Vielen Dank für deine schnelle Antwort,
hier meine logfiles von malware und nachdem ich Dateien bereinigt habe:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.03.31.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Jule :: JUL3 [Administrator]
07.04.2014 09:26:09
mbam-log-2014-04-07 (09-26-09).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 531602
Laufzeit: 1 Stunde(n), 43 Minute(n), 32 Sekunde(n)
Infizierte Speicherprozesse: 1
C:\ProgramData\GreenApp\SW_Booster\SW_Booster.exe (PUP.Optional.MultiPlug.A) -> 4440 -> Löschen bei Neustart.
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-1278479691 (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{A93B9987-99E5-EED1-BB6C-9CFE90A79687} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A93B9987-99E5-EED1-BB6C-9CFE90A79687} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A93B9987-99E5-EED1-BB6C-9CFE90A79687} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E0338C06-5319-1CFE-9D6F-B0C3736918A2} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0338C06-5319-1CFE-9D6F-B0C3736918A2} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E0338C06-5319-1CFE-9D6F-B0C3736918A2} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{497C131E-2032-051B-B32A-C69A960FBB13} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (Trojan.SProtector) -> Bösartig: (c:\progra~2\sw_boo~1\assist~1.dll) Gut: () -> Erfolgreich ersetzt und in Quarantäne gestellt.
Infizierte Verzeichnisse: 2
C:\Program Files (x86)\YoutubeAdblocker (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\YoutubeAdblocker (PUP.Optional.YoutubeAdblocker.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 15
C:\Program Files (x86)\SW_Booster\Assistant.dll (Trojan.SProtector) -> Löschen bei Neustart.
C:\Program Files (x86)\SW_Booster\AssistantSvc.dll (Trojan.SProtector) -> Löschen bei Neustart.
C:\ProgramData\GreenApp\SW_Booster\SW_Booster.exe (PUP.Optional.MultiPlug.A) -> Löschen bei Neustart.
C:\Program Files (x86)\YoutubeAdblocker\jb2srENOY.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\safeweb\B8D.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\safeweb\B8D.x64.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\YoutubeAdblocker\jb2srENOY.x64.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\safeweb\5h23.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\YoutubeAdblocker\Y1q9g_xKF0.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7003BR1O\agup[1].exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9BZ4QNH\tpq[1].exe (Trojan.SProtector) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Downloads\Philipp Poisel - Wer braucht schon Worte.exe (PUP.Optional.Installrex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\YoutubeAdblocker\jb2srENOY.dat (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\YoutubeAdblocker\jb2srENOY.tlb (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\YoutubeAdblocker\Y1q9g_xKF0.dat (PUP.Optional.YoutubeAdblocker.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
zweite:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.04.07.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Jule :: JUL3 [Administrator]
07.04.2014 20:42:11
mbam-log-2014-04-07 (20-42-11).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 534631
Laufzeit: 1 Stunde(n), 41 Minute(n), 23 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 4
C:\Users\Jule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FCM5V417\Cv[1].exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2JFGIOI\iI_[1].exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9BZ4QNH\c8E38U[1].exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9BZ4QNH\O4rm2unsw[1].exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
dritte:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.04.07.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16659
Jule :: JUL3 [Administrator]
10.04.2014 15:58:39
mbam-log-2014-04-10 (15-58-39).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 539602
Laufzeit: 1 Stunde(n), 41 Minute(n), 35 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
D:\Downloads\Media_Player_Setup.exe (PUP.Optional.OptimumInstaller.A) -> Keine Aktion durchgeführt.
(Ende)
und die FRST:
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by Jule (administrator) on JUL3 on 11-04-2014 17:10:07
Running from D:\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Jule\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Jule\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Windows7FirewallControl] - C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1131008 2012-09-21] (Sphinx Software)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-321000911-1065542638-454531928-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-321000911-1065542638-454531928-1000\...\Run: [Spotify Web Helper] - C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-10] (Spotify Ltd)
HKU\S-1-5-21-321000911-1065542638-454531928-1000\...\Run: [Spotify] - C:\Users\Jule\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-10] (Spotify Ltd)
HKU\S-1-5-21-321000911-1065542638-454531928-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-321000911-1065542638-454531928-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-321000911-1065542638-454531928-1000\...\MountPoints2: {e2630e6e-51d3-11e2-bd13-b870f47dc69d} - F:\SETUP.EXE
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~2\SW_BOO~1\ASSIST~2.DLL => C:\Program Files (x86)\SW_Booster\Assistant_x64.dll [4210176 2014-04-06] ()
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\Users\Jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jule\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: YoutubeAdblocker - {A93B9987-99E5-EED1-BB6C-9CFE90A79687} - C:\Program Files (x86)\YoutubeAdblocker\jb2srENOY.x64.dll No File
BHO: safeweb - {E0338C06-5319-1CFE-9D6F-B0C3736918A2} - C:\Program Files (x86)\safeweb\B8D.x64.dll No File
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\zzbh50bk.default
FF user.js: detected! => C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\zzbh50bk.default\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: safewEB - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\zzbh50bk.default\Extensions\byaaa4.rs@yqnzldeeh.co.uk [2014-04-06]
FF Extension: YoutubeAdblocker - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\zzbh50bk.default\Extensions\pvafsltl@t-lit.co.uk [2014-04-06]
FF Extension: Flashblock - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\zzbh50bk.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-04-11]
FF Extension: WEB.DE MailCheck - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\zzbh50bk.default\Extensions\toolbar@web.de.xpi [2014-04-10]
FF Extension: Adblock Plus - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\zzbh50bk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-01-03]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Jule\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07]
CHR Extension: (Google Drive) - C:\Users\Jule\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07]
CHR Extension: (YouTube) - C:\Users\Jule\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]
CHR Extension: (Google-Suche) - C:\Users\Jule\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]
CHR Extension: (Freemake Video Converter) - C:\Users\Jule\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2014-04-07]
CHR Extension: (Google Wallet) - C:\Users\Jule\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]
CHR Extension: (Google Mail) - C:\Users\Jule\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [764416 2012-09-21] (Sphinx Software)
S2 3e9deaca; "C:\Windows\system32\rundll32.exe" "c:\progra~2\sw_boo~1\AssistantSvc.dll",service
==================== Drivers (Whitelisted) ====================
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2012-12-29] ()
U3 auziu46x; C:\Windows\System32\Drivers\auziu46x.sys [0 ] (Microsoft Corporation)
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-11 17:09 - 2014-04-11 17:10 - 00000000 ____D () C:\FRST
2014-04-10 00:01 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 00:01 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 00:00 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 00:00 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 23:58 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 23:58 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 23:58 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 23:58 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 23:58 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 23:58 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 23:58 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 23:58 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 23:58 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 23:58 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 23:58 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 23:58 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 23:58 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 23:58 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 23:58 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 23:58 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 23:57 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 13:22 - 2014-04-11 14:04 - 00000000 ___RD () C:\Users\Jule\Google Drive
2014-04-07 21:14 - 2014-04-11 16:19 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 21:14 - 2014-04-11 14:03 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-07 21:14 - 2014-04-07 21:19 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-07 21:14 - 2014-04-07 21:14 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-07 21:14 - 2014-04-07 21:14 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-06 23:56 - 2014-04-11 14:03 - 00000442 ____H () C:\Windows\Tasks\SW_Booster-S-1278479691.job
2014-04-06 23:56 - 2014-04-07 13:41 - 00000000 ____D () C:\Program Files (x86)\SW_Booster
2014-04-06 23:56 - 2014-04-06 23:56 - 00002688 _____ () C:\Windows\System32\Tasks\SW_Booster-S-1278479691
2014-04-06 23:56 - 2014-04-06 23:56 - 00000000 ____D () C:\ProgramData\GreenApp
2014-04-06 23:55 - 2014-04-07 21:15 - 00000000 ____D () C:\Users\Jule\AppData\Local\Google
2014-04-06 23:55 - 2014-04-07 13:40 - 00000000 ____D () C:\ProgramData\safeweb
2014-04-06 23:55 - 2014-04-07 13:40 - 00000000 ____D () C:\Program Files (x86)\safeweb
2014-04-06 23:55 - 2014-04-06 23:56 - 00000000 ____D () C:\ProgramData\d719c8dd0670dc8d
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Jule\AppData\Local\Torch
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Jule\AppData\Local\Packages
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Jule\AppData\Local\Comodo
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Gast
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Administrator
2014-04-06 23:54 - 2014-04-06 23:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-13 21:10 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 21:10 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 21:10 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 21:10 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 21:09 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 21:09 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 21:09 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 21:09 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 21:09 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 21:09 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 21:09 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 21:09 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 21:09 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 21:09 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 21:09 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 21:09 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 21:09 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 21:09 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 21:09 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 21:09 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 21:09 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 21:09 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 21:09 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 21:09 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 21:09 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 21:09 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 21:09 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 21:09 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 21:09 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 21:09 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 21:09 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 21:09 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 21:09 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 21:09 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 21:09 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 21:09 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 21:09 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 21:09 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 21:09 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 21:09 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 21:08 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 21:08 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 21:08 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 21:08 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
==================== One Month Modified Files and Folders =======
2014-04-11 17:10 - 2014-04-11 17:09 - 00000000 ____D () C:\FRST
2014-04-11 16:29 - 2013-01-03 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-11 16:19 - 2014-04-07 21:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-11 16:03 - 2012-12-29 15:53 - 01174404 _____ () C:\Windows\WindowsUpdate.log
2014-04-11 15:59 - 2013-04-06 11:10 - 00000000 ____D () C:\Users\Jule\AppData\Roaming\Spotify
2014-04-11 14:11 - 2009-07-14 06:45 - 00013248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-11 14:11 - 2009-07-14 06:45 - 00013248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-11 14:05 - 2013-06-28 15:09 - 00000000 ___RD () C:\Users\Jule\Dropbox
2014-04-11 14:05 - 2013-06-28 15:05 - 00000000 ____D () C:\Users\Jule\AppData\Roaming\Dropbox
2014-04-11 14:04 - 2014-04-08 13:22 - 00000000 ___RD () C:\Users\Jule\Google Drive
2014-04-11 14:03 - 2014-04-07 21:14 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-11 14:03 - 2014-04-06 23:56 - 00000442 ____H () C:\Windows\Tasks\SW_Booster-S-1278479691.job
2014-04-11 14:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 14:03 - 2009-07-14 06:51 - 00093268 _____ () C:\Windows\setupact.log
2014-04-10 19:32 - 2013-04-06 11:11 - 00000000 ____D () C:\Users\Jule\AppData\Local\Spotify
2014-04-10 18:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-10 15:25 - 2012-12-29 18:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 15:24 - 2013-09-01 10:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 15:22 - 2012-12-29 19:50 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 18:39 - 2013-01-16 23:29 - 00000000 ____D () C:\Users\Jule\AppData\Roaming\Skype
2014-04-08 13:22 - 2012-12-29 15:59 - 00000000 ____D () C:\Users\Jule
2014-04-08 08:51 - 2012-12-29 18:54 - 00168718 _____ () C:\Windows\PFRO.log
2014-04-07 21:19 - 2014-04-07 21:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-07 21:15 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Jule\AppData\Local\Google
2014-04-07 21:14 - 2014-04-07 21:14 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-07 21:14 - 2014-04-07 21:14 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-07 14:44 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-04-07 14:44 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-04-07 14:44 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-07 13:41 - 2014-04-06 23:56 - 00000000 ____D () C:\Program Files (x86)\SW_Booster
2014-04-07 13:40 - 2014-04-06 23:55 - 00000000 ____D () C:\ProgramData\safeweb
2014-04-07 13:40 - 2014-04-06 23:55 - 00000000 ____D () C:\Program Files (x86)\safeweb
2014-04-07 10:02 - 2013-03-06 19:54 - 00000000 ____D () C:\Users\Jule\AppData\Local\CrashDumps
2014-04-06 23:56 - 2014-04-06 23:56 - 00002688 _____ () C:\Windows\System32\Tasks\SW_Booster-S-1278479691
2014-04-06 23:56 - 2014-04-06 23:56 - 00000000 ____D () C:\ProgramData\GreenApp
2014-04-06 23:56 - 2014-04-06 23:55 - 00000000 ____D () C:\ProgramData\d719c8dd0670dc8d
2014-04-06 23:56 - 2014-04-06 23:54 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Jule\AppData\Local\Torch
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Jule\AppData\Local\Packages
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Jule\AppData\Local\Comodo
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Gast
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-06 23:55 - 2014-04-06 23:55 - 00000000 ____D () C:\Users\Administrator
2014-04-03 13:42 - 2011-10-12 17:43 - 00000000 ____D () C:\Users\Jule\Studium
2014-04-03 13:20 - 2013-01-03 11:51 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-03 12:05 - 2012-12-29 17:10 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-03 12:05 - 2012-12-29 17:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-03 12:05 - 2012-12-29 17:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-31 03:16 - 2014-04-10 00:01 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-10 00:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-10 00:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 00:01 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-24 14:38 - 2013-04-03 12:49 - 00000000 ____D () C:\Users\Jule\AppData\Local\Windows Live
2014-03-21 16:52 - 2013-01-12 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-21 14:25 - 2014-02-17 10:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:47 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-14 21:52 - 2009-07-14 06:45 - 00348496 _____ () C:\Windows\system32\FNTCACHE.DAT
Some content of TEMP:
====================
C:\Users\Jule\AppData\Local\Temp\AskSLib.dll
C:\Users\Jule\AppData\Local\Temp\install_flashplayer11x32_mssa_aih.exe
C:\Users\Jule\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Jule\AppData\Local\Temp\ose00000.exe
C:\Users\Jule\AppData\Local\Temp\ose00002.exe
C:\Users\Jule\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Jule\AppData\Local\Temp\Uni000.exe
C:\Users\Jule\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Jule\AppData\Local\Temp\WZCPlugin_VISTA.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-09 00:34
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Addition:FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Jule at 2014-04-11 17:11:02
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.2.0.0 - Swiss Academic Software)
Combined Community Codec Pack 2013-05-30 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.05.30.0 - CCCP Project)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EXMARaLDA 1.8 (HKLM-x32\...\EXMARaLDA_is1) (Version: - Thomas Schmidt, Kai Woerner, Timm Lehmberg, Hanna Hedeland)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.2.430 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.2.430 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Packard Bell)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.70.1104.04 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nero 8 (HKLM-x32\...\{5FCCD531-1B38-4A94-924C-127F722F1031}) (Version: 8.2.87 - Nero AG)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PSTViewer Pro (HKLM\...\{A2F394E3-759C-42C7-84E3-6AA0E0B92A53}) (Version: 5.0.1.2798 - Encryptomatic, LLC)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
SW_Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{3e9deaca}) (Version: - Certified Publisher)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows7FirewallControl (x64) 5.1.7.69 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.1.7.69 - Sphinx Software)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {09B94437-931F-4F2C-947C-1410E533BCA9} - System32\Tasks\{0AEE5C01-4932-41DA-B6D4-DE3EBD7CA3CD} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.1.0.129.272&LastError=12029
Task: {10DA6DC9-0C54-480F-8516-00A7DD337766} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)
Task: {F2A13FB1-7A7B-4DBF-BA87-F156467C92F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)
Task: {F397DAC6-D853-4E22-8A93-2385C69B3694} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {F96281C1-4073-452C-BC1F-F5A6651EE8FB} - System32\Tasks\SW_Booster-S-1278479691 => c:\programdata\greenapp\sw_booster\SW_Booster.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SW_Booster-S-1278479691.job => c:\programdata\greenapp\sw_booster\SW_Booster.exe
==================== Loaded Modules (whitelisted) =============
2012-12-29 16:55 - 2012-10-02 21:51 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-29 21:06 - 2011-10-26 18:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2013-01-03 11:51 - 2009-02-10 17:01 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-09-30 16:44 - 2014-04-10 19:32 - 00602680 _____ () C:\Users\Jule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-04-06 11:11 - 2014-04-10 19:32 - 36966968 _____ () C:\Users\Jule\AppData\Roaming\Spotify\Data\libcef.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Jule\AppData\Roaming\Dropbox\bin\libcef.dll
2014-04-11 14:04 - 2014-04-11 14:04 - 00098816 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32api.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00110080 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\pywintypes27.dll
2014-04-11 14:04 - 2014-04-11 14:04 - 00364544 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\pythoncom27.dll
2014-04-11 14:04 - 2014-04-11 14:04 - 00044032 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\_socket.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 01157120 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\_ssl.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00320512 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32com.shell.shell.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00712192 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\_hashlib.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 01175040 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\wx._core_.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00805888 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\wx._gdi_.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00811008 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\wx._windows_.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 01062400 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\wx._controls_.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00735232 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\wx._misc_.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00128512 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\_elementtree.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00127488 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\pyexpat.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00557056 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\pysqlite2._sqlite.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00087040 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\_ctypes.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00119808 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32file.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00108544 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32security.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00018432 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32event.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00038912 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32inet.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00122368 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\wx._wizard.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00070656 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\wx._html2.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00026624 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\_multiprocessing.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00010240 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\select.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00024064 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32pipe.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00686080 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\unicodedata.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00025600 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32pdh.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00525640 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\windows._lib_cacheinvalidation.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00011264 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32crypt.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00035840 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32process.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00017408 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32profile.pyd
2014-04-11 14:04 - 2014-04-11 14:04 - 00022528 _____ () C:\Users\Jule\AppData\Local\Temp\_MEI26242\win32ts.pyd
2013-09-30 16:44 - 2014-04-10 19:32 - 00886840 _____ () C:\Users\Jule\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-30 16:44 - 2014-04-10 19:32 - 00108600 _____ () C:\Users\Jule\AppData\Roaming\Spotify\Data\libegl.dll
2014-03-11 19:29 - 2014-03-11 19:29 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2014-02-12 22:15 - 2014-02-12 22:15 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aeb07412ad41bff851002a4cd8ed97d1\IsdiInterop.ni.dll
2012-12-29 16:23 - 2011-02-18 09:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-17 10:47 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-04-07 21:19 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-04-07 21:19 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-04-07 21:19 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-04-07 21:19 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-04-07 21:19 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-04-07 21:19 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/07/2014 09:58:20 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: xul.dll, Version: 28.0.0.5186, Zeitstempel: 0x53240e04
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00184729
ID des fehlerhaften Prozesses: 0xac
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/27/2014 11:07:22 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003
Error: (02/12/2014 11:05:49 AM) (Source: SecureW2) (User: )
Description: SW2_EAP_FUNCTION_GetIdentity Failed
Error: (01/29/2014 01:55:43 PM) (Source: SecureW2) (User: )
Description: SW2_EAP_FUNCTION_GetIdentity Failed
Error: (01/19/2014 04:22:16 PM) (Source: Application Hang) (User: )
Description: Programm WINWORD.EXE, Version 12.0.6690.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3bf4
Startzeit: 01cf1521c6b40a35
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
Berichts-ID: 14c0c721-8115-11e3-ad0f-b870f47dc69d
Error: (01/19/2014 04:21:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 12.0.6690.5000, Zeitstempel: 0x52881869
Name des fehlerhaften Moduls: mso.dll, Version: 12.0.6683.5000, Zeitstempel: 0x51e6dff3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00c59c78
ID des fehlerhaften Prozesses: 0x3494
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3
Error: (01/16/2014 11:18:28 AM) (Source: SecureW2) (User: )
Description: SW2_EAP_FUNCTION_GetIdentity Failed
Error: (01/12/2014 09:45:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FreemakeVC.exe, Version: 4.0.1.6, Zeitstempel: 0x51a70fc9
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.30319.1, Zeitstempel: 0x4ba1dbbe
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008ae6e
ID des fehlerhaften Prozesses: 0x15e4
Startzeit der fehlerhaften Anwendung: 0xFreemakeVC.exe0
Pfad der fehlerhaften Anwendung: FreemakeVC.exe1
Pfad des fehlerhaften Moduls: FreemakeVC.exe2
Berichtskennung: FreemakeVC.exe3
Error: (12/15/2013 03:52:03 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.1.9.4, Zeitstempel: 0x513f4a8f
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1304
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (12/14/2013 09:15:25 PM) (Source: Application Hang) (User: )
Description: Programm spotify.exe, Version 0.9.6.81 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: df4
Startzeit: 01cef90090ce4625
Endzeit: 8
Anwendungspfad: C:\Users\Jule\AppData\Roaming\Spotify\spotify.exe
Berichts-ID: 00668aaa-64f4-11e3-8f0d-b870f47dc69d
System errors:
=============
Error: (04/11/2014 02:04:07 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SW_Sustainer erreicht.
Error: (04/10/2014 07:25:37 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SW_Sustainer erreicht.
Error: (04/10/2014 06:28:43 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/10/2014 03:31:23 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SW_Sustainer erreicht.
Error: (04/10/2014 03:28:54 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.169.2154.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (04/10/2014 03:16:27 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SW_Sustainer erreicht.
Error: (04/09/2014 11:42:36 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SW_Sustainer erreicht.
Error: (04/09/2014 01:31:20 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/08/2014 01:07:13 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SW_Sustainer erreicht.
Error: (04/08/2014 08:52:35 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SW_Sustainer erreicht.
Microsoft Office Sessions:
=========================
Error: (07/12/2013 11:54:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3426 seconds with 2640 seconds of active time. This session ended with a crash.
Error: (02/26/2013 03:27:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1780 seconds with 1680 seconds of active time. This session ended with a crash.
Error: (02/26/2013 02:57:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4999 seconds with 960 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 5995.86 MB
Available physical RAM: 2529.46 MB
Total Pagefile: 11989.9 MB
Available Pagefile: 8236.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:70 GB) (Free:4.33 GB) NTFS
Drive d: (Daten) (Fixed) (Total:841.41 GB) (Free:795.34 GB) NTFS
Drive e: (URSULA_KARVEN__YOGA_DEL_MAR) (CDROM) (Total:7.56 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 16A03036)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=70 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=841 GB) - (Type=07 NTFS)
==================== End Of Log ============================
--- --- ---
FRST 32-Bit | FRST 64-Bit
Lesestoff: