| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: search.fbdownloader.com/?channel=deWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.07.2014, 06:42
| #1 |
| |  search.fbdownloader.com/?channel=de Heute morgen auf meinem Laptop waren statt meines üblichen Startfensters eine mir unbekannte Seite auf. Sieht aus wie ein schlecht gemachts Google Plagiat. Ich habe gelesen, daß der selbe Trojaner/Virus hier im Forum schon behandelt wurde. Mein System läuft auf Windows 8. Der Laptop ist ein gewerblich genutzter PC, allerdings kann ich von einer IT Abteilung nur träumen ..., wäre schön wenn Ihr mir dennoch helfen würdet. Wir sind nur zwei Leute in der Firma. Wenn Ihr das nicht übernehmen wollt oder könnt, wäre ich dankbar für einen Tipp. Im Moment hänge ich ziemlich in den Seilen da ich eigentlich diese Woche dringend meinen Laptop brauche und somit erstmal festsitze. Vielen Dank schonmal Susanne |
|
21.07.2014, 07:29
| #2 |
| /// the machine /// TB-Ausbilder    | search.fbdownloader.com/?channel=de hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
21.07.2014, 08:56
| #3 |
| | search.fbdownloader.com/?channel=de Leider lässt mein PC das Öffnen nicht zu. Wahrscheinlich mein Norton. Wie kann ich das ändern?
__________________PS Danke für die schnelle Antwort FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by Susanne (administrator) on IMPERIUM13 on 21-07-2014 09:13:43
Running from C:\Users\Susanne\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\UPS\WSTD\WSDB\MSSQL10.UPSWSDBINSTANCE\MSSQL\Binn\sqlservr.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Program Files (x86)\FJ Camera\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Ipswitch) C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FJ Camera_Monitor] => C:\Program Files (x86)\FJ Camera\monitor.exe [303480 2012-08-16] ()
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\windows\Samsung\PanelMgr\ssmmgr.exe [614400 2009-09-18] ()
HKLM-x32\...\Run: [starter4g] => C:\windows\starter4g.exe [157968 2009-09-17] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [107816 2011-10-28] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [489584 2012-05-21] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4075644507-2284367869-3100393505-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1702000 2012-05-21] (CyberLink Corp.)
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [SSync] => C:\Users\Susanne\AppData\Roaming\SSync\SSync.exe [37376 2013-12-09] ()
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [SCheck] => C:\Users\Susanne\AppData\Roaming\SCheck\SCheck.exe [37376 2013-12-09] ()
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [Snoozer] => C:\Users\Susanne\AppData\Roaming\Snz\Snz.exe [1628641 2014-07-19] ()
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [DataMgr] => C:\Users\Susanne\AppData\Roaming\DataMgr\DataMgr.exe [168824 2014-01-23] (HTTO Group, Ltd.)
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [Intermediate] => C:\Users\Susanne\AppData\Roaming\Intermediate\Intermediate.exe [37376 2013-12-09] ()
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\Run: [Sixth] => C:\Users\Susanne\AppData\Roaming\Sixth\Sixth.exe [63625 2014-07-19] ()
HKU\S-1-5-21-4075644507-2284367869-3100393505-1002\...\MountPoints2: {e79264b7-b059-11e3-bf26-c01885b22249} - "E:\Setup.exe"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [18856 2012-10-02] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 2620 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 2620 series.lnk -> C:\Program Files\HP\HP Officejet 2620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://wisersearch.com/?channel=de
SearchScopes: HKLM - DefaultScope {64708BBC-C61F-4F74-8898-45F35A2CF11A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM - {64708BBC-C61F-4F74-8898-45F35A2CF11A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 - DefaultScope {64708BBC-C61F-4F74-8898-45F35A2CF11A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 - {64708BBC-C61F-4F74-8898-45F35A2CF11A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://wisersearch.com/search.php?channel=de&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP5198EA72-DBAE-4DF2-8361-4B8A4AB9160C&q={searchTerms}&SSPV=2101B_sp_ie
SearchScopes: HKCU - {64708BBC-C61F-4F74-8898-45F35A2CF11A} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://wisersearch.com/search.php?channel=de&q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Simple New Tab Bho -> {5C2DD58F-613F-4580-8AC0-F10D760AF938} -> C:\Users\Susanne\AppData\Local\simple_new_tab\simple_new_tab.dll (Temp Company Ltd)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: OfferMosquito -> {82B16A3D-F03E-4565-A532-666B219C9A53} -> C:\Users\Susanne\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
FireFox:
========
FF ProfilePath: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\bhu502h3.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://wisersearch.com/?channel=de
FF Keyword.URL: hxxp://wisersearch.com/search.php?channel=de&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Susanne\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\bhu502h3.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\bhu502h3.default\searchplugins\search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\bhu502h3.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-02-13]
FF Extension: OfferMosquito - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\bhu502h3.default\Extensions\om@offermosquito.com.xpi [2014-02-28]
FF Extension: Simple New Tab - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\bhu502h3.default\Extensions\snt@dotlabs.co.xpi [2013-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-07-21]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-18]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [80752 2012-07-18] (FUJITSU LIMITED)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$UPSWSDBINSTANCE; C:\UPS\WSTD\WSDB\MSSQL10.UPSWSDBINSTANCE\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2219520 2012-07-11] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [51608 2012-08-07] (FUJITSU LIMITED)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S4 SQLAgent$UPSWSDBINSTANCE; C:\UPS\WSTD\WSDB\MSSQL10.UPSWSDBINSTANCE\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-16] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [312784 2009-09-25] ()
R2 XS Stick Service; C:\windows\service4g.exe [125200 2009-09-17] (4G Systems GmbH & Co. KG)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S2 DgiVecp; C:\windows\system32\Drivers\DgiVecp.sys [53816 2009-03-24] (Samsung Electronics Co., Ltd.)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20848 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [16368 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [17264 2012-08-01] (FUJITSU LIMITED)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-03-27] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140720.003\ENG64.SYS [126040 2014-07-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140720.003\EX64.SYS [2099288 2014-07-11] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1058296 2012-08-14] (Sunplus)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1504000.00D\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-17] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-21 09:13 - 2014-07-21 09:13 - 00024806 _____ () C:\Users\Susanne\Desktop\FRST.txt
2014-07-21 09:13 - 2014-07-21 09:13 - 00000000 ____D () C:\FRST
2014-07-21 09:00 - 2014-07-21 09:00 - 02089984 _____ (Farbar) C:\Users\Susanne\Desktop\FRST64.exe
2014-07-21 09:00 - 2014-07-21 09:00 - 01080320 _____ (Farbar) C:\Users\Susanne\Desktop\FRST.exe
2014-07-21 07:01 - 2014-07-21 07:01 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Snz
2014-07-21 07:01 - 2014-07-21 07:01 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Sixth
2014-07-16 18:48 - 2014-07-21 09:10 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FFBF4AA3-1D60-4AB0-8EE4-9E81C9CE6C5C}
2014-07-16 18:48 - 2014-07-16 18:48 - 00000000 __SHD () C:\Users\Susanne\AppData\Local\EmieUserList
2014-07-16 18:48 - 2014-07-16 18:48 - 00000000 __SHD () C:\Users\Susanne\AppData\Local\EmieSiteList
2014-07-14 20:38 - 2014-07-14 20:38 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-07-14 14:02 - 2014-07-14 14:03 - 00000013 _____ () C:\WINDOWS\SysWOW64\WinSys32.crc
2014-07-14 14:02 - 2014-07-14 14:02 - 00000947 _____ () C:\Users\Susanne\Desktop\CoffeeCup HTML Editor.lnk
2014-07-14 14:02 - 2014-07-14 14:02 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
2014-07-10 23:16 - 2014-07-20 14:02 - 00105472 ___SH () C:\Users\Susanne\Thumbs.db
2014-07-09 13:17 - 2014-07-09 13:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 13:17 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 12:11 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 12:11 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 12:11 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 12:11 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 12:11 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 12:11 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 12:11 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 12:11 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 12:11 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 12:11 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 12:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 12:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 12:10 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 12:10 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 12:10 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 12:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 12:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 12:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 12:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 12:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 12:09 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 12:09 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 12:09 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 12:09 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 12:09 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 12:09 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 12:09 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 12:09 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 12:09 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 12:09 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 12:09 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 12:09 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 12:09 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 12:09 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 12:09 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 12:09 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 12:09 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 12:09 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 12:09 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 12:09 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 12:09 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 12:09 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 12:09 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 12:09 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 12:09 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 12:09 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 12:09 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 12:09 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 12:09 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 12:09 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 12:09 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 12:09 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 12:09 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 12:09 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 12:09 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 12:09 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 12:09 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 12:08 - 2014-07-09 12:08 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-30 16:40 - 2014-06-30 16:40 - 00003510 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-dontwant@outlook.de
2014-06-24 09:40 - 2014-07-21 07:07 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
2014-07-21 09:13 - 2014-07-21 09:13 - 00024806 _____ () C:\Users\Susanne\Desktop\FRST.txt
2014-07-21 09:13 - 2014-07-21 09:13 - 00000000 ____D () C:\FRST
2014-07-21 09:10 - 2014-07-16 18:48 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FFBF4AA3-1D60-4AB0-8EE4-9E81C9CE6C5C}
2014-07-21 09:00 - 2014-07-21 09:00 - 02089984 _____ (Farbar) C:\Users\Susanne\Desktop\FRST64.exe
2014-07-21 09:00 - 2014-07-21 09:00 - 01080320 _____ (Farbar) C:\Users\Susanne\Desktop\FRST.exe
2014-07-21 09:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-21 08:53 - 2014-02-18 10:27 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 08:18 - 2013-02-01 17:40 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-21 07:20 - 2014-03-18 12:03 - 01961008 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-21 07:20 - 2014-03-18 11:25 - 00830894 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-21 07:20 - 2014-03-18 11:25 - 00184168 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-21 07:15 - 2014-05-16 20:15 - 00000000 __RDO () C:\Users\Susanne\OneDrive
2014-07-21 07:15 - 2014-02-18 10:27 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 07:15 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-21 07:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-21 07:15 - 2012-12-05 13:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-21 07:14 - 2014-05-16 19:53 - 02003968 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-21 07:07 - 2014-06-24 09:40 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Adobe
2014-07-21 07:01 - 2014-07-21 07:01 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Snz
2014-07-21 07:01 - 2014-07-21 07:01 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Sixth
2014-07-21 07:01 - 2014-02-08 14:15 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\DataMgr
2014-07-20 19:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-20 14:02 - 2014-07-10 23:16 - 00105472 ___SH () C:\Users\Susanne\Thumbs.db
2014-07-20 10:51 - 2014-05-16 19:55 - 00000000 ____D () C:\Users\Susanne
2014-07-19 11:58 - 2013-01-30 14:29 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4075644507-2284367869-3100393505-1002
2014-07-17 10:06 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-16 18:48 - 2014-07-16 18:48 - 00000000 __SHD () C:\Users\Susanne\AppData\Local\EmieUserList
2014-07-16 18:48 - 2014-07-16 18:48 - 00000000 __SHD () C:\Users\Susanne\AppData\Local\EmieSiteList
2014-07-16 12:55 - 2013-08-22 16:46 - 00337387 _____ () C:\WINDOWS\setupact.log
2014-07-16 09:45 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-15 19:03 - 2013-10-20 13:24 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Skype
2014-07-14 20:38 - 2014-07-14 20:38 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-07-14 20:38 - 2013-11-18 10:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-14 20:38 - 2012-09-25 22:43 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-07-14 20:38 - 2012-09-25 22:43 - 00002528 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-07-14 20:38 - 2012-09-25 22:43 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-07-14 14:03 - 2014-07-14 14:02 - 00000013 _____ () C:\WINDOWS\SysWOW64\WinSys32.crc
2014-07-14 14:02 - 2014-07-14 14:02 - 00000947 _____ () C:\Users\Susanne\Desktop\CoffeeCup HTML Editor.lnk
2014-07-14 14:02 - 2014-07-14 14:02 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
2014-07-14 14:02 - 2013-02-20 15:13 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\CoffeeCup Software
2014-07-13 14:07 - 2013-02-01 14:18 - 00000000 ____D () C:\Users\Susanne\AppData\Local\CrashDumps
2014-07-12 18:17 - 2014-06-17 19:22 - 00000000 ____D () C:\Users\Susanne\Desktop\facebook_anna
2014-07-11 12:05 - 2014-06-03 19:02 - 00036352 ___SH () C:\Users\Susanne\Desktop\Thumbs.db
2014-07-11 07:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-11 07:16 - 2013-08-22 16:44 - 02062560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-10 23:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 23:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 23:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 23:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 13:22 - 2013-01-30 14:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 13:22 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 13:21 - 2013-07-24 22:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 13:19 - 2013-02-01 12:12 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 13:17 - 2014-07-09 13:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 13:17 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 12:08 - 2014-07-09 12:08 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 19:18 - 2013-02-01 17:40 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-01 00:45 - 2014-07-09 12:09 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-30 16:40 - 2014-06-30 16:40 - 00003510 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-dontwant@outlook.de
2014-06-28 09:48 - 2014-07-09 12:09 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-09 12:09 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 22:55 - 2013-08-22 17:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-24 11:09 - 2014-01-13 13:54 - 00001456 _____ () C:\Users\Susanne\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-06-22 23:48 - 2014-02-18 10:27 - 00004112 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 23:48 - 2014-02-18 10:27 - 00003876 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-21 07:52
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014
Ran by Susanne at 2014-07-21 09:14:20
Running from C:\Users\Susanne\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Art Effects for PDR10 (HKLM-x32\...\NewBlue Art Effects for PDR10) (Version: 2.0 - NewBlue)
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
CoffeeCup HTML Editor (HKCU\...\CoffeeCup HTML Editor) (Version: - )
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: - Corel Corporation)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.2014 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3207_45088 - CyberLink Corp.) Hidden
CyberLink MediaShow 6 (x32 Version: 6.0.4312 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3124 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.1721 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.0.2013 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1930 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1930 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
DeskUpdate 4.13 (HKLM-x32\...\DeskUpdate_is1) (Version: 4.13.0114 - Fujitsu Technology Solutions)
Diamond Design 1.0 (HKLM-x32\...\{48C5C12E-71EA-420A-B060-5C7C931C58AD}) (Version: 1.0.1 - The Ribbon Printing Co Europe)
Elements 11 Organizer (x32 Version: 11.0 - Ihr Firmenname) Hidden
Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
FJ Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.9.7 - SunplusIT)
Fujitsu BIOS Driver (HKLM-x32\...\InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}) (Version: 1.1.0.0 - FUJITSU LIMITED)
Fujitsu BIOS Driver (Version: 1.1.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 4.01.00.000 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.5.0.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.5.0.0 - FUJITSU LIMITED) Hidden
Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome Frame (HKLM-x32\...\{8618AE04-1210-3C32-A8C3-45A5E44CD340}) (Version: 65.169.107 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{CED70530-FA0D-4A58-BBF0-1588B38247A0}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Officejet 2620 series Hilfe (HKLM-x32\...\{B356F70C-F1AD-4B24-B2DD-6EAABFCB1B33}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.4 - Ipswitch)
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.5.0.0 - FUJITSU LIMITED)
LIFEBOOK Application Panel (Version: 8.5.0.0 - FUJITSU LIMITED) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (Version: 8.05.2309 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
NVIDIA 3D Vision Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0697 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 7.0.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 7.0.001 - FUJITSU LIMITED) Hidden
Pointing Device Utility (HKLM-x32\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 2.0.0.0 - FUJITSU LIMITED)
Pointing Device Utility (Version: 2.0.0.0 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\InstallShield_{E50AF275-8A41-4FCF-847B-D6E60018F388}) (Version: 33.01.00.000 - FUJITSU LIMITED)
Power Saving Utility (Version: 33.01.00.000 - FUJITSU LIMITED) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6714 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Samsung ML-4050 Series (HKLM-x32\...\Samsung ML-4050 Series) (Version: - Samsung Electronics CO.,LTD)
Scribus 1.4.4 (HKLM-x32\...\Scribus 1.4.4) (Version: 1.4.4 - The Scribus Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Studie zur Verbesserung von HP Officejet 2620 series (HKLM\...\{407227F6-376E-493E-A738-836078ABB007}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
UPSVC2008MM (x32 Version: 1.00.0000 - UPS) Hidden
UPSVCMM (x32 Version: 12.00.0000 - UPS) Hidden
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.2100 - Broadcom Corporation)
Windows Driver Package - FUJITSU LIMITED (FUJ02B1) System (06/09/2012 1.23) (HKLM\...\7D737DCFBBA92B6A4335FA93E0B846D9D2DE908E) (Version: 06/09/2012 1.23 - FUJITSU LIMITED)
Windows Driver Package - FUJITSU LIMITED (FUJ02E3) System (06/22/2012 1.30.0.0) (HKLM\...\3DCA6835C7741E181396F76FD94C05C19F4124A9) (Version: 06/22/2012 1.30.0.0 - FUJITSU LIMITED)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wireless Radio Switch Driver (HKLM-x32\...\InstallShield_{13031CDF-00D2-4FCE-AB13-8430D8733574}) (Version: 1.0.0.0 - FUJITSU LIMITED)
Wireless Radio Switch Driver (Version: 1.0.0.0 - FUJITSU LIMITED) Hidden
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
==================== Restore Points =========================
05-07-2014 07:35:10 Geplanter Prüfpunkt
09-07-2014 11:16:59 Windows Update
14-07-2014 12:00:49 Microsoft Visual C++ 2005 Redistributable wird installiert
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {090B4D4B-B542-4D9A-88F7-3F5A3512D112} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D52067A-0190-4C97-85AB-8271D66A7E43} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN3S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {12FE9467-7BE1-4052-AC15-784A95D77B1F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {165153B5-9A27-4BE1-A68F-928336F5ACF2} - System32\Tasks\Fujitsu\PointingDeviceUtility\ToggleIPD => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-04] (FUJITSU LIMITED)
Task: {1712139C-5B67-45C1-8BA7-1418449EE59D} - System32\Tasks\Fifth => C:\Users\Susanne\AppData\Roaming\Fifth\Fifth.exe [2014-03-12] () <==== ATTENTION
Task: {18D599A1-B941-40C5-838C-DCC88B1B2E0A} - System32\Tasks\OMESupervisor => C:\Users\Susanne\AppData\Local\omesuperv.exe <==== ATTENTION
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2729298D-1BFF-446A-999E-6F822976A37A} - System32\Tasks\HPCustParticipation HP Officejet 2620 series => C:\Program Files\HP\HP Officejet 2620 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {2A317ABC-8D62-4F34-BBF4-26EA3E6499C0} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {3292D9EE-48C5-410F-AF04-BFD0EBA1077D} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN1S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {3329E385-DD96-413E-BCF6-BBC2BCEB7DE8} - System32\Tasks\AdobeAAMUpdater-1.0-ImperiuM13-Susanne => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {3402EAE8-1274-49DB-B573-5C64208F513F} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupAtLogon => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3602A744-9004-4EA2-913D-5D56656960E1} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN3S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {38102970-8EDC-4D0F-B392-5ACB63F9B6EE} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN4S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3C82C24F-057B-4BF5-A604-07082008C509} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN6S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {3F0F5010-951C-4021-AEB3-9C3252F592FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {43DADC50-F1A8-434E-A9F3-62E9A4CEC742} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-08-14] (CyberLink)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {49BA771B-C8CF-472D-BFD0-BEBDD460E6E0} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN5S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {501098A6-4D64-488D-967E-5B4BB37D478E} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndCheckOnWakeupBySwitch => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {51DEBA5C-FCF5-461D-AA3E-0A5F43036037} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-dontwant@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {54623B78-D489-45C5-B614-3E57A4698167} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN1S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {5BC506F2-F5A1-4515-B0B8-9A31655CAE6E} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN2S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {5C1BB5E8-B2B4-4154-8EC9-41DE600A91E0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {5D8559E3-3A4D-41A3-9547-D86FA579E55F} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN4S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {62A15338-BAFA-4D29-AB60-BE3565284B4E} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartBtnHndHKB => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {64391BCE-24ED-4623-89FD-64A20F6A4F86} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6731457A-5B27-4133-A2C9-2E2E2DDF9BFE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {727D15D1-2F11-48F3-BFD2-02453E736B1B} - System32\Tasks\Fujitsu\Power Saving Utility\Fujitsu Power Saving Utility => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [2012-08-07] (FUJITSU LIMITED)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {82ECB38D-67CE-4782-8C96-8BBAFF15D336} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {846E3C28-265E-4EBD-8A32-71F3BCA44E09} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {866ED5E4-B6AA-4CCC-BB38-D8324CD6FB44} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AFCE3E1-8D9F-4EBB-AFB8-56979C7C920F} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN2S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {BF464B25-71E6-4441-8772-9CCE0EA11078} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN6S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {C29305DA-5282-496B-82F4-04465F1000FD} - System32\Tasks\Fujitsu\ApplicationPanel\DisableBtnHndStartQuickTouchOnWakeupAtLogon => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D1919B36-2907-4266-B7D0-5B353AF21311} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E426BCF1-E37D-45A7-91D7-E0279CD53E99} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetDriverIfFuj02b1DisableOnLogon => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-04] (FUJITSU LIMITED)
Task: {E4CB033F-4645-413A-A92F-20E3F1700D07} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupNow => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EE12B894-AAF5-4898-B814-B28563620784} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN5S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {FAF47936-8FC3-4FB5-AE57-317BEE7F6567} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndSetWakeupSetting => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: {FC306AA2-92A0-4EAC-83DE-94FE26158111} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndCheckOnWakeup => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-01] (FUJITSU LIMITED)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2013-10-27 09:03 - 2013-10-27 09:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-01-30 23:01 - 2011-02-17 20:13 - 00136704 _____ () C:\WINDOWS\System32\zlhp2600.dll
2012-09-04 14:31 - 2012-09-04 14:31 - 00047480 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\BtwLeAPI.dll
2013-01-30 20:37 - 2012-04-24 05:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-01-30 18:21 - 2009-09-25 16:38 - 00312784 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2013-01-30 22:14 - 2012-10-12 17:39 - 06620752 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0407.dll
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-16 10:20 - 2012-08-16 10:20 - 00303480 _____ () C:\Program Files (x86)\FJ Camera\Monitor.exe
2013-01-30 17:00 - 2009-09-18 10:30 - 00614400 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2013-01-30 17:01 - 2008-09-10 12:49 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2013-11-06 10:18 - 2014-04-03 20:46 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-27 09:03 - 2013-10-27 09:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-01-30 20:35 - 2011-10-28 03:27 - 00623912 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2011-10-28 10:27 - 2011-10-28 10:27 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-25 22:20 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-01-30 22:14 - 2012-10-12 17:39 - 06622288 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\res0407.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Susanne\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
HKCU\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKCU\...\StartupApproved\Run: => "Power2GoExpress8"
HKCU\...\StartupApproved\Run: => "Skype"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/21/2014 07:59:40 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{e4e2e3b2-e3f3-49f4-9580-5b7711d5aff6}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/21/2014 07:59:39 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{4750e436-62bd-4dc7-b47f-1d0c1b1867f1}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/21/2014 07:59:39 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "RE" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/20/2014 09:59:11 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$UPSWSDBINSTANCE8
Error: (07/20/2014 09:59:11 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$UPSWSDBINSTANCE8
Error: (07/20/2014 10:52:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (07/19/2014 09:50:48 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$UPSWSDBINSTANCE8
Error: (07/19/2014 09:50:48 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$UPSWSDBINSTANCE8
Error: (07/19/2014 10:43:14 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{e4e2e3b2-e3f3-49f4-9580-5b7711d5aff6}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/19/2014 10:43:13 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{4750e436-62bd-4dc7-b47f-1d0c1b1867f1}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (07/21/2014 07:15:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (07/21/2014 07:01:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (07/19/2014 09:50:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (07/18/2014 01:48:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (07/18/2014 09:05:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (07/17/2014 04:59:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (07/17/2014 10:03:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (07/16/2014 11:55:16 PM) (Source: DCOM) (EventID: 10010) (User: IMPERIUM13)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (07/16/2014 09:45:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (07/13/2014 02:08:30 PM) (Source: DCOM) (EventID: 10010) (User: IMPERIUM13)
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Microsoft Office Sessions:
=========================
Error: (07/21/2014 07:59:40 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{e4e2e3b2-e3f3-49f4-9580-5b7711d5aff6}\Falscher Parameter. (0x80070057)
Error: (07/21/2014 07:59:39 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{4750e436-62bd-4dc7-b47f-1d0c1b1867f1}\Falscher Parameter. (0x80070057)
Error: (07/21/2014 07:59:39 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: REFalscher Parameter. (0x80070057)
Error: (07/20/2014 09:59:11 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$UPSWSDBINSTANCE8
Error: (07/20/2014 09:59:11 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$UPSWSDBINSTANCE8
Error: (07/20/2014 10:52:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestG:\downloads\SoftonicDownloader_for_vlc-media-player.exe
Error: (07/19/2014 09:50:48 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$UPSWSDBINSTANCE8
Error: (07/19/2014 09:50:48 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$UPSWSDBINSTANCE8
Error: (07/19/2014 10:43:14 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{e4e2e3b2-e3f3-49f4-9580-5b7711d5aff6}\Falscher Parameter. (0x80070057)
Error: (07/19/2014 10:43:13 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{4750e436-62bd-4dc7-b47f-1d0c1b1867f1}\Falscher Parameter. (0x80070057)
==================== Memory info ===========================
Percentage of memory in use: 24%
Total physical RAM: 8074.81 MB
Available physical RAM: 6069.54 MB
Total Pagefile: 9354.81 MB
Available Pagefile: 7092.74 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:74.22 GB) (Free:20.57 GB) NTFS
Drive d: (DRIVERS) (Fixed) (Total:27.11 GB) (Free:26.99 GB) NTFS
Drive g: (Datenträger) (Fixed) (Total:698.64 GB) (Free:663.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 699 GB) (Disk ID: 77E53F8D)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Hallo Schrauber, ich habe von einer anderen Hilfeseite schneller Hilfe bekommen. Bevor du also Arbeit investierst, hat es sich hiermit erledigt!!!! Ich möchte dir trotzdem danken, ich kann mir nicht vorstellen was ein User tun würde, hätte er euch nicht. Alles Gute!! |
|
21.07.2014, 13:41
| #4 |
| /// the machine /// TB-Ausbilder | search.fbdownloader.com/?channel=de ok.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu search.fbdownloader.com/?channel=de |
| abteilung, behandelt, bekannte, brauche, channel, dankbar, dringend, fbdownloader, forum, google, heute, hänge, laptop, leute, morgen, schlecht, schön, seite, system, troja, trojaner/virus, unbekannte, windows, windows 8, woche, würde, übernehmen, ziemlich |
Linear-Darstellung
