| tomtom 71 | 28.07.2013 21:41 |
Hallo in welchen Editor muss ich gehen
Vielen Dank im vorraus Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2013
Ran by thomas at 2013-07-28 21:13:27
Running from C:\Users\thomas\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.6) - Deutsch (Version: 10.1.6)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Apple Application Support (Version: 2.3.4)
Apple Software Update (Version: 2.1.3.127)
Aquamarin Haushaltsbuch 2.9.2 b
Assassin's Creed (Version: 1.02)
Bluetooth Feature Pack 5.0 (Version: 5.0.14)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX (Version: 1.3.5.0)
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG5300 series Benutzerregistrierung
Canon MG5300 series MP Drivers
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
D3DX10 (Version: 15.4.2368.0902)
DealPly (remove only) (Version: 4.8.6.1)
Delta Chrome Toolbar
Die Sims™ 3 (Version: 1.19.44)
Die Sims™ 3 Design-Garten-Accessoires (Version: 7.0.55)
Die Sims™ 3 Late Night (Version: 6.0.81)
Dogz (remove only)
DRAGON 1.7 (Version: 1.7)
Dreamload Classic Client (Version: 1.587)
Dupehunter Professional (Version: 9.6.0.3935)
FEAR_Installer_Fix (Version: 1.0)
FireArc Arcade (Version: 0.5.11)
Firebird SQL Server - MAGIX Edition (Version: 2.1.31.0)
Fotogalerie (Version: 16.4.3505.0912)
Free Video Converter V 3.1 (Version: 3.1.0.0)
Fujitsu Display Manager (Version: 7.00.20.210)
Fujitsu Hotkey Utility (Version: 3.60.1.0)
Fujitsu MobilityCenter Extension Utility (Version: 3.00.00.000)
Fujitsu System Extension Utility (Version: 3.1.1.0)
GameSpy Comrade (Version: 1.5.0.156)
GetDataBack for NTFS (Version: 4.22.000)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
High-Definition Video Playback (Version: 11.1.10400.2.65)
IB Updater Service (Version: 3.0.5.4)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2025)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Internet Explorer Toolbar 4.6 by SweetPacks (Version: 4.6.0004)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 16.4.3505.0912)
LameXP
LifeBook Application Panel (Version: 8.1.0.0)
LogMeIn Hamachi (Version: 2.1.0.374)
MAGIX Foto Manager 10 (Version: 8.0.2.192)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Video easy SE (Version: 1.0.4.6)
Mein Pferd und ich 2 (Version: 1.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mobile Partner (Version: 11.302.06.07.40)
Movie Maker (Version: 16.4.3505.0912)
MP3-Check (v1.0.39.0) (Version: 1.0.39.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
Nero 11 (Version: 11.0.15500)
Nero 11 Cliparts (Version: 11.0.11200.12.0)
Nero 11 Disc Menus 1 (Version: 11.0.11200.12.0)
Nero 11 Disc Menus 2 (Version: 11.0.11200.12.0)
Nero 11 Disc Menus 3 (Version: 11.0.11200.12.0)
Nero 11 Disc Menus Basic (Version: 11.0.11200.12.0)
Nero 11 Effects Basic (Version: 11.0.11200.12.0)
Nero 11 Image Samples (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 1 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 2 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 3 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 4 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0)
Nero 11 PiP Effects 1 (Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (Version: 11.0.11300.12.0)
Nero 11 Video Samples (Version: 11.0.11200.12.0)
Nero 11 Video Transitions 1 (Version: 11.0.11200.12.0)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp 11 (Version: 6.0.16000.13.100)
Nero BackItUp 11 Help (CHM) (Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.10000.1.0)
Nero Burning ROM 11 (Version: 11.0.12200.23.100)
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300)
Nero ControlCenter 11 (Version: 11.0.12300.0.23)
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300)
Nero Core Components 11 (Version: 11.0.15000.1.12)
Nero CoverDesigner 11 (Version: 6.0.10800.11.100)
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10300)
Nero Express 11 (Version: 11.0.11700.23.100)
Nero Express 11 Help (CHM) (Version: 11.0.10300)
Nero Kwik Media (Version: 1.10.19300.93.100)
Nero Kwik Media Help (CHM) (Version: 11.0.10200)
Nero Recode 11 (Version: 5.0.13300.32.100)
Nero Recode 11 Help (CHM) (Version: 11.0.10300)
Nero RescueAgent 11 (Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400)
Nero SoundTrax 11 (Version: 5.0.10400.4.100)
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10400)
Nero Update (Version: 11.0.10623.22.0)
Nero Video 11 (Version: 8.0.14000.21.100)
Nero Video 11 Help (CHM) (Version: 11.0.10300)
Nero WaveEditor 11 (Version: 6.0.10800.5.100)
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10400)
nero.prerequisites.msi (Version: 11.0.20007)
Norton Internet Security CBE (Version: 20.4.0.40)
Open It! (Version: 1.1.1)
Origin (Version: 8.4.1.210)
Photo Gallery (Version: 16.4.3505.0912)
PhotoScape
Plugfree NETWORK (Version: 5.3.0.1)
Plugfree NETWORK (Version: 5.3.001)
Power Saving Utility (Version: 31.00.11.013)
PunkBuster Services (Version: 0.986)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.2)
RealUpgrade 1.1 (Version: 1.1.0)
Recuva (Version: 1.45)
Samsung Kies (Version: 2.5.0.12094_28)
Samsung Story Album Viewer (Version: 1.0.0.13052_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.24.0)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Sky iSaver (Version: 1.00.0000)
Skype™ 6.3 (Version: 6.3.107)
SpyHunter (Version: 4.14.5.4268)
Steam (Version: 1.0.0.0)
SweetIM for Messenger 3.7 (Version: 3.7.0005)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 14.0.10.0)
TuneUp Utilities 2012 (Version: 12.0.3600.77)
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.77)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Zip Opener
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update Manager for SweetPacks 1.1 (Version: 1.1.0008)
Uplay (Version: 2.1)
Vegas Pro 10.0 (Version: 10.0.737)
Video Converter (Version: 1)
Video Converter Bundle by SweetPacks (Version: 1.0.0.0)
VLC media player 2.0.7 (Version: 2.0.7)
WBFS Manager 3.0 (Version: 3.0)
welcome (Version: 11.0.21500.0.4)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
WinRAR 4.11 (32-Bit) (Version: 4.11.0)
xp-AntiSpy 3.98-2
Zoner Photo Studio 10
==================== Restore Points =========================
27-07-2013 14:55:12 Wiederherstellungsvorgang
27-07-2013 20:43:37 Installed MSXML 6.0 Parser
27-07-2013 20:56:20 Windows Update
28-07-2013 10:36:22 Installed SpyHunter
==================== Hosts content: ==========================
2009-07-14 04:04 - 2012-08-18 21:11 - 00001995 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.nero.com
127.0.0.1 www.nero.com/rus/index.html
127.0.0.1 www.nero.com/rus/support.html
127.0.0.1 www.nero.com/rus/support-customer-service-product-registration.html
127.0.0.1 www.nero.com/rus/store-upgrade-center.html
127.0.0.1 www.nero.com/rus/store-volume-licensing.html
127.0.0.1 www.nero.com/eng/support.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/store-upgrade-center.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/support-customer-service-product-registration.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/index.html
127.0.0.1 www.nero.com/eng/store-upgrade-center.html&sa=X&oi=smap&resnum=1&ct=result&cd=6&usg=AFQjCNFRzc_q0umeKlIj7pPYNNBYCFbXkg
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 activation@nero.com
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 www.nero.com/eng/privacy.html.
127.0.0.1 legal@nero.com
127.0.0.1 support.nero.com
==================== Scheduled Tasks (whitelisted) =============
Task: {080B72F3-F78E-4374-B760-48B1F57B2FF8} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe No File
Task: {13FCB919-FD58-4E6F-9AFD-30ADCAEA0D37} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {1681DBED-8B90-4CFD-AA2B-AA66B94616AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-20] (Google Inc.)
Task: {169B8D75-12DE-4564-8038-95972135EC3F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {21D1E7BA-B891-4DAF-9A98-8D4E33AD0426} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2879542182-2021505979-267118839-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {21E86D7B-89FD-44FF-9A9D-BE03460509E9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1002 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {244B4E2D-7589-46BF-A67D-B5339F8CC917} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2879542182-2021505979-267118839-1002 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {2A467054-32E6-4F75-A107-4D760080DC13} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {3E8FD932-7EDB-4F83-ABD1-683CBA148F5B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {45D6A1A3-7D95-4C56-890B-A5F926C84F0E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2879542182-2021505979-267118839-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {47CC0866-26E0-4B1C-84A6-F019BF142929} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: {480FB5A0-9C99-46AA-B024-FA762F27B275} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2879542182-2021505979-267118839-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {48A1F7A9-4167-42C1-849F-C059462AD8C4} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2013-06-27] (Enigma Software Group USA, LLC.)
Task: {52025B6D-08B2-4154-9CF3-77792CB299F8} - System32\Tasks\thomas => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2011-09-20] (Nero AG)
Task: {526A967F-D0B7-4485-84FB-D6E0129002C4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {5939BA2D-5CBB-48A5-8127-BE68CFBF4B90} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03] (Adobe Systems Incorporated)
Task: {5EDD096E-A02D-4ADB-AADF-13525DFCF6F8} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {65A1D8B9-D466-4C3C-9640-C24CB48B318C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {6C88E158-BD8E-41C2-8DDE-9B9BCF89F13E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2879542182-2021505979-267118839-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {6DAAD977-537C-44EB-BD37-BC58699477B5} - System32\Tasks\EPUpdater => C:\Users\thomas\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-05-09] ()
Task: {732B4F74-A0DB-4D8F-ADF3-7BE92241E98D} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {746E0D9C-E8AA-4698-83E3-7E2805EFA886} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {789AAC82-B03B-4D60-8F1C-501BFC2C73F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-20] (Google Inc.)
Task: {7D75D10A-DB40-4FB3-8349-BA375A6ECDD7} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2879542182-2021505979-267118839-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {7F60ECC9-3069-42EC-AC6D-A3075EA8913C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {872F3AD9-3797-4D86-A513-3468FCA1CDEC} - System32\Tasks\thomas NBAgent 6 0 => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-09-20] (Nero AG)
Task: {99F1B310-F199-40B7-AB52-C2AF27D69177} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2879542182-2021505979-267118839-1000
Task: {ACBDB9F7-7F60-481F-A67A-487AFF1F1C64} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe No File
Task: {B1A9AE39-059B-4005-B736-A1FC92129DFF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B660B0A0-FBA8-40A7-BEC5-CD26F1A29CC9} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {BA34EAF8-754D-49E1-A4C2-0D663EB95E8A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {BF08265F-CBC5-40F5-9405-3314EEC086C3} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2879542182-2021505979-267118839-1002 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {C724B919-37DD-4578-B887-A448C1F4AD60} - System32\Tasks\RunAsStdUser Task => C:\Users\thomas\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe No File
Task: {C8C69B5D-A550-46F7-B1A9-CCBE877F0E66} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1002 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {CE043BBF-D1E4-49AE-B94A-196CF5001BDE} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {D47BB9D0-6DF7-4FB9-939A-DC9E62A0CC06} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2879542182-2021505979-267118839-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {DA170C4E-3BB0-48F8-B461-41FEF486D0BA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2879542182-2021505979-267118839-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {DC4116D6-411F-423E-8850-1315D7E071B9} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files\real\realplayer\Update\realsched.exe [2013-06-29] (RealNetworks, Inc.)
Task: {DDC22CE6-6D18-4406-A9E3-6AAE0540558E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-28] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/28/2013 05:38:24 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 10.0.9200.16635 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3d54
Startzeit: 01ce8ba37dd7ea30
Endzeit: 537
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (07/28/2013 02:20:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2013 02:04:03 PM) (Source: Application Hang) (User: )
Description: Programm SpyHunter4.exe, Version 4.14.5.4268 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 32ac
Startzeit: 01ce8b7e7ca605cb
Endzeit: 7
Anwendungspfad: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Berichts-ID:
Error: (07/28/2013 00:48:26 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 10.0.9200.16635 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d64
Startzeit: 01ce8b7dd3d26334
Endzeit: 35
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (07/28/2013 11:53:44 AM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 10.0.9200.16635 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1dec
Startzeit: 01ce8b77a4adf6e5
Endzeit: 203
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (07/28/2013 10:03:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2013 05:07:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2013 03:15:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2013 10:41:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2013 09:20:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (07/28/2013 03:49:12 PM) (Source: DCOM) (User: thomas-PC)
Description: AnwendungsspezifischLokalAktivierung{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}thomas-PCthomasS-1-5-21-2879542182-2021505979-267118839-1000LocalHost (unter Verwendung von LRPC)
Error: (07/28/2013 03:49:12 PM) (Source: DCOM) (User: thomas-PC)
Description: AnwendungsspezifischLokalAktivierung{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}thomas-PCthomasS-1-5-21-2879542182-2021505979-267118839-1000LocalHost (unter Verwendung von LRPC)
Error: (07/28/2013 02:56:21 PM) (Source: NetBT) (User: )
Description: Der Name "THOMAS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.65
registriert werden. Der Computer mit IP-Adresse 192.168.1.64 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (07/28/2013 02:56:20 PM) (Source: NetBT) (User: )
Description: Der Name "THOMAS-PC :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.65
registriert werden. Der Computer mit IP-Adresse 192.168.1.64 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (07/28/2013 02:56:20 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{38B7263F-FE34-40EC-AC92-2F324E6483EE} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (07/28/2013 02:19:38 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfsync02
Error: (07/28/2013 02:18:38 PM) (Source: Application Popup) (User: )
Description: Treiber sfsync02.sys konnte nicht geladen werden.
Error: (07/28/2013 00:54:02 PM) (Source: NetBT) (User: )
Description: Der Name "THOMAS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.65
registriert werden. Der Computer mit IP-Adresse 192.168.1.64 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (07/28/2013 00:52:43 PM) (Source: SymEFA) (User: )
Description: Failed to create System Volume Information folder on \Device\HarddiskVolume7.
Error: (07/28/2013 00:52:43 PM) (Source: Ntfs) (User: )
Description: Auf dem Volume "F:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 74%
Total physical RAM: 2996.55 MB
Available physical RAM: 768.5 MB
Total Pagefile: 5991.41 MB
Available Pagefile: 2731 MB
Total Virtual: 2047.88 MB
Available Virtual: 1910.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.45 GB) (Free:108.29 GB) NTFS
Drive e: () (Fixed) (Total:228.21 GB) (Free:102.73 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F9F4677C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=228 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2013
Ran by thomas (administrator) on 28-07-2013 21:13:08
Running from C:\Users\thomas\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Enigma Software Group USA, LLC.) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\system32\dmwu.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe
() C:\Windows\system32\PnkBstrA.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Nero AG) C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(infoMantis GmbH) C:\Program Files\iSaver\iSaverCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe
(IGN Entertainment Inc.) C:\Program Files\GameSpy\Comrade\Comrade.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Windows\System32\jmdp\stij.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
() C:\Program Files\DRAGON\dragon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [IndicatorUtility] - C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-14] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [138088 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [33640 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [144744 2009-07-27] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-06-23] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [128360 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [CSRSkype] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [346512 2009-12-24] (CSR, plc)
HKLM\...\Run: [ConMgr] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [504208 2009-12-24] (CSR, plc)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NBAgent] - C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2011-09-20] (Nero AG)
HKLM\...\Run: [SweetIM] - C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Sweetpacks Communicator] - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM\...\Run: [CSRBIP] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBipPushResponder.exe [306088 2009-12-24] (CSR, plc)
HKLM\...\Run: [CSRFTP] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe [331680 2009-12-24] (CSR, plc)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [iSaverCtrl] - C:\Program Files\iSaver\iSaverCtrl.exe [1160192 2009-06-08] (infoMantis GmbH)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2565520 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKCU\...\Run: [Comrade.exe] - C:\Program Files\GameSpy\Comrade\Comrade.exe [36864 2007-06-29] (IGN Entertainment Inc.)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [1631144 2013-04-19] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18680424 2013-05-08] (Skype Technologies S.A.)
HKCU\...\Winlogon: [Shell] explorer.exe <==== ATTENTION
MountPoints2: {11c37ad9-5ed6-11e2-91ea-e0ca945966a0} - F:\AutoRun.exe
MountPoints2: {5b1337cf-8d6a-11e2-abaf-e0ca945966a0} - F:\AutoRun.exe
MountPoints2: {e9e80cd6-0ac8-11e2-9aab-e0ca945966a0} - F:\LaunchU3.exe -a
HKU\Anja\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-05-08] (Skype Technologies S.A.)
Startup: C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119357&tt=gc_&babsrc=SP_ss&mntrId=36F95C9AD85ABD2D
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&st=5&q={searchTerms}&barid={4D6EC63E-E96B-11E1-AF61-E0CA945966A0}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU -Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
========================== Services (Whitelisted) =================
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1440080 2013-06-28] (LogMeIn Inc.)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1167152 2013-05-21] ()
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [641832 2011-09-23] (Nero AG)
R2 NIS; C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\diMaster.dll [556336 2013-05-30] (Symantec Corporation)
S4 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [249344 2010-06-23] (FUJITSU LIMITED)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-02-05] ()
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [62824 2009-07-27] (FUJITSU LIMITED)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [770432 2013-06-27] (Enigma Software Group USA, LLC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1528672 2012-05-29] (TuneUp Software)
S4 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [111536 2009-12-24] (CSR, plc)
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2012-10-20] ()
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001_bf9\BHDrvx86.sys [1002072 2013-07-15] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2013-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-08-18] (Symantec Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] ()
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [5888 2006-11-01] (FUJITSU LIMITED)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [101120 2009-10-12] (Huawei Technologies Co., Ltd.)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130726.001_c51\IDSvix86.sys [386720 2013-07-26] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-10-20] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130727.004\NAVENG.SYS [93272 2013-07-26] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130727.004\NAVEX15.SYS [1611992 2013-07-26] (Symantec Corporation)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [83320 2007-02-08] (Protection Technology (StarForce))
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1404000.028\SYMNETS.SYS [339544 2013-04-25] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-02-09] (TuneUp Software)
U2 ccEvtMgr;
U2 ccSetMgr;
U3 navapsvc;
U3 SAVRT;
U1 SAVRTPEL;
U3 TlntSvr;
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U3 uwdiipoc; \??\C:\Users\thomas\AppData\Local\Temp\uwdiipoc.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-28 21:08 - 2013-07-28 21:08 - 01221130 _____ (Farbar) C:\Users\thomas\Desktop\FRST.exe
2013-07-28 20:38 - 2013-07-28 20:39 - 00081126 _____ C:\Users\thomas\Downloads\VA-Bravo_Hits_Vol_82-2CD-2013-VOiCE.nzb
2013-07-28 20:30 - 2013-07-28 20:30 - 00098259 _____ C:\Users\thomas\Downloads\Bravo Hits 82.nzb
2013-07-28 20:19 - 2013-07-28 20:19 - 00002130 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-28 20:18 - 2013-07-28 20:18 - 00148188 _____ C:\Users\thomas\Downloads\VA-Bravo_Hits_Vol.82-2CD-2013-VOiCE.nzb
2013-07-28 15:51 - 2013-07-28 15:51 - 00015745 _____ C:\Users\thomas\Desktop\OTL.rar
2013-07-28 14:55 - 2013-07-28 14:55 - 00024007 _____ C:\Users\thomas\Desktop\gmer.log
2013-07-28 14:15 - 2013-07-28 14:15 - 00073790 _____ C:\Users\thomas\Desktop\Extras.Txt
2013-07-28 14:14 - 2013-07-28 14:16 - 00122864 _____ C:\Users\thomas\Desktop\OTL.Txt
2013-07-28 14:00 - 2013-07-28 15:28 - 00000474 _____ C:\Users\thomas\Desktop\defogger_disable.log
2013-07-28 14:00 - 2013-07-28 14:00 - 00000000 _____ C:\Users\thomas\defogger_reenable
2013-07-28 13:57 - 2013-07-28 13:57 - 00377856 _____ C:\Users\thomas\Desktop\gmer_2.1.19163.exe
2013-07-28 13:56 - 2013-07-28 13:56 - 00602112 _____ (OldTimer Tools) C:\Users\thomas\Desktop\OTL.exe
2013-07-28 13:56 - 2013-07-28 13:56 - 00050477 _____ C:\Users\thomas\Desktop\Defogger.exe
2013-07-28 13:30 - 2013-07-28 13:30 - 00039892 _____ C:\FRST.txt
2013-07-28 13:30 - 2013-07-28 13:30 - 00028385 _____ C:\Addition.txt
2013-07-28 13:28 - 2013-07-28 13:28 - 00000000 ____D C:\FRST
2013-07-28 12:37 - 2013-07-28 12:37 - 00002204 _____ C:\Users\thomas\Desktop\SpyHunter.lnk
2013-07-28 12:37 - 2013-07-28 12:37 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-07-28 12:37 - 2013-07-28 12:37 - 00000000 ____D C:\sh4ldr
2013-07-28 12:37 - 2013-07-28 12:37 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-28 12:36 - 2013-07-28 12:37 - 00000000 ____D C:\Windows\471D8B37C5B344579FA1B3C693334F4F.TMP
2013-07-28 12:36 - 2013-07-28 12:36 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-07-27 22:44 - 2013-07-27 22:55 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Aquamarin Haushaltsbuch
2013-07-27 22:43 - 2013-07-27 22:43 - 00000985 _____ C:\Users\Public\Desktop\Haushaltsbuch.lnk
2013-07-27 22:43 - 2013-07-27 22:43 - 00000000 ____D C:\Program Files\Haushaltsbuch
2013-07-27 22:43 - 2000-05-22 16:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\system32\msinet.ocx
2013-07-27 22:43 - 1998-06-18 00:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\RACREG32.DLL
2013-07-27 22:43 - 1998-06-18 00:00 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ODKOB32.DLL
2013-07-27 16:43 - 2013-07-27 16:43 - 00002400 _____ C:\{1D7FB0F4-BE5E-4946-B155-14DFB8B3C9AE}
2013-07-26 21:14 - 2013-07-26 21:14 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-07-26 21:13 - 2013-07-26 21:13 - 00000000 ____D C:\Users\thomas\Documents\eRightSoft
2013-07-23 18:11 - 2013-07-23 18:11 - 00280660 _____ C:\Users\Anja\Downloads\Gangbanged.6.XXX.DVDRiP.x264-PORNOLATiON.par2.nzb
2013-07-21 21:01 - 2013-07-27 17:01 - 00000000 ____D C:\Users\thomas\Downloads\Musik
2013-07-20 23:47 - 2013-07-27 17:03 - 00000000 ____D C:\Program Files\Wajam
2013-07-20 23:47 - 2013-07-20 23:47 - 00000000 ____D C:\Program Files\eRightSoft
2013-07-12 23:35 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 23:35 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 23:35 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 23:35 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 23:35 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 23:35 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 23:35 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 23:35 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 23:35 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 23:35 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 23:35 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 23:35 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 23:35 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 23:35 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 23:35 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 23:35 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 21:42 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-12 21:42 - 2013-06-04 05:17 - 02356224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-12 21:42 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-12 21:42 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 10:50 - 2013-07-07 10:50 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-07-03 07:00 - 2013-07-28 11:09 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-03 06:39 - 2013-07-03 06:39 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2013-07-02 22:04 - 2013-07-27 17:03 - 00000000 ____D C:\Users\thomas\Downloads\VA_-_Ballermann_2013_NoGroup
2013-06-30 16:28 - 2013-06-30 16:28 - 00000000 ____D C:\Users\thomas\AppData\Local\WBFSManager
2013-06-30 16:27 - 2013-06-30 16:27 - 00001067 _____ C:\Users\thomas\Desktop\WBFS Manager 3.0.lnk
2013-06-30 16:27 - 2013-06-30 16:27 - 00000000 ____D C:\Users\thomas\Documents\WBFS Manager Covers
2013-06-30 16:27 - 2013-06-30 16:27 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager
2013-06-30 16:27 - 2013-06-30 16:27 - 00000000 ____D C:\Program Files\WBFS
2013-06-29 20:37 - 2013-06-29 20:37 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-29 20:37 - 2013-06-29 20:37 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-06-29 20:37 - 2013-06-29 20:37 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-06-29 20:37 - 2013-06-29 20:37 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-29 20:37 - 2013-06-29 20:37 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-29 20:03 - 2013-06-29 20:04 - 21703480 _____ (Mozilla) C:\Users\thomas\Downloads\Firefox_Setup_22.0.exe
2013-06-29 18:53 - 2013-06-29 18:53 - 00001102 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2013-06-29 18:53 - 2013-06-29 18:53 - 00000000 ____D C:\ProgramData\RealNetworks
2013-06-29 18:53 - 2013-06-29 18:53 - 00000000 ____D C:\Program Files\RealNetworks
2013-06-29 18:52 - 2013-06-29 18:52 - 00000000 ____D C:\Program Files\Common Files\xing shared
2013-06-28 20:17 - 2013-06-28 20:17 - 00000984 _____ C:\Users\Public\Desktop\VLC media player.lnk
==================== One Month Modified Files and Folders =======
2013-07-28 21:08 - 2013-07-28 21:08 - 01221130 _____ (Farbar) C:\Users\thomas\Desktop\FRST.exe
2013-07-28 21:06 - 2009-07-14 06:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-28 21:06 - 2009-07-14 06:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-28 20:52 - 2012-10-10 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-28 20:39 - 2013-07-28 20:38 - 00081126 _____ C:\Users\thomas\Downloads\VA-Bravo_Hits_Vol_82-2CD-2013-VOiCE.nzb
2013-07-28 20:30 - 2013-07-28 20:30 - 00098259 _____ C:\Users\thomas\Downloads\Bravo Hits 82.nzb
2013-07-28 20:19 - 2013-07-28 20:19 - 00002130 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-28 20:19 - 2012-08-20 13:45 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-28 20:18 - 2013-07-28 20:18 - 00148188 _____ C:\Users\thomas\Downloads\VA-Bravo_Hits_Vol.82-2CD-2013-VOiCE.nzb
2013-07-28 20:18 - 2012-08-20 13:45 - 00000000 ____D C:\Program Files\Google
2013-07-28 19:28 - 2010-11-20 23:01 - 01536340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-28 17:16 - 2012-08-20 13:45 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-28 17:10 - 2012-08-18 16:59 - 01670298 _____ C:\Windows\WindowsUpdate.log
2013-07-28 16:28 - 2012-08-22 21:00 - 00000000 ____D C:\Users\thomas\AppData\Local\Adobe
2013-07-28 16:27 - 2012-08-18 17:08 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-28 16:27 - 2012-08-18 17:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-28 15:51 - 2013-07-28 15:51 - 00015745 _____ C:\Users\thomas\Desktop\OTL.rar
2013-07-28 15:28 - 2013-07-28 14:00 - 00000474 _____ C:\Users\thomas\Desktop\defogger_disable.log
2013-07-28 15:27 - 2012-10-14 22:04 - 00000000 ____D C:\ProgramData\SlySoft
2013-07-28 14:55 - 2013-07-28 14:55 - 00024007 _____ C:\Users\thomas\Desktop\gmer.log
2013-07-28 14:22 - 2013-02-08 08:50 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Skype
2013-07-28 14:20 - 2013-02-19 21:27 - 00000000 ____D C:\Program Files\Steam
2013-07-28 14:20 - 2013-02-16 12:14 - 00000000 ____D C:\Users\thomas\AppData\Local\LogMeIn Hamachi
2013-07-28 14:19 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-28 14:19 - 2009-07-14 06:39 - 00052178 _____ C:\Windows\setupact.log
2013-07-28 14:18 - 2010-11-20 23:48 - 00085472 _____ C:\Windows\PFRO.log
2013-07-28 14:16 - 2013-07-28 14:14 - 00122864 _____ C:\Users\thomas\Desktop\OTL.Txt
2013-07-28 14:15 - 2013-07-28 14:15 - 00073790 _____ C:\Users\thomas\Desktop\Extras.Txt
2013-07-28 14:00 - 2013-07-28 14:00 - 00000000 _____ C:\Users\thomas\defogger_reenable
2013-07-28 14:00 - 2012-08-18 17:07 - 00000000 ____D C:\Users\thomas
2013-07-28 13:57 - 2013-07-28 13:57 - 00377856 _____ C:\Users\thomas\Desktop\gmer_2.1.19163.exe
2013-07-28 13:56 - 2013-07-28 13:56 - 00602112 _____ (OldTimer Tools) C:\Users\thomas\Desktop\OTL.exe
2013-07-28 13:56 - 2013-07-28 13:56 - 00050477 _____ C:\Users\thomas\Desktop\Defogger.exe
2013-07-28 13:34 - 2012-08-18 19:41 - 00000000 ____D C:\Users\thomas\AppData\Local\Windows Live
2013-07-28 13:30 - 2013-07-28 13:30 - 00039892 _____ C:\FRST.txt
2013-07-28 13:30 - 2013-07-28 13:30 - 00028385 _____ C:\Addition.txt
2013-07-28 13:28 - 2013-07-28 13:28 - 00000000 ____D C:\FRST
2013-07-28 13:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-28 12:37 - 2013-07-28 12:37 - 00002204 _____ C:\Users\thomas\Desktop\SpyHunter.lnk
2013-07-28 12:37 - 2013-07-28 12:37 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-07-28 12:37 - 2013-07-28 12:37 - 00000000 ____D C:\sh4ldr
2013-07-28 12:37 - 2013-07-28 12:37 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-28 12:37 - 2013-07-28 12:36 - 00000000 ____D C:\Windows\471D8B37C5B344579FA1B3C693334F4F.TMP
2013-07-28 12:36 - 2013-07-28 12:36 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-07-28 11:09 - 2013-07-03 07:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-28 10:18 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-27 22:55 - 2013-07-27 22:44 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Aquamarin Haushaltsbuch
2013-07-27 22:43 - 2013-07-27 22:43 - 00000985 _____ C:\Users\Public\Desktop\Haushaltsbuch.lnk
2013-07-27 22:43 - 2013-07-27 22:43 - 00000000 ____D C:\Program Files\Haushaltsbuch
2013-07-27 17:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2013-07-27 17:04 - 2012-08-22 17:31 - 00000000 ____D C:\Users\Janine
2013-07-27 17:04 - 2012-08-20 13:10 - 00000000 ____D C:\Users\Anja
2013-07-27 17:04 - 2011-04-12 03:38 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-27 17:03 - 2013-07-20 23:47 - 00000000 ____D C:\Program Files\Wajam
2013-07-27 17:03 - 2013-07-02 22:04 - 00000000 ____D C:\Users\thomas\Downloads\VA_-_Ballermann_2013_NoGroup
2013-07-27 17:03 - 2013-06-15 18:37 - 00000000 ____D C:\Users\thomas\Downloads\German_TOP100_Single_Charts_17_06_2013-NoGroup
2013-07-27 17:03 - 2013-06-13 21:05 - 00000000 ____D C:\Users\thomas\Downloads\VA-Just_The_Best_Sommer_Hits_1990-Heute_-3CD-2013-VOiCE
2013-07-27 17:03 - 2013-05-22 12:37 - 00000000 ____D C:\ProgramData\Norton
2013-07-27 17:03 - 2013-05-06 21:01 - 00000000 ____D C:\Users\Janine\AppData\Roaming\PhotoScape
2013-07-27 17:03 - 2013-04-21 12:09 - 00000000 ____D C:\Users\thomas\Downloads\VA_-_The_Sound_of_the_80s_Vol.4-Bootleg-2013-SYNDIKAT
2013-07-27 17:03 - 2013-03-22 08:03 - 00000000 ____D C:\Users\thomas\Downloads\VA-The_Dome_Vol.65-2CD-2013-VOiCE
2013-07-27 17:03 - 2013-03-22 08:03 - 00000000 ____D C:\Users\thomas\Downloads\SpongeBob-Bobstar-Das_Total_Abgedrehte_Album-_2013_-NoGroup
2013-07-27 17:03 - 2013-03-22 07:52 - 00000000 ____D C:\Users\thomas\Downloads\Onerepublic-Native-2013-OMA
2013-07-27 17:03 - 2013-03-19 15:31 - 00000000 ____D C:\Users\thomas\Downloads\VA-Best_Of_2013-Fruehlingshits-_2013_-NoGroup
2013-07-27 17:03 - 2013-03-11 19:53 - 00000000 ____D C:\Users\thomas\Downloads\Hurts-Exile-2013-OMA
2013-07-27 17:03 - 2013-01-19 20:17 - 00000000 ____D C:\Users\thomas\Downloads\Depeche_Mode-The_Best_Of_Vol.1-_2006_-NoGroup (1)
2013-07-27 17:03 - 2013-01-19 20:00 - 00000000 ____D C:\Users\thomas\Downloads\Depeche_Mode-The_Best_Of_Vol.1-_2006_-NoGroup
2013-07-27 17:03 - 2012-12-10 16:28 - 00000000 ____D C:\Users\Janine\AppData\Roaming\ScreeNet iSaver
2013-07-27 17:03 - 2012-12-06 21:53 - 00000000 ____D C:\Users\Anja\AppData\Roaming\ScreeNet iSaver
2013-07-27 17:03 - 2012-11-24 20:55 - 00000000 ____D C:\Users\thomas\AppData\Roaming\ScreeNet iSaver
2013-07-27 17:03 - 2012-11-19 16:00 - 00000000 ____D C:\Users\Anja\AppData\Local\LogMeIn Hamachi
2013-07-27 17:03 - 2012-11-18 20:51 - 00000000 ____D C:\Users\Janine\AppData\Local\LogMeIn Hamachi
2013-07-27 17:03 - 2012-11-18 17:52 - 00000000 ____D C:\Users\Janine\Downloads\Survivers_Beta_3_Data
2013-07-27 17:03 - 2012-11-16 19:51 - 00000000 ____D C:\Users\thomas\Downloads\VA-Best_of_Black_2012-2CD-2012-VOiCE
2013-07-27 17:03 - 2012-11-16 19:47 - 00000000 ____D C:\Users\thomas\Downloads\Pitbull-Global_Warming-2012-CR
2013-07-27 17:03 - 2012-11-11 13:59 - 00000000 ____D C:\Users\thomas\Downloads\One_Direction-Take_Me_Home_Limited_Yearbook_Edition_-2012-pLAN9
2013-07-27 17:03 - 2012-11-01 12:47 - 00000000 ____D C:\Users\thomas\Downloads\Ne-Yo-R.E.D.-_Deluxe_Edition_-2012-CR
2013-07-27 17:03 - 2012-10-31 17:59 - 00000000 ____D C:\Users\thomas\Downloads\Ice_Cube-10_Great_Songs-2012-MTD
2013-07-27 17:03 - 2012-09-19 22:08 - 00000000 ____D C:\Users\thomas\Downloads\VA-X-Diaries_Vol._4-Love_Sun_Fun-_2012_-NoGroup (1)
2013-07-27 17:03 - 2012-09-10 17:18 - 00000000 ____D C:\Users\thomas\Downloads\David_Guetta-Nothing_But_the_Beat_2.0-WEB-2012-VOiCE
2013-07-27 17:03 - 2012-08-20 14:09 - 00000000 ____D C:\Users\Anja\AppData\Roaming\vlc
2013-07-27 17:03 - 2012-08-20 13:54 - 00000000 ____D C:\Users\Anja\AppData\Local\sabnzbd
2013-07-27 17:03 - 2012-08-19 00:06 - 00000000 ____D C:\Users\thomas\AppData\Roaming\vlc
2013-07-27 17:03 - 2012-08-18 22:53 - 00000000 ____D C:\Users\thomas\AppData\Local\sabnzbd
2013-07-27 17:03 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2013-07-27 17:01 - 2013-07-21 21:01 - 00000000 ____D C:\Users\thomas\Downloads\Musik
2013-07-27 17:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2013-07-27 16:58 - 2012-08-18 21:33 - 00000000 ____D C:\ProgramData\Real
2013-07-27 16:43 - 2013-07-27 16:43 - 00002400 _____ C:\{1D7FB0F4-BE5E-4946-B155-14DFB8B3C9AE}
2013-07-27 15:42 - 2012-08-18 19:26 - 00000000 ____D C:\Users\thomas\AppData\Local\VirtualStore
2013-07-26 21:14 - 2013-07-26 21:14 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-07-26 21:13 - 2013-07-26 21:13 - 00000000 ____D C:\Users\thomas\Documents\eRightSoft
2013-07-23 19:36 - 2013-03-28 13:23 - 00000000 ____D C:\Users\Anja\AppData\Local\Windows Live
2013-07-23 18:11 - 2013-07-23 18:11 - 00280660 _____ C:\Users\Anja\Downloads\Gangbanged.6.XXX.DVDRiP.x264-PORNOLATiON.par2.nzb
2013-07-21 19:09 - 2013-05-26 14:28 - 00000000 ____D C:\Users\thomas\AppData\Local\CrashDumps
2013-07-20 23:47 - 2013-07-20 23:47 - 00000000 ____D C:\Program Files\eRightSoft
2013-07-20 22:59 - 2013-01-05 22:50 - 00000013 _____ C:\Users\thomas\Desktop\server.txt
2013-07-19 11:10 - 2013-02-06 12:11 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-13 14:53 - 2013-05-23 19:45 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Yontoo
2013-07-13 11:05 - 2009-07-14 06:33 - 00451776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 11:04 - 2012-08-18 19:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 11:04 - 2011-04-12 03:38 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 11:04 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 23:35 - 2012-08-18 20:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-12 23:27 - 2012-08-18 19:07 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-07 10:50 - 2013-07-07 10:50 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-07-04 17:21 - 2013-06-12 18:40 - 00000000 ____D C:\Users\Janine\AppData\Local\CrashDumps
2013-07-03 12:34 - 2012-08-18 17:46 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-03 12:33 - 2013-05-01 12:40 - 00001908 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-07-03 12:33 - 2012-08-22 13:45 - 00000000 ____D C:\Program Files\Samsung
2013-07-03 12:33 - 2012-08-22 13:44 - 00000000 ____D C:\Users\thomas\AppData\Local\Downloaded Installations
2013-07-03 06:39 - 2013-07-03 06:39 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2013-06-30 16:28 - 2013-06-30 16:28 - 00000000 ____D C:\Users\thomas\AppData\Local\WBFSManager
2013-06-30 16:27 - 2013-06-30 16:27 - 00001067 _____ C:\Users\thomas\Desktop\WBFS Manager 3.0.lnk
2013-06-30 16:27 - 2013-06-30 16:27 - 00000000 ____D C:\Users\thomas\Documents\WBFS Manager Covers
2013-06-30 16:27 - 2013-06-30 16:27 - 00000000 ____D C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager
2013-06-30 16:27 - 2013-06-30 16:27 - 00000000 ____D C:\Program Files\WBFS
2013-06-29 20:37 - 2013-06-29 20:37 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-29 20:37 - 2013-06-29 20:37 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-06-29 20:37 - 2013-06-29 20:37 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-06-29 20:37 - 2013-06-29 20:37 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-29 20:37 - 2013-06-29 20:37 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-29 20:37 - 2012-08-18 17:08 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-06-29 20:37 - 2012-08-18 17:08 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-06-29 20:04 - 2013-06-29 20:03 - 21703480 _____ (Mozilla) C:\Users\thomas\Downloads\Firefox_Setup_22.0.exe
2013-06-29 18:53 - 2013-06-29 18:53 - 00001102 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2013-06-29 18:53 - 2013-06-29 18:53 - 00000000 ____D C:\ProgramData\RealNetworks
2013-06-29 18:53 - 2013-06-29 18:53 - 00000000 ____D C:\Program Files\RealNetworks
2013-06-29 18:52 - 2013-06-29 18:52 - 00000000 ____D C:\Program Files\Common Files\xing shared
2013-06-29 18:52 - 2012-12-20 11:59 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2013-06-29 18:51 - 2012-12-20 11:59 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2013-06-29 18:51 - 2012-12-20 11:59 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2013-06-29 18:51 - 2012-08-18 21:33 - 00272896 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll
2013-06-29 18:50 - 2012-12-20 11:59 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2013-06-29 18:50 - 2012-12-20 11:59 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2013-06-28 20:17 - 2013-06-28 20:17 - 00000984 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-06-28 20:15 - 2012-08-18 19:19 - 00000000 ____D C:\Windows\system32\Adobe
2013-06-28 16:24 - 2012-11-01 18:47 - 00000000 ____D C:\Users\thomas\Documents\SelfMV
Files to move or delete:
====================
C:\Users\thomas\AppData\Roaming\skype.ini
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2012-05-09 05:16] - [2012-05-09 05:16] - 2616320 ____A (Microsoft Corporation) 82B49E32080BF5C469BF877C473B15EB
C:\Windows\System32\winlogon.exe
[2012-05-09 04:48] - [2012-05-09 04:48] - 0287232 ____A (Microsoft Corporation) 7295110E1BF93885D29480D29D967E0F
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe
[2012-05-09 04:17] - [2012-05-09 04:17] - 0021504 ____A (Microsoft Corporation) ECDB182F885292145826C58252B53000
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2012-05-09 04:55] - [2012-05-09 04:55] - 0811520 ____A (Microsoft Corporation) F423305D648659593E61ADE582B53E69
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-05-09 04:55] - [2012-05-09 04:55] - 0246128 ____A (Microsoft Corporation) 4B93EBB74FBAA2A6C16A7E65ABCF1F16
LastRegBack: 2013-07-17 08:56
==================== End Of Log ============================
--- --- ---
--- --- --- |
FRST 32-Bit | FRST 64-Bit
So funktioniert es: