Danke für die schnelle Antwort. Hab die Zwei Dateien angehängt. Oder soll ich sie anders bereitstellen? Habs gerade gesehen tut mir Leid :P
OTL Code:
OTL logfile created on: 05.11.2013 17:58:16 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Johannes Schwaiger\Downloads\Programme Save
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,93 Gb Total Physical Memory | 5,03 Gb Available Physical Memory | 63,34% Memory free
30,93 Gb Paging File | 26,93 Gb Available in Paging File | 87,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,42 Gb Total Space | 298,49 Gb Free Space | 64,13% Space Free | Partition Type: NTFS
Drive H: | 7,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: KICKASS | User Name: Johannes Schwaiger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.10.29 18:14:16 | 009,547,240 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Spiele\TS 3\ts3client_win32.exe
PRC - [2013.10.29 17:48:56 | 004,089,696 | ---- | M] () -- C:\Spiele\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.190\deploy\LoLLauncher.exe
PRC - [2013.10.09 01:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.10.05 02:02:34 | 000,065,312 | ---- | M] (glindorus) -- C:\Program Files (x86)\glindorus\updateglindorus.exe
PRC - [2013.09.23 09:21:16 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.09.23 09:20:53 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.09.05 15:04:04 | 001,411,448 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2013.08.30 23:10:20 | 000,558,480 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2013.07.15 15:15:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Johannes Schwaiger\Downloads\Programme Save\OTL.exe
PRC - [2013.07.10 15:56:57 | 000,074,752 | ---- | M] () -- C:\Spiele\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.55\deploy\LolClient.exe
PRC - [2013.06.19 19:40:42 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.25 18:58:54 | 001,300,376 | ---- | M] () -- C:\Spiele\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012.02.28 15:09:18 | 003,128,856 | ---- | M] (devolo AG) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
========== Modules (No Company Name) ==========
MOD - [2013.10.29 18:14:16 | 000,555,496 | ---- | M] () -- C:\Spiele\TS 3\plugins\teamspeak_control_plugin.dll
MOD - [2013.10.29 18:14:16 | 000,431,080 | ---- | M] () -- C:\Spiele\TS 3\plugins\clientquery_plugin.dll
MOD - [2013.10.29 18:14:16 | 000,237,032 | ---- | M] () -- C:\Spiele\TS 3\soundbackends\windowsaudiosession_win32.dll
MOD - [2013.10.29 18:14:16 | 000,230,376 | ---- | M] () -- C:\Spiele\TS 3\soundbackends\directsound_win32.dll
MOD - [2013.10.29 17:48:56 | 004,089,696 | ---- | M] () -- C:\Spiele\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.190\deploy\LoLLauncher.exe
MOD - [2013.10.29 17:48:56 | 000,124,928 | ---- | M] () -- C:\Spiele\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.190\deploy\RiotLauncher.dll
MOD - [2013.10.09 01:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
MOD - [2013.10.09 01:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013.10.09 01:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013.10.09 01:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013.10.09 01:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013.10.09 01:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013.07.10 15:56:57 | 000,074,752 | ---- | M] () -- C:\Spiele\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.55\deploy\LolClient.exe
MOD - [2012.10.29 11:08:18 | 000,195,584 | ---- | M] () -- C:\Spiele\TS 3\imageformats\_old_qjpeg4.dll
MOD - [2012.10.29 11:08:18 | 000,025,600 | ---- | M] () -- C:\Spiele\TS 3\imageformats\_old_qgif4.dll
MOD - [2012.10.25 18:58:54 | 001,300,376 | ---- | M] () -- C:\Spiele\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2012.09.23 19:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.08.16 06:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013.06.24 23:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013.06.01 10:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.05.04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.05.04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.04.09 05:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.01.10 00:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 00:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.12.19 20:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.11.06 05:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.09.20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.07.26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013.10.29 18:16:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.05 02:02:34 | 000,065,312 | ---- | M] (glindorus) [Auto | Running] -- C:\Program Files (x86)\glindorus\updateglindorus.exe -- (Update glindorus)
SRV - [2013.09.23 09:21:16 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.09.23 09:20:53 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.08.30 23:10:20 | 000,558,480 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2013.08.12 13:11:07 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.07.10 02:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.06.19 19:40:42 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.06 05:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.07.26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.20 13:00:51 | 002,635,776 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV - [2012.02.28 15:09:18 | 003,128,856 | ---- | M] (devolo AG) [Auto | Running] -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.09.23 09:21:19 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.09.23 09:21:19 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.08.30 22:53:13 | 000,052,080 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpnva64-6.sys -- (vpnva)
DRV:64bit: - [2013.08.30 22:51:25 | 000,112,080 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2013.08.16 06:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013.07.09 09:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013.07.02 02:41:47 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.07.02 02:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.07.02 02:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.07.02 01:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.07.01 23:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.06.29 07:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.06.10 22:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013.06.01 04:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.05.04 08:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.03.02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 11:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.26 14:56:51 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.01.10 02:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.12.21 07:46:02 | 000,104,184 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.12.19 21:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 20:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.27 04:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.06 04:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.12 09:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 08:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.09.20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.07.30 17:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.07.26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.12.17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.08.09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VClone.sys -- (VClone)
DRV - [2012.01.31 17:41:08 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2010.09.16 16:02:59 | 000,045,664 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys -- (TelekomNM6)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5E 03 AA 49 DC FD CD 01 [binary data]
IE - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\..\SearchScopes\{F26CF4E4-F320-4887-81FF-BC551EF3AE3E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=15f1751a-7637-48e1-8353-4f819e5dfef7&apn_sauid=5B178328-334B-4E30-8227-DCBDC3C3ECCA
IE - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: cryenginebrowserplugin%40crytek.com:0.35.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.17
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Johannes Schwaiger\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.08.07 17:36:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.08.07 17:36:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2013.01.29 23:15:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes Schwaiger\AppData\Roaming\mozilla\Extensions
[2013.11.05 17:33:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes Schwaiger\AppData\Roaming\mozilla\Firefox\Profiles\gxpn4ipj.default\extensions
[2013.07.29 00:13:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Johannes Schwaiger\AppData\Roaming\mozilla\Firefox\Profiles\gxpn4ipj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.07.29 00:13:14 | 000,000,000 | ---D | M] (GFACE Experience Plugin) -- C:\Users\Johannes Schwaiger\AppData\Roaming\mozilla\Firefox\Profiles\gxpn4ipj.default\extensions\cryenginebrowserplugin@crytek.com
[2013.07.29 00:13:14 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Johannes Schwaiger\AppData\Roaming\mozilla\Firefox\Profiles\gxpn4ipj.default\extensions\ich@maltegoetz.de
[2013.10.05 02:02:34 | 000,007,523 | ---- | M] () (No name found) -- C:\Users\Johannes Schwaiger\AppData\Roaming\mozilla\firefox\profiles\gxpn4ipj.default\extensions\firefox@glindorus.net.xpi
[2013.08.12 13:09:32 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Johannes Schwaiger\AppData\Roaming\mozilla\firefox\profiles\gxpn4ipj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.01 21:33:38 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Johannes Schwaiger\AppData\Roaming\mozilla\firefox\profiles\gxpn4ipj.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.08.12 13:11:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.08.12 13:11:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Users\Johannes Schwaiger\AppData\Roaming\raidcall\plugins\nprcplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: glindorus = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe\1.0.0_0\
CHR - Extension: Google Docs = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: James White = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: YouTube = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\
CHR - Extension: Google-Suche = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: ProxMate - Improve your Internet! = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.8_0\
CHR - Extension: Google Wallet = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Google Mail = C:\Users\Johannes Schwaiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (glindorus) - {9598e82a-7e09-4438-b425-b9e9718c3c73} - C:\Program Files (x86)\glindorus\glindorusbho.dll (glindorus)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001..\Run: [Spotify] C:\Users\Johannes Schwaiger\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001..\Run: [Spotify Web Helper] C:\Users\Johannes Schwaiger\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Johannes Schwaiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Johannes Schwaiger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-641962192-3957690694-3295196625-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61EB88C6-6AF1-4DE3-BFF4-D7BCD7AB1FB9}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.07.14 18:05:40 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.05.25 05:16:57 | 000,000,046 | -H-- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{a94fd9d3-69bb-11e2-be65-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a94fd9d3-69bb-11e2-be65-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Installer.exe -- [2010.05.25 05:16:57 | 002,505,256 | ---- | M] ()
O33 - MountPoints2\{c4ca6d89-6ba4-11e2-be69-d43d7e37f014}\Shell - "" = AutoRun
O33 - MountPoints2\{c4ca6d89-6ba4-11e2-be69-d43d7e37f014}\Shell\AutoRun\command - "" = "F:\Setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.11.05 17:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\glindorus
[2013.11.03 15:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-bit)
[2013.11.01 21:06:44 | 000,000,000 | ---D | C] -- C:\Users\Johannes Schwaiger\AppData\Roaming\GeoGebra 4.4
[2013.11.01 21:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.4
[2013.10.31 20:37:06 | 000,000,000 | ---D | C] -- C:\Users\Johannes Schwaiger\Desktop\pic
[2013.10.30 22:37:16 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2013.10.30 16:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.10.26 10:55:06 | 000,000,000 | ---D | C] -- C:\Users\Johannes Schwaiger\Desktop\Uni
[2013.10.25 16:59:24 | 000,000,000 | ---D | C] -- C:\Users\Johannes Schwaiger\Desktop\pdf müll
[2013.10.25 16:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHYWE Systeme
[2013.10.25 16:35:01 | 000,000,000 | ---D | C] -- C:\Uni Programme
[8 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.11.05 17:58:47 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.05 17:58:00 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.05 17:33:25 | 000,581,957 | ---- | M] () -- C:\Users\Johannes Schwaiger\Desktop\AdwCleaner_1.606_En.exe
[2013.11.05 17:16:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.05 17:03:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.03 16:59:05 | 000,000,173 | ---- | M] () -- C:\Users\Johannes Schwaiger\AppData\Local\msmathematics.qat.Johannes Schwaiger
[2013.11.03 16:56:09 | 000,001,187 | ---- | M] () -- C:\Users\Johannes Schwaiger\Desktop\MathApp - Verknüpfung.lnk
[2013.11.01 21:06:14 | 000,001,614 | ---- | M] () -- C:\Users\Public\Desktop\GeoGebra.lnk
[2013.11.01 13:43:10 | 000,001,122 | ---- | M] () -- C:\Users\Johannes Schwaiger\Desktop\Skype - Verknüpfung.lnk
[2013.10.31 20:39:14 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.10.31 20:39:14 | 000,751,892 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.10.31 20:39:14 | 000,710,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.10.31 20:39:14 | 000,155,620 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.10.31 20:39:14 | 000,132,416 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.10.30 16:11:47 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.10.30 16:11:01 | 2520,600,575 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.29 22:58:59 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.10.25 16:35:45 | 000,004,608 | ---- | M] () -- C:\Users\Johannes Schwaiger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.25 16:35:04 | 000,001,853 | ---- | M] () -- C:\Users\Public\Desktop\measure Dynamics.lnk
[2013.10.20 20:07:33 | 789,866,526 | ---- | M] () -- C:\Windows\MEMORY.DMP
[8 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.11.05 17:33:25 | 000,581,957 | ---- | C] () -- C:\Users\Johannes Schwaiger\Desktop\AdwCleaner_1.606_En.exe
[2013.11.03 16:59:05 | 000,000,173 | ---- | C] () -- C:\Users\Johannes Schwaiger\AppData\Local\msmathematics.qat.Johannes Schwaiger
[2013.11.03 16:56:09 | 000,001,187 | ---- | C] () -- C:\Users\Johannes Schwaiger\Desktop\MathApp - Verknüpfung.lnk
[2013.11.01 21:06:14 | 000,001,614 | ---- | C] () -- C:\Users\Public\Desktop\GeoGebra.lnk
[2013.11.01 13:43:10 | 000,001,122 | ---- | C] () -- C:\Users\Johannes Schwaiger\Desktop\Skype - Verknüpfung.lnk
[2013.10.29 17:47:46 | 000,386,923 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.10.25 16:35:39 | 000,004,608 | ---- | C] () -- C:\Users\Johannes Schwaiger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.25 16:35:04 | 000,001,853 | ---- | C] () -- C:\Users\Public\Desktop\measure Dynamics.lnk
[2013.09.23 14:26:12 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.06.16 02:32:56 | 000,005,632 | ---- | C] () -- C:\Users\Johannes Schwaiger\AppData\Roaming\Pokémon3D - Aktualisierung.exe
[2013.06.16 02:32:56 | 000,000,111 | ---- | C] () -- C:\Users\Johannes Schwaiger\AppData\Roaming\info.update
[2013.05.20 19:31:18 | 000,000,256 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013.04.04 01:10:51 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2013.02.03 14:36:15 | 000,007,605 | ---- | C] () -- C:\Users\Johannes Schwaiger\AppData\Local\Resmon.ResmonCfg
[2013.01.30 14:15:00 | 000,281,392 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.01.30 14:14:59 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.01.30 14:14:58 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.01.29 03:52:18 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.01.29 03:52:18 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.01.29 03:52:18 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.01.29 03:29:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.12.18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.12.18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.12.18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.12.18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
========== ZeroAccess Check ==========
[2013.01.29 05:47:47 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.08.02 07:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.08.02 06:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.10.20 15:14:39 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\.minecraft
[2013.07.27 12:24:23 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\de.devolo.dLAN.Cockpit
[2013.04.01 18:07:20 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\Dropbox
[2013.11.01 21:06:44 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\GeoGebra 4.4
[2013.01.30 13:46:24 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\LolClient
[2013.07.15 00:01:03 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\Mumble
[2013.05.22 14:30:56 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\OBS
[2013.03.06 14:15:32 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\raidcall
[2013.07.15 00:01:03 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\SplitMediaLabs
[2013.11.03 04:21:44 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\Spotify
[2013.02.14 04:37:53 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\The Creative Assembly
[2013.01.29 23:15:25 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\Thunderbird
[2013.11.05 17:10:14 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\TS3Client
[2013.05.01 13:19:33 | 000,000,000 | ---D | M] -- C:\Users\Johannes Schwaiger\AppData\Roaming\tulip
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013.11.05 17:20:40 | 105,048,247 | ---- | M] ()(C:\Windows\SysWow64\??L?) -- C:\Windows\SysWow64\吋睌L˜
[2013.10.30 16:13:04 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\??L?) -- C:\Windows\SysWow64\吋睌L˜
[2013.09.28 00:52:23 | 098,372,650 | ---- | M] ()(C:\Windows\SysWow64\??LÏ) -- C:\Windows\SysWow64\㯉⧋LÏ
[2013.09.25 18:19:33 | 098,372,650 | ---- | C] ()(C:\Windows\SysWow64\??LÏ) -- C:\Windows\SysWow64\㯉⧋LÏ
< End of report >
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by Johannes Schwaiger at 2013-11-05 18:08:08
Running from C:\Users\Johannes Schwaiger\Downloads\Programme Save
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
Assassin's Creed ® III (x32 Version: 1.00)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04066)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04066)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
devolo dLAN Cockpit (x32 Version: 3.2.0.0)
dLAN Cockpit (x32 Version: 3.2.28)
Dota 2 (x32)
Dropbox (HKCU Version: 1.6.18)
Façade (x32 Version: 1.0.3)
Freemake Video Converter Version 4.0.1 (x32 Version: 4.0.1)
GeoGebra 4.4 (x32 Version: 4.3.31.0)
glindorus 1.0.0 (Version: 1.0.0)
Google Chrome (x32 Version: 30.0.1599.101)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
League of Legends (x32 Version: 1.3)
Left 4 Dead 2 (x32)
LOLReplay (x32 Version: 0.8.2.1)
ManiaPlanet (x32)
measure Dynamics (x32 Version: 1.4.0405)
Microsoft Age of Empires Gold (x32)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0)
Microsoft Mathematics (64-bit) (Version: 4.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Mozilla Firefox 23.0 (x86 de) (x32 Version: 23.0)
Mozilla Maintenance Service (x32 Version: 23.0)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
Mumble 1.2.3 (x32 Version: 1.2.3)
MyFreeCodec (HKCU)
Netzmanager (Version: 1.071)
Netzmanager (x32 Version: 1.071)
Neverwinter (x32)
NVIDIA PhysX (x32 Version: 9.09.1112)
Open Broadcaster Software (x32)
Path of Exile (x32 Version: 0.10.1.23266)
PlanetSide 2 (x32)
PunkBuster Services (x32 Version: 0.991)
RaidCall (x32 Version: 7.1.6-1.0.4843.7)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657)
Samsung Kies (x32 Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Skype™ 6.1 (x32 Version: 6.1.129)
SpeedFan (remove only) (x32)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
StarCraft II (x32)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (x32 Version: 3.0.6)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Uplay (x32 Version: 2.0)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VirtualCloneDrive (x32)
VLC media player 2.0.7 (Version: 2.0.7)
XSplit (x32 Version: 1.2.1303.0101)
==================== Restore Points =========================
29-10-2013 17:04:17 Windows Update
31-10-2013 15:00:48 Removed Kabel Deutschland Launchpad
03-11-2013 14:01:09 Installed Microsoft Mathematics (64-bit)
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {2A2FE4DA-FAD8-4D22-9C66-0CF37AD0731F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-29] (Google Inc.)
Task: {5516E1B9-BA9F-4683-8BA3-38FB292AA75E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5A49BEC2-6B1B-4C78-926B-B650368D9815} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-29] (Adobe Systems Incorporated)
Task: {C44BF771-C635-4AD4-87AA-E80F92824043} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-29] (Google Inc.)
Task: {DD3C79C5-4A1E-4755-9514-3DACE882EE63} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-01-30 00:00 - 2013-01-30 00:01 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-08-30 23:11 - 2013-08-30 23:11 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-04-16 13:15 - 2013-01-25 08:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-10-29 11:08 - 2012-10-29 11:08 - 00025600 _____ () C:\Spiele\TS 3\imageformats\_old_qgif4.dll
2012-10-29 11:08 - 2012-10-29 11:08 - 00195584 _____ () C:\Spiele\TS 3\imageformats\_old_qjpeg4.dll
2012-10-29 11:08 - 2013-10-29 18:14 - 00230376 _____ () C:\Spiele\TS 3\soundbackends\directsound_win32.dll
2012-10-29 11:08 - 2013-10-29 18:14 - 00237032 _____ () C:\Spiele\TS 3\soundbackends\windowsaudiosession_win32.dll
2012-10-29 11:08 - 2013-10-29 18:14 - 00431080 _____ () C:\Spiele\TS 3\plugins\clientquery_plugin.dll
2013-09-23 09:21 - 2013-10-29 18:14 - 00555496 _____ () C:\Spiele\TS 3\plugins\teamspeak_control_plugin.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2013-10-29 22:58 - 2013-10-09 01:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-29 22:58 - 2013-10-09 01:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-29 22:58 - 2013-10-09 01:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-29 22:58 - 2013-10-09 01:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-29 22:58 - 2013-10-09 01:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-29 22:58 - 2013-10-09 01:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
2013-09-23 09:19 - 2013-10-29 17:48 - 00124928 _____ () C:\Spiele\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.190\deploy\RiotLauncher.dll
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/05/2013 05:58:05 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c4c
Startzeit: 01ceda48158a3b84
Endzeit: 4294967295
Anwendungspfad: C:\Users\Johannes Schwaiger\Downloads\Programme Save\OTL.exe
Berichts-ID: 6fd4506e-463b-11e3-be91-d43d7e37f014
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/03/2013 02:38:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Kickass)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/03/2013 02:38:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Kickass)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/03/2013 02:38:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Kickass)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/03/2013 02:38:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Kickass)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2013 01:39:55 PM) (Source: MsiInstaller) (User: Kickass)
Description: Product: Skype™ 6.1 -- Error 1706. An installation package for the product Skype™ 6.1 cannot be found. Try the installation again using a valid copy of the installation package 'SkypeSetup_6.1.32.129.msi'.
Error: (10/24/2013 08:54:35 PM) (Source: RasClient) (User: )
Description: CoID={1BA88BD4-FE11-445C-9E21-6CE5D71A8982}: Der Benutzer "Kickass\Johannes Schwaiger" hat eine Verbindung mit dem Namen "Deutsche Telekom DSL" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (10/20/2013 07:52:51 PM) (Source: Application Hang) (User: )
Description: Programm SC2.exe, Version 2.0.11.26825 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a78
Startzeit: 01cecdc4c528019b
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\StarCraft II\Versions\Base26490\SC2.exe
Berichts-ID: d028d9f2-39b8-11e3-be8f-d43d7e37f014
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/28/2013 00:58:23 PM) (Source: RasClient) (User: )
Description: CoID={58FC5688-B86B-49B7-A29C-13B710692903}: Der Benutzer "Kickass\Johannes Schwaiger" hat eine Verbindung mit dem Namen "Deutsche Telekom DSL" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (09/28/2013 00:55:46 PM) (Source: RasClient) (User: )
Description: CoID={45093761-EE13-4992-9A41-5B8F5FD7ABEB}: Der Benutzer "Kickass\Johannes Schwaiger" hat eine Verbindung mit dem Namen "Deutsche Telekom DSL" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
System errors:
=============
Error: (11/02/2013 07:04:42 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4
Error: (11/02/2013 05:09:38 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4
Error: (11/01/2013 02:15:55 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4
Error: (10/30/2013 06:13:04 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4
Error: (10/30/2013 04:04:56 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.
Error: (10/30/2013 04:04:56 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.
Error: (10/30/2013 04:04:56 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.
Error: (10/30/2013 04:04:56 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.
Error: (10/30/2013 04:04:56 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.
Error: (10/30/2013 04:04:56 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.
Microsoft Office Sessions:
=========================
Error: (11/05/2013 05:58:05 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0c4c01ceda48158a3b844294967295C:\Users\Johannes Schwaiger\Downloads\Programme Save\OTL.exe6fd4506e-463b-11e3-be91-d43d7e37f014
Error: (11/03/2013 02:38:45 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Kickass)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263
Error: (11/03/2013 02:38:45 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Kickass)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263
Error: (11/03/2013 02:38:45 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Kickass)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263
Error: (11/03/2013 02:38:45 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Kickass)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263
Error: (11/01/2013 01:39:55 PM) (Source: MsiInstaller)(User: Kickass)
Description: Product: Skype™ 6.1 -- Error 1706. An installation package for the product Skype™ 6.1 cannot be found. Try the installation again using a valid copy of the installation package 'SkypeSetup_6.1.32.129.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/24/2013 08:54:35 PM) (Source: RasClient)(User: )
Description: {1BA88BD4-FE11-445C-9E21-6CE5D71A8982}Kickass\Johannes SchwaigerDeutsche Telekom DSL0
Error: (10/20/2013 07:52:51 PM) (Source: Application Hang)(User: )
Description: SC2.exe2.0.11.268251a7801cecdc4c528019b4294967295C:\Program Files (x86)\StarCraft II\Versions\Base26490\SC2.exed028d9f2-39b8-11e3-be8f-d43d7e37f014
Error: (09/28/2013 00:58:23 PM) (Source: RasClient)(User: )
Description: {58FC5688-B86B-49B7-A29C-13B710692903}Kickass\Johannes SchwaigerDeutsche Telekom DSL651
Error: (09/28/2013 00:55:46 PM) (Source: RasClient)(User: )
Description: {45093761-EE13-4992-9A41-5B8F5FD7ABEB}Kickass\Johannes SchwaigerDeutsche Telekom DSL651
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 8124.79 MB
Available physical RAM: 4937.93 MB
Total Pagefile: 31676.79 MB
Available Pagefile: 27508.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.42 GB) (Free:298.4 GB) NTFS
Drive h: (SC2-L100-D1) (CDROM) (Total:7.05 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: D9A4DFFB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Johannes Schwaiger (administrator) on KICKASS on 05-11-2013 18:07:01
Running from C:\Users\Johannes Schwaiger\Downloads\Programme Save
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamSpeak Systems GmbH) C:\Spiele\TS 3\ts3client_win32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(glindorus) C:\Program Files (x86)\glindorus\updateglindorus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Spiele\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Spiele\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.190\deploy\LoLLauncher.exe
() C:\Spiele\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.55\deploy\LolClient.exe
(OldTimer Tools) C:\Users\Johannes Schwaiger\Downloads\Programme Save\OTL.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1672616 2013-07-10] (Valve Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Johannes Schwaiger\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-01] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\Johannes Schwaiger\AppData\Roaming\Spotify\spotify.exe [4640768 2013-08-01] (Spotify Ltd)
MountPoints2: {a94fd9d3-69bb-11e2-be65-806e6f6e6963} - "H:\Installer.exe"
MountPoints2: {c4ca6d89-6ba4-11e2-be69-d43d7e37f014} - "F:\Setup.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-08-30] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\Johannes Schwaiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Johannes Schwaiger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5E03AA49DCFDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {F26CF4E4-F320-4887-81FF-BC551EF3AE3E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=15f1751a-7637-48e1-8353-4f819e5dfef7&apn_sauid=5B178328-334B-4E30-8227-DCBDC3C3ECCA
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: glindorus - {9598e82a-7e09-4438-b425-b9e9718c3c73} - C:\Program Files (x86)\glindorus\glindorusBHO.dll (glindorus)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Johannes Schwaiger\AppData\Roaming\Mozilla\Firefox\Profiles\gxpn4ipj.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Johannes Schwaiger\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GFACE Experience Plugin - C:\Users\Johannes Schwaiger\AppData\Roaming\Mozilla\Firefox\Profiles\gxpn4ipj.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Johannes Schwaiger\AppData\Roaming\Mozilla\Firefox\Profiles\gxpn4ipj.default\Extensions\ich@maltegoetz.de
FF Extension: DownloadHelper - C:\Users\Johannes Schwaiger\AppData\Roaming\Mozilla\Firefox\Profiles\gxpn4ipj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: firefox - C:\Users\Johannes Schwaiger\AppData\Roaming\Mozilla\Firefox\Profiles\gxpn4ipj.default\Extensions\firefox@glindorus.net.xpi
FF Extension: Adblock Plus - C:\Users\Johannes Schwaiger\AppData\Roaming\Mozilla\Firefox\Profiles\gxpn4ipj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: downbarconfig - C:\Users\Johannes Schwaiger\AppData\Roaming\Mozilla\Firefox\Profiles\gxpn4ipj.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://www.google.com/", "hxxp://search.b1.org/?bsrc=hmcor&chid=c167991"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Raidcall plugin) - C:\Users\Johannes Schwaiger\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (glindorus) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe\1.0.0_0
CHR Extension: (Google Docs) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (James White) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0
CHR Extension: (YouTube) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (ProxMate - Improve your Internet!) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.8_0
CHR Extension: (Google Wallet) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\JOHANN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ammjbfijeglcdlnlnhlkdhgjnlgmpehe] - C:\Program Files (x86)\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-23] (Avira Operations GmbH & Co. KG)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3128856 2012-02-28] (devolo AG)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-19] ()
R2 Update glindorus; C:\Program Files (x86)\glindorus\updateglindorus.exe [65312 2013-10-05] (glindorus)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [104184 2012-12-21] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-02-26] (Avira Operations GmbH & Co. KG)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2012-01-31] (CACE Technologies)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)
S3 MSICDSetup; \??\D:\CDriver64.sys [x]
S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]
U2 TMAgent;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-05 18:06 - 2013-11-05 18:06 - 00000000 ____D C:\FRST
2013-11-05 18:05 - 2013-11-05 18:05 - 00114556 _____ C:\Users\Johannes Schwaiger\Desktop\OTL.Txt
2013-11-05 17:33 - 2013-11-05 17:33 - 00581957 _____ C:\Users\Johannes Schwaiger\Desktop\AdwCleaner_1.606_En.exe
2013-11-05 17:33 - 2013-11-05 17:33 - 00000000 ____D C:\Program Files (x86)\glindorus
2013-11-04 01:31 - 2013-11-04 01:31 - 00000000 ____D C:\Users\Johannes Schwaiger\Downloads\stuff
2013-11-03 16:59 - 2013-11-03 16:59 - 00000173 _____ C:\Users\Johannes Schwaiger\AppData\Local\msmathematics.qat.Johannes Schwaiger
2013-11-03 16:56 - 2013-11-03 16:56 - 00001187 _____ C:\Users\Johannes Schwaiger\Desktop\MathApp - Verknüpfung.lnk
2013-11-01 21:06 - 2013-11-01 21:06 - 00001614 _____ C:\Users\Public\Desktop\GeoGebra.lnk
2013-11-01 21:06 - 2013-11-01 21:06 - 00000000 ____D C:\Users\Johannes Schwaiger\AppData\Roaming\GeoGebra 4.4
2013-11-01 13:43 - 2013-11-01 13:43 - 00001122 _____ C:\Users\Johannes Schwaiger\Desktop\Skype - Verknüpfung.lnk
2013-10-31 20:37 - 2013-10-31 20:38 - 00000000 ____D C:\Users\Johannes Schwaiger\Desktop\pic
2013-10-30 22:46 - 2013-11-05 17:52 - 00000199 _____ C:\Users\Johannes Schwaiger\Desktop\Neues Textdokument (3).txt
2013-10-30 22:37 - 2013-10-31 16:01 - 00000000 ____D C:\ProgramData\F-Secure
2013-10-30 16:28 - 2013-10-30 16:28 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-30 16:13 - 2013-11-05 17:20 - 105048247 _____ C:\Windows\SysWOW64\吋睌L˜
2013-10-29 17:48 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-29 17:48 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-29 17:47 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-29 17:47 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-29 17:47 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-29 17:47 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-29 17:47 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-29 17:47 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-29 17:47 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-29 17:47 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-29 17:47 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-29 17:47 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-29 17:47 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-29 17:47 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-29 17:47 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-29 17:47 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-29 17:47 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-29 17:47 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-29 17:47 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-29 17:47 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-29 17:47 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-29 17:47 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-29 17:47 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-29 17:47 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-29 17:47 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-29 17:47 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-29 17:47 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-29 17:47 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-29 17:47 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-29 17:47 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-29 17:47 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-29 17:47 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-29 17:47 - 2013-08-02 07:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-29 17:47 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-29 17:47 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-29 17:47 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-29 17:47 - 2013-08-02 06:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-29 17:47 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-29 17:47 - 2013-07-31 00:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-29 17:47 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-29 17:47 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-29 17:47 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-29 17:47 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-29 17:47 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-29 17:47 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-29 17:47 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-29 17:47 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-29 17:47 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-29 17:47 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-29 17:47 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-29 17:47 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-29 17:47 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-29 17:47 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-29 17:47 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-29 17:47 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-29 17:47 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-29 17:47 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-29 17:47 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-29 17:47 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-29 17:47 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-29 17:47 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-29 17:47 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-29 17:47 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-29 17:47 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-29 17:47 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-29 17:47 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-29 17:47 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-29 17:47 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-29 17:47 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-29 17:47 - 2013-02-21 11:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-29 17:47 - 2013-02-21 11:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-29 17:47 - 2013-02-21 11:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-29 17:47 - 2013-02-21 11:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-29 17:47 - 2013-02-21 11:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-29 17:47 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-29 17:47 - 2013-02-19 10:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-29 17:47 - 2012-11-08 05:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-29 17:47 - 2012-11-08 05:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-26 18:04 - 2013-10-26 18:17 - 00029696 _____ C:\Users\Johannes Schwaiger\Desktop\Haushalt.xls
2013-10-26 10:55 - 2013-11-01 22:08 - 00000000 ____D C:\Users\Johannes Schwaiger\Desktop\Uni
2013-10-25 16:59 - 2013-10-25 16:59 - 00000000 ____D C:\Users\Johannes Schwaiger\Desktop\pdf müll
2013-10-25 16:35 - 2013-11-03 15:01 - 00000000 ____D C:\Uni Programme
2013-10-25 16:35 - 2013-10-25 16:35 - 00004608 _____ C:\Users\Johannes Schwaiger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-25 16:35 - 2013-10-25 16:35 - 00001853 _____ C:\Users\Public\Desktop\measure Dynamics.lnk
==================== One Month Modified Files and Folders =======
2013-11-05 18:06 - 2013-11-05 18:06 - 00000000 ____D C:\FRST
2013-11-05 18:06 - 2013-07-15 15:15 - 00000000 ____D C:\Users\Johannes Schwaiger\Downloads\Programme Save
2013-11-05 18:05 - 2013-11-05 18:05 - 00114556 _____ C:\Users\Johannes Schwaiger\Desktop\OTL.Txt
2013-11-05 18:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-11-05 17:58 - 2013-01-29 05:52 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-05 17:58 - 2013-01-29 05:52 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-05 17:52 - 2013-10-30 22:46 - 00000199 _____ C:\Users\Johannes Schwaiger\Desktop\Neues Textdokument (3).txt
2013-11-05 17:50 - 2013-01-29 03:35 - 01278702 _____ C:\Windows\WindowsUpdate.log
2013-11-05 17:33 - 2013-11-05 17:33 - 00581957 _____ C:\Users\Johannes Schwaiger\Desktop\AdwCleaner_1.606_En.exe
2013-11-05 17:33 - 2013-11-05 17:33 - 00000000 ____D C:\Program Files (x86)\glindorus
2013-11-05 17:20 - 2013-10-30 16:13 - 105048247 _____ C:\Windows\SysWOW64\吋睌L˜
2013-11-05 17:16 - 2013-02-19 17:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-05 17:10 - 2013-01-30 14:41 - 00000000 ____D C:\Users\Johannes Schwaiger\AppData\Roaming\TS3Client
2013-11-05 17:08 - 2013-01-29 03:41 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-641962192-3957690694-3295196625-1001
2013-11-04 23:50 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-11-04 01:31 - 2013-11-04 01:31 - 00000000 ____D C:\Users\Johannes Schwaiger\Downloads\stuff
2013-11-03 19:21 - 2013-01-30 14:35 - 00000000 ____D C:\Users\Johannes Schwaiger\AppData\Roaming\Skype
2013-11-03 17:55 - 2013-01-30 13:33 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-11-03 16:59 - 2013-11-03 16:59 - 00000173 _____ C:\Users\Johannes Schwaiger\AppData\Local\msmathematics.qat.Johannes Schwaiger
2013-11-03 16:56 - 2013-11-03 16:56 - 00001187 _____ C:\Users\Johannes Schwaiger\Desktop\MathApp - Verknüpfung.lnk
2013-11-03 15:01 - 2013-10-25 16:35 - 00000000 ____D C:\Uni Programme
2013-11-03 04:21 - 2013-03-05 13:54 - 00000000 ____D C:\Users\Johannes Schwaiger\AppData\Roaming\Spotify
2013-11-02 15:15 - 2013-07-30 14:34 - 00000000 ____D C:\Users\Johannes Schwaiger\AppData\Local\Spotify
2013-11-02 04:17 - 2013-01-31 18:04 - 00000000 ____D C:\Users\Johannes Schwaiger\Downloads\Wallpaper
2013-11-01 22:08 - 2013-10-26 10:55 - 00000000 ____D C:\Users\Johannes Schwaiger\Desktop\Uni
2013-11-01 21:06 - 2013-11-01 21:06 - 00001614 _____ C:\Users\Public\Desktop\GeoGebra.lnk
2013-11-01 21:06 - 2013-11-01 21:06 - 00000000 ____D C:\Users\Johannes Schwaiger\AppData\Roaming\GeoGebra 4.4
2013-11-01 13:43 - 2013-11-01 13:43 - 00001122 _____ C:\Users\Johannes Schwaiger\Desktop\Skype - Verknüpfung.lnk
2013-11-01 13:39 - 2013-01-30 14:35 - 00000000 ____D C:\ProgramData\Skype
2013-10-31 20:39 - 2012-07-26 11:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2013-10-31 20:39 - 2012-07-26 11:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2013-10-31 20:39 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-31 20:38 - 2013-10-31 20:37 - 00000000 ____D C:\Users\Johannes Schwaiger\Desktop\pic
2013-10-31 20:36 - 2012-07-26 08:21 - 00001867 _____ C:\Windows\setupact.log
2013-10-31 16:01 - 2013-10-30 22:37 - 00000000 ____D C:\ProgramData\F-Secure
2013-10-30 23:02 - 2013-01-31 14:07 - 00000000 ____D C:\Users\Johannes Schwaiger\AppData\Roaming\vlc
2013-10-30 17:57 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-10-30 16:28 - 2013-10-30 16:28 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-30 16:28 - 2013-09-25 12:23 - 00000000 ____D C:\ProgramData\Oracle
2013-10-30 16:28 - 2013-03-20 20:01 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-30 16:21 - 2013-01-29 03:36 - 00000000 ___RD C:\Users\Johannes Schwaiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-30 16:21 - 2013-01-29 03:36 - 00000000 ___RD C:\Users\Johannes Schwaiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-30 16:11 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-30 16:10 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-30 16:09 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-29 22:58 - 2013-01-29 05:52 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-29 18:22 - 2013-02-28 19:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-29 18:19 - 2013-07-13 21:48 - 00000000 ____D C:\Windows\system32\MRT
2013-10-29 18:17 - 2013-01-30 13:16 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-29 18:16 - 2013-02-19 17:00 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-29 17:53 - 2013-01-29 05:52 - 00004122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-29 17:53 - 2013-01-29 05:52 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-26 18:17 - 2013-10-26 18:04 - 00029696 _____ C:\Users\Johannes Schwaiger\Desktop\Haushalt.xls
2013-10-25 16:59 - 2013-10-25 16:59 - 00000000 ____D C:\Users\Johannes Schwaiger\Desktop\pdf müll
2013-10-25 16:35 - 2013-10-25 16:35 - 00004608 _____ C:\Users\Johannes Schwaiger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-25 16:35 - 2013-10-25 16:35 - 00001853 _____ C:\Users\Public\Desktop\measure Dynamics.lnk
2013-10-23 19:14 - 2013-01-29 06:01 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-21 20:46 - 2013-06-19 16:10 - 00000000 ____D C:\Users\Johannes Schwaiger\Documents\ManiaPlanet
2013-10-21 20:42 - 2013-06-19 16:09 - 00000000 ____D C:\ProgramData\ManiaPlanet
2013-10-20 20:07 - 2013-04-14 15:25 - 789866526 _____ C:\Windows\MEMORY.DMP
2013-10-20 20:07 - 2013-04-14 15:25 - 00000000 ____D C:\Windows\Minidump
2013-10-20 20:07 - 2013-01-29 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-20 15:14 - 2013-02-13 02:46 - 00000000 ____D C:\Users\Johannes Schwaiger\AppData\Roaming\.minecraft
2013-10-08 07:50 - 2013-09-25 12:23 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-09-25 12:23 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-09-25 12:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-09-25 12:23 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
Some content of TEMP:
====================
C:\Users\Johannes Schwaiger\AppData\Local\Temp\AskSLib.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\devcon64.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.5.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\FreemakeVideoConverter_4.0.1.2.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\i4jdel0.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\i4jdel1.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\ose00000.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\sfamcc00003.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\sfamcc00004.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\sfareca00001.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\sfextra.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Johannes Schwaiger\AppData\Local\Temp\tmp9CBA.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\tmpEC3E.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\ubi81E3.tmp.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\vlc-2.0.6-win64.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\vlc-2.0.7-win64.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\_isCFE5.exe
C:\Users\Johannes Schwaiger\AppData\Local\Temp\_isD22B.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-29 16:50
==================== End Of Log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
