 2014-04-05 09:04 - 00092672 ___SH () C:\Users\******\Downloads\Thumbs.db 2014-04-05 08:54 - 2014-04-05 08:50 - 00002270 _____ () C:\Users\******\Desktop\Google Chrome.lnk 2014-04-05 08:53 - 2014-04-05 08:53 - 00000000 ____D () C:\Users\******\AppData\Local\Google 2014-04-05 08:53 - 2014-04-05 08:49 - 00000000 ____D () C:\Users\****** 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Roaming\Synaptics 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Roaming\simplitec 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Roaming\ATI 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Local\Wondershare 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Local\CyberLink 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Local\ATI 2014-04-05 08:52 - 2014-04-05 08:52 - 00000000 ____D () C:\Users\******\AppData\Local\AMD 2014-04-05 08:52 - 2014-01-04 20:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD 2014-04-05 08:50 - 2014-04-05 08:50 - 00001453 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ____D () C:\Users\******\AppData\Roaming\Adobe 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ____D () C:\Users\******\AppData\Local\VirtualStore 2014-04-05 08:50 - 2014-04-05 08:50 - 00000000 ____D () C:\Users\******\AppData\Local\Hewlett-Packard 2014-04-05 08:49 - 2014-04-05 08:49 - 00000020 ___SH () C:\Users\******\ntuser.ini 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Vorlagen 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Startmenü 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Netzwerkumgebung 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Lokale Einstellungen 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Eigene Dateien 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Druckumgebung 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Documents\Eigene Musik 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Documents\Eigene Bilder 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\AppData\Local\Verlauf 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\AppData\Local\Anwendungsdaten 2014-04-05 08:49 - 2014-04-05 08:49 - 00000000 _SHDL () C:\Users\******\Anwendungsdaten 2014-04-04 19:45 - 2014-01-03 14:31 - 00000000 ____D () C:\Users\******\AppData\Local\Packages 2014-04-03 09:51 - 2014-04-30 09:04 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-30 09:04 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-30 09:04 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-04-01 19:33 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing 2014-03-31 06:46 - 2014-03-31 06:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Wondershare 2014-03-31 06:45 - 2014-03-12 10:44 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-31 06:45 - 2014-03-12 10:44 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools Some content of TEMP: ==================== C:\Users\******\AppData\Local\Temp\AutoRun.exe C:\Users\******\AppData\Local\Temp\AutoRunGUI.dll C:\Users\******\AppData\Local\Temp\card_setup.exe C:\Users\******\AppData\Local\Temp\COMAP.EXE C:\Users\******\AppData\Local\Temp\drm_dyndata_7350007.dll C:\Users\******\AppData\Local\Temp\EAInstall.dll C:\Users\******\AppData\Local\Temp\eauninstall.exe C:\Users\******\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\******\AppData\Local\Temp\INST011.dll C:\Users\******\AppData\Local\Temp\Quarantine.exe C:\Users\******\AppData\Local\Temp\SHSetup.exe C:\Users\******\AppData\Local\Temp\SimsCS_Uninst.exe C:\Users\******\AppData\Local\Temp\The Sims Castaway Stories_uninst.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-25 09:34 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014
Ran by ****** at 2014-04-30 12:27:25
Running from C:\Users\******\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alamandi (HKLM-x32\...\Alamandi) (Version: 0.0.0.0 - INTENIUM GmbH)
Alice im Wunderland (HKLM-x32\...\Alice im Wunderland) (Version: 1.0.0.0 - INTENIUM GmbH)
AMD Accelerated Video Transcoding (Version: 12.10.100.30416 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{DEC772E6-D0C7-9964-5D30-DEC57EF1B26F}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0416.2338.40605 - Ihr Firmenname) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0416.2338.40605 - Ihr Firmenname) Hidden
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Ashampoo Slideshow Studio 2013 v.1.0.2 (HKLM-x32\...\{91B33C97-34D2-9841-084D-BE4849F6A38F}_is1) (Version: 1.0.2 - Ashampoo GmbH & Co. KG)
Bengal Special (HKLM-x32\...\Bengal Special) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{3091A8EB-386B-46D7-8E19-4139424261DD}) (Version: 1.24.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Context Free (HKCU\...\{DD0B06AD-5E55-41be-88E5-E9D13BAF06F4}) (Version: - )
Corel Painter Photo Essentials 4 (HKLM-x32\...\_{707EB912-C597-49D8-9460-46CC9AB03EBE}) (Version: - Corel Corporation)
Corel Painter Photo Essentials 4 (x32 Version: 4.1 - Corel Corporation) Hidden
Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)
Corel PaintShop Pro X6 (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.4.2928 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.2.4128 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3026 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.4.3026 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3024 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1.3024 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.2922 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.1.2922 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Franzis HDR-Paket (HKLM-x32\...\Das große Franzis HDR-Paket_is1) (Version: - )
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.6 - Fomanu AG)
Deutschland Digital 1.0.0 (HKLM-x32\...\Deutschland Digital_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.45 - INTENIUM GmbH)
Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta (HKLM-x32\...\{65761BAE-11E8-48FE-B30F-1F01011AB906}) (Version: 1.19.6 - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Erstelle ein Muster-Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die Wiege Roms (HKLM-x32\...\Die Wiege Roms) (Version: - )
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON Printer Software (HKLM-x32\...\{7612D261-8150-4B33-ADEE-3D3C086F0815}) (Version: 1.000.00.00 - EPSON)
Filters Unlimited 2.0 Demo (HKLM-x32\...\Filters Unlimited Demo_is1) (Version: - )
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free-Jahreskalender 2014 (HKLM-x32\...\{91C15625-F1F9-4268-921D-F6024BFD7526}) (Version: 10.00.2014 - OW-SOFT)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version: - The Plugin Site)
HDR Darkroom 6 Windows Version v1.0.0 (HKLM-x32\...\HDR Darkroom 6) (Version: Windows Version v1.0.0 - HengTu, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Houdini 13.0.288 (HKLM\...\Houdini 13.0.288) (Version: 13.0.288 - Side Effects Software)
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Ihr Firmenname)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 77) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{61245005-66F1-4001-AEE8-2E2D36F65C28}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Recovery Manager (x32 Version: 11.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6838.4521 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{1C5BBAD8-4079-4014-8803-751333FBC112}) (Version: 1.0.8 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{A48BD764-CFDF-40A5-A07A-710908044F5D}) (Version: 2.2.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
ICA (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
Image Inc. 1.2 (HKLM-x32\...\{A3E28CE6-970F-4DF7-9013-1DDEA2B829A3}_is1) (Version: - Cybia)
Incomedia WebSite X5 v10 - Home (HKLM-x32\...\{22B260EE-79AD-4F4C-9E06-349E8F1D958C}_is1) (Version: 10.1.0.39 - Incomedia s.r.l.)
IPM_PSP_COM (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
IPM_PSP_COM64 (Version: 16.1.0.48 - Corel Corporation) Hidden
Jodie Drake and the World in Peril (HKLM-x32\...\Jodie Drake and the World in Peril) (Version: 1.0.0.0 - INTENIUM GmbH)
MAGIX Web Designer 7 (HKLM-x32\...\MX.{EE8462F7-1BC5-4DC3-9FAD-F38572A030D7}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Web Designer 7 (Version: 7.1.2.26041 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Media Markt Fotoservice 5.2 (HKLM-x32\...\Media Markt Fotoservice_is1) (Version: - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Expression Web 4 (x32 Version: 4.0.1460.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: - Mobile Connection Manager)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
OEM Application Profile (HKLM-x32\...\{548083DD-D99B-2CE1-8D2B-D78BEB834F7A}) (Version: 1.00.0000 - Ihr Firmenname)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Philips Phone Manager (HKLM-x32\...\{A1251409-ABB0-4D7F-888C-9180AD1BA982}) (Version: 2.0.8.1 - Philips)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PSPPContent (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
PSPPro64 (Version: 16.2.0.20 - Corel Corporation) Hidden
Puntsch Zitatenhandbuch 2.0 (HKLM-x32\...\InstallShield_{F5BFDD52-230F-4A94-B302-19606FBD9266}) (Version: 1.00.0000 - USM)
Puntsch Zitatenhandbuch 2.0 (x32 Version: 1.00.0000 - USM) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.29060 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6950 - Realtek Semiconductor Corp.)
Royal Trouble (HKLM-x32\...\Royal Trouble) (Version: 1.0.0.0 - INTENIUM GmbH)
Setup (x32 Version: 16.1.0.48 - Ihr Firmenname) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.5.1 - Synaptics Incorporated)
TSR Workshop (HKLM-x32\...\{33100EE2-5EDF-4AB1-BF08-D767E3AED642}) (Version: 2.0.86 - The Sims Resource)
Video Converter Packages (HKCU\...\Video Converter Packages) (Version: - ) <==== ATTENTION
VideoConverter (HKLM-x32\...\VideoConverter) (Version: ${VERSION} - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\119046B6D39BBB85A700BB4D451858A003C331AC) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\4D59E7849DD13622C7CD9736C3BC8D67F8FF1F23) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\768E87C91FF81FF582D166E1AC9D74633D9B741D) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\C24BC9096B2E5D1847B32CB5C18C05C9AA99B843) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Wondershare Fantashow(Build 2.0.1) (HKLM-x32\...\Wondershare Fantashow_is1) (Version: - Wondershare Software)
Wondershare Photo Collage Studio 2012 4.2.18.6 (HKLM-x32\...\Wondershare Photo Collage Studio 2012_is1) (Version: 4.2.18.6 - Wondershare Software Co.,Ltd.)
World Riddles: Secrets of the Ages (HKLM-x32\...\World Riddles: Secrets of the Ages) (Version: 1.0.0.0 - INTENIUM GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
==================== Restore Points =========================
29-04-2014 05:24:41 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {07D746C3-A2E1-4C84-A781-BD7E7359BCE0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {16B3FA43-0DD0-489A-9A5D-B7FCE447ADAC} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {29DC9819-A41F-4DC5-A348-4A63B3C50857} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3975E89E-46DC-4EA2-9A90-2525B4D1D501} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {467E4789-B5B8-4938-9744-4E9A294BE58E} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {72DDAE12-A529-49E2-8187-529DD1075BF6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8D4D0A84-9B65-47E3-A7B5-7EE4B41BF4D7} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {93D74E58-418F-430E-AC2B-222F8E5C0DD7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {9A33A0B4-C062-498B-8D2A-AA1E71F9D4EC} - System32\Tasks\MySearchDial => C:\Users\Nathalie\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B7BA32B6-592F-44DD-BFD6-D1639FA3567E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D7D6BCFB-56FD-4C9A-A18C-01D17D81B90F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E6D55A35-11A1-4D66-B155-BB119E17FEDB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MySearchDial.job => C:\Users\******\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2013-04-17 00:50 - 2013-04-17 00:50 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-04-12 21:53 - 2014-04-12 21:53 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-04-17 00:50 - 2013-04-17 00:50 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-30 10:47 - 2014-04-30 10:47 - 01310621 _____ () C:\Users\******\Downloads\adwcleaner.exe
2014-04-30 12:23 - 2014-04-30 12:23 - 00050477 _____ () C:\Users\******\Downloads\Defogger.exe
2013-11-12 12:40 - 2013-03-12 16:51 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-12 23:53 - 2013-03-12 23:53 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-01-04 08:48 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2014-04-28 23:13 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-28 23:13 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-28 23:13 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-28 23:13 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-28 23:13 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-28 23:13 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:054B9966
AlternateDataStreams: C:\Users\******\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\******\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\******\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/30/2014 11:12:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3109
Error: (04/30/2014 11:12:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3109
Error: (04/30/2014 11:12:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/30/2014 11:12:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1531
Error: (04/30/2014 11:12:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1531
Error: (04/30/2014 11:12:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/29/2014 02:40:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1531
Error: (04/29/2014 02:40:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1531
Error: (04/29/2014 02:40:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/29/2014 06:53:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22185297
System errors:
=============
Error: (04/30/2014 11:12:19 AM) (Source: Service Control Manager) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/30/2014 10:03:57 AM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "******LAPTOP" auf Transport "NetBT_Tcpip_{436D2B84-2B2F-4DA7-AA13-0F9A971320E6}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (04/30/2014 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (04/30/2014 09:49:48 AM) (Source: DCOM) (User: ******LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (04/30/2014 09:49:18 AM) (Source: DCOM) (User: ******LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (04/30/2014 09:40:28 AM) (Source: DCOM) (User: ******LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (04/30/2014 08:40:22 AM) (Source: DCOM) (User: ******LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (04/30/2014 08:39:52 AM) (Source: DCOM) (User: ******LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (04/30/2014 08:01:45 AM) (Source: DCOM) (User: ******LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (04/30/2014 08:01:15 AM) (Source: DCOM) (User: ******LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Microsoft Office Sessions:
=========================
Error: (04/30/2014 11:12:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3109
Error: (04/30/2014 11:12:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3109
Error: (04/30/2014 11:12:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/30/2014 11:12:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1531
Error: (04/30/2014 11:12:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1531
Error: (04/30/2014 11:12:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/29/2014 02:40:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1531
Error: (04/29/2014 02:40:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1531
Error: (04/29/2014 02:40:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/29/2014 06:53:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22185297
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 11462.25 MB
Available physical RAM: 8739.14 MB
Total Pagefile: 13190.25 MB
Available Pagefile: 10105.13 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:490.87 GB) (Free:389.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:18.39 GB) (Free:1.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Volume) (Fixed) (Total:421.13 GB) (Free:374.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 6AE15402)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
| Themen zu Windows 8, 64 Bit. Probleme mit Topic Torch/ Wise Enhance |
| branding, device driver, einstellungen, fehlermeldung, flash player, funktioniert nicht mehr, html/scrinject.b.gen, installation, prozess, pup.optional.mysearchdial.a, remotecomputer, rundll, secrets, software, spyhunter, spyhunter entfernen, super, svchost.exe, symantec, updates, werbefenster, win32/adware.speedingupmypc.g, win32/injected.f, win32/trojandownloader.fakensis.a, windowsapps |
Baum-Darstellung