| ruepel3007 | 07.08.2013 09:54 |
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-08-2013
Ran by Toshiba (administrator) on 07-08-2013 10:40:15
Running from C:\Users\Toshiba\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Bake Cake) C:\Users\Toshiba\AppData\Roaming\Web Cake\WebCakeDesktop.exe
() C:\Users\Toshiba\AppData\Roaming\BrowserCompanion\tcbhn.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
() C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
() C:\Users\Toshiba\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(cake bake) C:\Program Files\WADesktop.Updater.exe
(Apple Inc.) C:\AirPrint\airprint.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\system32\schtasks.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [180224 2006-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Ocs_SM] - C:\Users\Toshiba\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2011-08-24] (OCS)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-25] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [WebCake Desktop] - C:\Users\Toshiba\AppData\Roaming\Web Cake\WebCakeDesktop.exe [52504 2013-08-02] (Bake Cake)
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-10] (TOSHIBA)
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-10] (TOSHIBA)
Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
ShortcutTarget: tcbhn.lnk -> C:\Users\Toshiba\AppData\Roaming\BrowserCompanion\tcbhn.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?affID=121150&tt=gc_&babsrc=HP_ss&mntrId=5C7000166F8BB878
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?affID=121150&tt=gc_&babsrc=HP_ss&mntrId=5C7000166F8BB878
URLSearchHook: (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=121150&tt=gc_&babsrc=SP_ss&mntrId=5C7000166F8BB878
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=121150&tt=gc_&babsrc=SP_ss&mntrId=5C7000166F8BB878
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=hamstersoft&o=10148&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=A2&apn_dtid=YYYYYYYYDE&apn_uid=E59FDCAA-F13E-494E-AD27-5AA19E54E63F&apn_sauid=5BB679FA-0B6D-469C-ADFB-5A9B830B9567
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {66AEDB1A-04CB-4D3A-9C21-7644849490C5} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=13ce6d88-e0fb-442a-aaa6-9fabcb0c2f1a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6F0FDD08-6142-45F9-8892-F8A1E39B041B} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=13ce6d88-e0fb-442a-aaa6-9fabcb0c2f1a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {842E17C7-E75A-4795-9E7D-A093B7BDB278} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=13ce6d88-e0fb-442a-aaa6-9fabcb0c2f1a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://search.chatzum.com/?q={SearchTerms}
SearchScopes: HKCU - {AE9BFECA-5EAD-42D9-83BC-B32F5FF4E5A1} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=13ce6d88-e0fb-442a-aaa6-9fabcb0c2f1a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74734578742E617370783F713D7B7365617263685465726D737D26536561726368536F757263653D3426637469643D435432323639303530&st={searchTerms}&clid=13ce6d88-e0fb-442a-aaa6-9fabcb0c2f1a&pid=freewarede&k=0
SearchScopes: HKCU - {B79F93BB-364A-4A40-B1F0-A3C1F471D269} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=13ce6d88-e0fb-442a-aaa6-9fabcb0c2f1a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {CCF7C1B2-8510-4ED8-90C1-0AC37798624F} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=13ce6d88-e0fb-442a-aaa6-9fabcb0c2f1a&pid=freewarede&mode=bounce&k=0
BHO: Browser Companion Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll ( )
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll ( )
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU -No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default
FF user.js: detected! => C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\user.js
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.6.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\search-safer.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Users\Toshiba\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Browser Companion Helper - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\Extensions\bbrs_002@blabbers.com
FF Extension: O2CPlayer Plugin - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\Extensions\o2cplayer@eleco.com
FF Extension: Garmin Communicator - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qrxq0tdi.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
========================== Services (Whitelisted) =================
R2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2847696 2013-07-26] ()
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
R2 SearchAnonymizer; C:\Users\Toshiba\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2011-08-24] ()
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-07-03] ()
R2 WebCake Desktop Updater; C:\Program Files\WADesktop.Updater.exe [51992 2013-08-02] (cake bake)
R2 AirPrint; C:\AirPrint\airprint.exe -R _ipp._tcp,_universal -s [x]
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2593792 2007-02-14] (Intel® Corporation)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-09-28] ()
S3 Afc; system32\drivers\Afc.sys [x]
S1 MpKsl51bde543; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37C2FEC2-FA90-4CF6-8B1E-206C627F9DE7}\MpKsl51bde543.sys [x]
S3 Tosrfcom; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-07 10:39 - 2013-08-07 10:39 - 00000000 ____D C:\FRST
2013-08-07 10:38 - 2013-08-07 10:39 - 01229076 _____ (Farbar) C:\Users\Toshiba\Desktop\FRST.exe
2013-08-06 11:28 - 2013-08-06 11:28 - 00000000 ____D C:\Program Files\Web Cake
2013-08-02 15:29 - 2013-08-07 08:40 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Web Cake
2013-08-02 15:29 - 2013-08-02 15:29 - 00051992 _____ (cake bake) C:\Program Files\WADesktop.Updater.exe
2013-07-18 19:00 - 2013-07-18 19:01 - 00000000 ____D C:\Users\Toshiba\EasternGraphics
2013-07-18 19:00 - 2013-07-18 19:00 - 00000000 ___HD C:\ProgramData\{9559969E-5786-48CA-87AB-B7695EC37420}
2013-07-18 18:57 - 2013-08-02 16:18 - 00000000 ____D C:\Program Files\EasternGraphics
2013-07-18 18:56 - 2013-07-18 18:56 - 00000000 ____D C:\ProgramData\EasternGraphics
2013-07-16 13:54 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-16 13:54 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-16 13:54 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-16 13:54 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-16 13:54 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-16 13:54 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-16 13:54 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-16 13:54 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-16 13:54 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-16 13:54 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-16 13:54 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-16 13:54 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-16 13:54 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-16 13:54 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-16 13:54 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-16 13:54 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-16 13:16 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-16 13:16 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-16 13:16 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-16 13:16 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 09:01 - 2013-07-10 09:01 - 00000000 ____D C:\ProgramData\McAfee
2013-07-10 08:44 - 2013-07-16 13:34 - 00027648 _____ C:\Users\Toshiba\Desktop\Danksagungen.xls
==================== One Month Modified Files and Folders =======
2013-08-07 10:39 - 2013-08-07 10:39 - 00000000 ____D C:\FRST
2013-08-07 10:39 - 2013-08-07 10:38 - 01229076 _____ (Farbar) C:\Users\Toshiba\Desktop\FRST.exe
2013-08-07 10:35 - 2009-07-14 06:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-07 10:35 - 2009-07-14 06:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-07 10:32 - 2013-03-09 09:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-07 09:56 - 2010-02-19 11:24 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-07 08:45 - 2013-03-27 05:53 - 01548422 ____N C:\Windows\WindowsUpdate.log
2013-08-07 08:41 - 2010-02-19 11:24 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-07 08:40 - 2013-08-02 15:29 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Web Cake
2013-08-07 08:40 - 2012-04-12 22:34 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\BrowserCompanion
2013-08-07 08:40 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-06 11:28 - 2013-08-06 11:28 - 00000000 ____D C:\Program Files\Web Cake
2013-08-06 10:35 - 2009-10-31 16:08 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-06 07:57 - 2010-02-19 11:23 - 00000000 ____D C:\Program Files\Google
2013-08-06 07:31 - 2013-05-12 14:30 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-08-05 15:59 - 2009-11-05 16:48 - 00000000 ____D C:\Users\Toshiba\Desktop\Sebastian
2013-08-02 16:18 - 2013-07-18 18:57 - 00000000 ____D C:\Program Files\EasternGraphics
2013-08-02 16:01 - 2012-09-17 11:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-08-02 15:29 - 2013-08-02 15:29 - 00051992 _____ (cake bake) C:\Program Files\WADesktop.Updater.exe
2013-08-02 15:24 - 2012-07-29 11:55 - 00000000 ____D C:\Program Files\Web Assistant
2013-07-18 19:01 - 2013-07-18 19:00 - 00000000 ____D C:\Users\Toshiba\EasternGraphics
2013-07-18 19:00 - 2013-07-18 19:00 - 00000000 ___HD C:\ProgramData\{9559969E-5786-48CA-87AB-B7695EC37420}
2013-07-18 19:00 - 2009-10-31 16:07 - 00000000 ____D C:\Users\Toshiba
2013-07-18 18:56 - 2013-07-18 18:56 - 00000000 ____D C:\ProgramData\EasternGraphics
2013-07-18 10:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-18 10:04 - 2009-07-14 06:33 - 00460216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-18 10:02 - 2009-07-14 10:57 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-18 10:02 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-16 13:53 - 2009-11-01 17:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-16 13:48 - 2009-10-31 20:43 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-16 13:34 - 2013-07-10 08:44 - 00027648 _____ C:\Users\Toshiba\Desktop\Danksagungen.xls
2013-07-10 09:31 - 2013-03-09 09:12 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-10 09:31 - 2011-08-17 18:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-10 09:31 - 2009-11-05 17:29 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Adobe
2013-07-10 09:01 - 2013-07-10 09:01 - 00000000 ____D C:\ProgramData\McAfee
2013-07-10 08:39 - 2013-06-26 21:01 - 00000000 ____D C:\Users\Toshiba\Desktop\PP FRIEDA
2013-07-09 09:54 - 2012-07-10 16:20 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Paint.NET
Files to move or delete:
====================
C:\Users\Toshiba\jobq.dat
C:\Users\Toshiba\sj646ge.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-18 12:23
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-08-2013
Ran by Toshiba at 2013-08-07 10:44:22
Running from C:\Users\Toshiba\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
ALPS Touch Pad Driver (Version: 7.0.301.4)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Software Suite
Bluetooth Stack for Windows by Toshiba (Version: v7.00.10(T))
Bonjour (Version: 3.0.0.10)
BrowserCompanion
BrowserProtect
Canon Easy-PhotoPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon iP4800 series Benutzerregistrierung
Canon iP4800 series Printer Driver
Canon My Printer
Canon Solution Menu EX
CCleaner
CD/DVD Drive Acoustic Silencer (Version: 2.00.02)
CDBurnerXP (Version: 4.4.0.3018)
CD-LabelPrint
CutePDF Writer 2.8
Delta Chrome Toolbar
Delta toolbar (Version: 1.8.16.16)
Documents To Go Desktop für iOS (Version: 4.0001.010)
EGR-ShellExtension (Version: 1.1.0.100)
FreeOCR v4.2
Garmin USB Drivers (Version: 1.0.0.0)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.5)
GENprofi - Stammbaum (Version: v3.2(40327) (UNICODE))
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Hex-Editor MX (Version: 6.0)
HP PrecisionScan LTX
iCloud (Version: 2.1.2.8)
Img2gps v2.81
Intel(R) Graphics Media Accelerator Driver
iTunes (Version: 11.0.4.4)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
OptiSchicht
Paint.NET v3.5.10 (Version: 3.60.0)
Realtek AC'97 Audio
Schichtplan
SearchAnonymizer (Version: 1.0.1 (de))
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.23.0000)
TIPCI (Version: 1.23.0000)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.00.00)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Video Downloader version 2.0 (Version: 2.0)
Web Assistant version 2.0.0.612 (Version: 2.0.0.612)
WebCake 3.00 (Version: 3.00)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) (Version: 03/08/2007 2.2.1.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
==================== Restore Points =========================
26-06-2013 19:11:46 Uniblue SpeedUpMyPC installation
26-06-2013 19:23:35 Windows Update
02-07-2013 14:06:32 Windows Update
09-07-2013 07:10:39 Windows Update
16-07-2013 11:17:41 Windows Update
16-07-2013 11:36:37 Windows Update
02-08-2013 13:40:30 Windows Update
02-08-2013 14:13:45 Removed GlobalEnglish Learning Technology
02-08-2013 14:14:43 Removed GlobalEnglish Learning Technology
06-08-2013 14:01:22 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03EB79E7-88E2-4DB9-829A-B0A4C9F40657} - System32\Tasks\c18a0280 => C:\Users\Toshiba\AppData\Local\Temp\\setup797047296.exe No File
Task: {0943D9F1-B234-47FB-8AF0-BE8E342F97CB} - System32\Tasks\b6163260 => C:\Users\Toshiba\AppData\Local\Temp\\setup2901783000.exe No File
Task: {0C904D32-78DC-4848-8FAB-D385E2C8419E} - System32\Tasks\6a80d100 => C:\Users\Toshiba\AppData\Local\Temp\\setup2588199012.exe No File
Task: {1243E155-619D-4F2E-B521-E23D6CC24730} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {196D3015-771A-48D3-AAFD-3688863E28D4} - System32\Tasks\EPUpdater => C:\Users\Toshiba\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {2011FC55-0F0B-4776-B761-E97B827D29BF} - System32\Tasks\ebd09888 => C:\Users\Toshiba\AppData\Local\Temp\\setup3956316296.exe No File
Task: {2C468D3A-7757-4210-9303-9308C16DF986} - System32\Tasks\c0e53dc0 => C:\Users\Toshiba\AppData\Local\Temp\\setup2798747904.exe No File
Task: {2CA6EF72-535B-4BEC-87A9-604E013A8B82} - System32\Tasks\69fac980 => C:\Users\Toshiba\AppData\Local\Temp\\setup1012417984.exe No File
Task: {323441F8-CEC8-470C-9AF9-08048D32AD3E} - System32\Tasks\71ff92c0 => C:\Users\Toshiba\AppData\Local\Temp\\setup1234450496.exe No File
Task: {4B3CC5F0-49C7-41C9-B256-31A58BEE9848} - System32\Tasks\d6ee2ae8 => C:\Users\Toshiba\AppData\Local\Temp\\setup1510801960.exe No File
Task: {501B9F4E-0290-4C88-83C4-44BD5DE9DCB4} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {54A55FBC-48C7-4829-8E00-75DBA693714E} - System32\Tasks\2d405a28 => C:\Users\Toshiba\AppData\Local\Temp\\setup606067104.exe No File
Task: {5C314BDB-1263-49E8-B09A-8A9BDB0FE23D} - System32\Tasks\62bdc800 => C:\Users\Toshiba\AppData\Local\Temp\\setup1306604672.exe No File
Task: {5DAE9F6C-7CBE-42F7-83D7-287297BB3FF2} - System32\Tasks\81e7edd0 => C:\Users\Toshiba\AppData\Local\Temp\\setup2093327380.exe No File
Task: {6060BB84-DC8A-4E4B-8708-8C22363F4C24} - System32\Tasks\cc952f10 => C:\Users\Toshiba\AppData\Local\Temp\\setup3432328976.exe No File
Task: {67B0BB25-C945-483D-B841-570BF62B6AE5} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {685E3CE6-A2FC-46D4-A95F-7F081D30B383} - System32\Tasks\1d817488 => C:\Users\Toshiba\AppData\Local\Temp\\setup223967396.exe No File
Task: {6A129AE9-23B0-42A5-84EE-DBBB9105B053} - System32\Tasks\ff04df58 => C:\Users\Toshiba\AppData\Local\Temp\\setup3819134400.exe No File
Task: {6B34C632-4AE3-4E5A-B7CF-2AD67BDDF24E} - System32\Tasks\b9326750 => C:\Users\Toshiba\AppData\Local\Temp\\setup2953963208.exe No File
Task: {6D2ED8DF-3586-4443-BF64-589A1945BC4A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {780A6107-9BF3-4FDA-A8D1-A64CAB1478C9} - System32\Tasks\203e7404 => C:\Users\Toshiba\AppData\Local\Temp\\setup3141986440.exe No File
Task: {85C079E4-A4F8-4DA9-9D90-797E9E558029} - System32\Tasks\4d911780 => C:\Users\Toshiba\AppData\Local\Temp\\setup3941288960.exe No File
Task: {8839F494-44A5-4DE2-97C8-66D4C314DFA7} - System32\Tasks\8abba2c0 => C:\Users\Toshiba\AppData\Local\Temp\\setup1999428544.exe No File
Task: {8B511908-85F1-4659-886A-33B6FEB3822F} - System32\Tasks\fcdb1b4c => C:\Users\Toshiba\AppData\Local\Temp\\setup4242217804.exe No File
Task: {8EF710E3-6374-4D6E-AEFC-3210E02A7747} - System32\Tasks\5f2483cc => C:\Users\Toshiba\AppData\Local\Temp\\setup1443103556.exe No File
Task: {8FF93265-1383-4A7D-89E8-C2767C717F10} - System32\Tasks\d37dda5c => C:\Users\Toshiba\AppData\Local\Temp\\setup3395115476.exe No File
Task: {91824DB1-C188-413A-8342-4579459E3A2D} - System32\Tasks\32b902cc => C:\Users\Toshiba\AppData\Local\Temp\\setup755282796.exe No File
Task: {95DE96C2-29CD-48C5-9BB0-2B4C700611AC} - System32\Tasks\cb3ce55c => C:\Users\Toshiba\AppData\Local\Temp\\setup3398091660.exe No File
Task: {985ABB73-010B-4CEE-876C-23F90FD904CE} - System32\Tasks\85ff4e40 => C:\Users\Toshiba\AppData\Local\Temp\\setup17905216.exe No File
Task: {9D730A68-4A7F-4EED-A110-2C01FAAC695A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-19] (Google Inc.)
Task: {9F696B42-43D7-478B-9463-319C4F5471BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A2302430-247B-49F2-B712-B236296B715E} - System32\Tasks\263e810c => C:\Users\Toshiba\AppData\Local\Temp\\setup3763309252.exe No File
Task: {AC1AAAB1-C298-4FF9-A0C7-0D54C74BB556} - System32\Tasks\5e80b218 => C:\Users\Toshiba\AppData\Local\Temp\\setup1307953564.exe No File
Task: {B257FA72-03A1-449B-81D0-05BD49B65A14} - System32\Tasks\88f92d28 => C:\Users\Toshiba\AppData\Local\Temp\\setup2144906400.exe No File
Task: {C71B8109-904C-4119-860E-36495A6C6840} - System32\Tasks\bb62f680 => C:\Users\Toshiba\AppData\Local\Temp\\setup3012574464.exe No File
Task: {CA83A94A-6C00-4504-9B21-1A7802224A2B} - System32\Tasks\768e8bc0 => C:\Users\Toshiba\AppData\Local\Temp\\setup1289053376.exe No File
Task: {CB9381ED-7A35-442D-95CE-C4871A26E875} - System32\Tasks\365cb294 => C:\Users\Toshiba\AppData\Local\Temp\\setup610873588.exe No File
Task: {CC3190CC-8D62-49D9-9B50-2BA2BCE232E6} - System32\Tasks\181707dc => C:\Users\Toshiba\AppData\Local\Temp\\setup1898231768.exe No File
Task: {CFF34B4D-B0F0-40D6-864D-039A1A2F421D} - System32\Tasks\7e450668 => C:\Users\Toshiba\AppData\Local\Temp\\setup1812202840.exe No File
Task: {D25DB7CD-6B25-4A51-B22A-1ED54505DC86} - System32\Tasks\42077980 => C:\Users\Toshiba\AppData\Local\Temp\\setup407786112.exe No File
Task: {D387C7C2-34A5-46CF-9909-A92AB1208EBC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {D934B0F8-FB2F-4914-9A2A-B1C218D4280E} - System32\Tasks\User_Feed_Synchronization-{1B9D2DA2-921A-4748-81A8-E8C72EE642DA} => C:\Windows\system32\msfeedssync.exe [2013-06-23] (Microsoft Corporation)
Task: {DE656B69-03AC-4F4E-B977-05EE9A8B746E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-19] (Google Inc.)
Task: {DEBC5775-F5BF-4828-87C0-11A8CB05D91A} - System32\Tasks\e78b71c0 => C:\Users\Toshiba\AppData\Local\Temp\\setup3402800520.exe No File
Task: {E7E4F0AD-E73A-4DB3-A88E-2AA6F79AB7DF} - System32\Tasks\211823f4 => C:\Users\Toshiba\AppData\Local\Temp\\setup2996004176.exe No File
Task: {EA44AEB0-029F-4986-9677-442AD0CCB79C} - System32\Tasks\3a18be00 => C:\Users\Toshiba\AppData\Local\Temp\\setup624700032.exe No File
Task: {F5700592-8764-4A50-94D4-3679A63891BF} - System32\Tasks\5aafb59c => C:\Users\Toshiba\AppData\Local\Temp\\setup660136852.exe No File
Task: {F73C813F-E212-4932-958A-4FE4AA3E0782} - System32\Tasks\6d5d6b40 => C:\Users\Toshiba\AppData\Local\Temp\\setup434838848.exe No File
Task: {FDE0DAD9-AC5A-4449-B72D-CBBDEBE928F0} - System32\Tasks\2cd68040 => C:\Users\Toshiba\AppData\Local\Temp\\setup599130880.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
Name: MpKsl51bde543
Description: MpKsl51bde543
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl51bde543
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/07/2013 10:32:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0x1738
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/07/2013 09:32:05 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0xc38
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/06/2013 07:32:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0x1014
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/06/2013 05:17:47 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IELowutil.exe, Version: 10.0.9200.16521, Zeitstempel: 0x51207c70
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeaf722
Ausnahmecode: 0x40000015
Fehleroffset: 0x0005620a
ID des fehlerhaften Prozesses: 0xb64
Startzeit der fehlerhaften Anwendung: 0xIELowutil.exe0
Pfad der fehlerhaften Anwendung: IELowutil.exe1
Pfad des fehlerhaften Moduls: IELowutil.exe2
Berichtskennung: IELowutil.exe3
Error: (08/06/2013 04:32:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0xca4
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/06/2013 11:32:03 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0x16ac
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/06/2013 10:32:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0x1160
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/05/2013 03:32:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0x16e8
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/02/2013 03:40:23 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0x908
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (07/18/2013 06:32:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003419b
ID des fehlerhaften Prozesses: 0x1494
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
System errors:
=============
Error: (08/06/2013 03:45:36 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
Error: (08/06/2013 07:33:27 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
Error: (08/02/2013 04:06:10 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
Error: (08/02/2013 04:00:57 PM) (Source: Service Control Manager) (User: )
Description: Dienst "WebCake Desktop Updater" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/18/2013 10:24:38 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.155.29.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.2.0223.00
Quellpfad: 4.2.0223.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (07/16/2013 00:51:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/16/2013 00:51:57 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update Service (gupdate) erreicht.
Error: (07/11/2013 11:11:38 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 11.07.2013 um 11:09:43 unerwartet heruntergefahren.
Error: (07/10/2013 03:12:10 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
Error: (07/10/2013 00:18:38 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst UxSms erreicht.
Microsoft Office Sessions:
=========================
Error: (05/03/2013 07:52:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 236 seconds with 180 seconds of active time. This session ended with a crash.
Error: (04/09/2013 04:13:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 433 seconds with 360 seconds of active time. This session ended with a crash.
Error: (04/09/2013 04:05:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 233 seconds with 180 seconds of active time. This session ended with a crash.
Error: (04/09/2013 04:01:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 49 seconds with 0 seconds of active time. This session ended with a crash.
Error: (04/09/2013 04:00:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1402 seconds with 1380 seconds of active time. This session ended with a crash.
Error: (04/09/2013 03:36:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1122 seconds with 1080 seconds of active time. This session ended with a crash.
Error: (04/09/2013 01:46:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 122 seconds with 60 seconds of active time. This session ended with a crash.
Error: (04/09/2013 01:44:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1832 seconds with 1020 seconds of active time. This session ended with a crash.
Error: (04/02/2013 05:55:50 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 360 seconds with 300 seconds of active time. This session ended with a crash.
Error: (03/29/2013 08:21:08 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 86%
Total physical RAM: 1014.49 MB
Available physical RAM: 141.16 MB
Total Pagefile: 2038.49 MB
Available Pagefile: 694.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.73 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:93.16 GB) (Free:39.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:1.91 GB) (Free:0.76 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 93 GB) (Disk ID: F0E2040A)
Partition 1: (Active) - (Size=93 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
