| marclu00 | 22.12.2013 10:54 |
FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2013 02
Ran by marc (administrator) on MARC-LAPTOP on 22-12-2013 10:47:08
Running from C:\Users\marc\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-10-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\marc\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [CyberGhost] - C:\Program Files\CyberGhost 5\CyberGhost.exe [361072 2013-12-17] (CyberGhost S.R.L.)
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [Aeria Ignite] - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {1C5D40C8-6889-4425-8B6C-900A0F99EC4D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {1C5D40C8-6889-4425-8B6C-900A0F99EC4D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {1C5D40C8-6889-4425-8B6C-900A0F99EC4D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {1C5D40C8-6889-4425-8B6C-900A0F99EC4D} URL =
SearchScopes: HKCU - {1C5D40C8-6889-4425-8B6C-900A0F99EC4D} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\marc\AppData\Roaming\Mozilla\Firefox\Profiles\m0quw9lg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\marc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Battlefield Heroes) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0
CHR Extension: (Adblock Plus) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Norton Identity Protection) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_0
CHR Extension: (Google Wallet) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Minecraft Origins) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooemofofigijedhcifaimglnncjmckaa\1.0.4_0
CHR Extension: (Gmail) - C:\Users\marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63600 2013-12-17] (CyberGhost S.R.L)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-11-30] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-31] (Dritek System INC.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-02] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20131220.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20131221.006\ENG64.SYS [126040 2013-12-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20131221.006\EX64.SYS [2099288 2013-12-19] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-31] (Dritek System Inc.)
S3 RTL8187B; C:\Windows\system32\DRIVERS\RTL8187B.sys [416768 2012-06-02] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-20] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-22 10:47 - 2013-12-22 10:50 - 00017851 _____ C:\Users\marc\Downloads\FRST.txt
2013-12-22 10:47 - 2013-12-22 10:47 - 00000000 ____D C:\FRST
2013-12-22 10:46 - 2013-12-22 10:46 - 02193141 _____ (Farbar) C:\Users\marc\Downloads\FRST64.exe
2013-12-22 08:45 - 2013-12-22 10:28 - 00000000 ____D C:\ProgramData\Wizard101(DE)
2013-12-22 08:45 - 2013-12-22 08:45 - 00001493 _____ C:\Users\marc\Desktop\Wizard101.lnk
2013-12-22 08:45 - 2013-12-22 08:45 - 00000000 ____D C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard101(DE)
2013-12-22 08:43 - 2013-12-22 08:43 - 04105416 _____ (Gameforge 4D GmbH ) C:\Users\marc\Downloads\Wizard101_Installer_DE.exe
2013-12-22 08:40 - 2013-12-22 08:40 - 467498452 _____ C:\Windows\MEMORY.DMP
2013-12-22 08:40 - 2013-12-22 08:40 - 00284944 _____ C:\Windows\Minidump\122213-33843-01.dmp
2013-12-22 08:40 - 2013-12-22 08:40 - 00000000 ____D C:\Windows\Minidump
2013-12-22 07:52 - 2013-12-22 07:52 - 00001606 _____ C:\Users\marc\Desktop\cheatengine-x86_64 - Verknüpfung.lnk
2013-12-21 11:33 - 2013-12-21 11:33 - 06933154 _____ C:\Users\marc\Downloads\WiZARDHAX.com-Nodus1.7.2MCP.zip
2013-12-21 09:17 - 2013-12-21 09:17 - 06933154 _____ C:\Users\marc\Downloads\Nodus1.7.2MCP.zip
2013-12-20 19:18 - 2013-12-20 19:18 - 00084529 _____ C:\Users\marc\Downloads\XRayInstaller_WithFly (1).jar
2013-12-20 18:44 - 2013-12-20 18:44 - 00084529 _____ C:\Users\marc\Downloads\XRayInstaller_WithFly.jar
2013-12-20 18:42 - 2013-12-20 18:42 - 00075191 _____ C:\Users\marc\Downloads\[1.7.2] XRay.zip
2013-12-19 19:01 - 2013-12-20 14:34 - 00000000 ____D C:\Users\marc\AppData\Roaming\vlc
2013-12-19 19:00 - 2013-12-19 19:00 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-19 19:00 - 2013-12-19 19:00 - 00000000 ____D C:\Program Files\VideoLAN
2013-12-19 18:58 - 2013-12-19 18:58 - 23679700 _____ C:\Users\marc\Downloads\vlc-2.1.1-win64.exe
2013-12-19 17:17 - 2013-12-19 17:25 - 00000000 ____D C:\Users\marc\AppData\Local\CyberGhost
2013-12-19 17:17 - 2013-12-19 17:17 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-19 17:16 - 2013-12-19 17:25 - 00000000 ____D C:\Program Files\CyberGhost 5
2013-12-19 17:16 - 2013-12-19 17:17 - 00000000 ____D C:\Program Files\TAP-Windows
2013-12-19 17:16 - 2013-12-19 17:16 - 00001732 _____ C:\Users\marc\Desktop\CyberGhost 5.lnk
2013-12-19 17:15 - 2013-12-19 17:15 - 08566128 _____ (CyberGhost S.R.L. ) C:\Users\marc\Downloads\CG_5.0.9.8chip.de.exe
2013-12-19 17:13 - 2013-12-19 17:14 - 35095200 _____ (Skype Technologies S.A.) C:\Users\marc\Downloads\Skype611SetupFull.exe
2013-12-18 18:43 - 2013-12-18 18:43 - 04157011 _____ C:\Users\marc\Downloads\Phineas und Ferb - Isi hat ne Krause (2.Staffel).mp4
2013-12-17 16:35 - 2013-12-17 16:35 - 00000000 _____ C:\Users\marc\Desktop\server.log
2013-12-17 15:58 - 2013-12-17 15:58 - 00000963 _____ C:\Users\marc\Desktop\IT - Verknüpfung.lnk
2013-12-17 15:57 - 2013-12-22 09:48 - 00000000 ____D C:\Users\marc\Downloads\FTB
2013-12-17 15:55 - 2013-12-17 15:58 - 00000000 ____D C:\Users\marc\Downloads\IT
2013-12-13 17:59 - 2013-12-13 17:59 - 00000000 ____D C:\Users\marc\AppData\Local\Unity
2013-12-12 16:10 - 2013-12-12 16:10 - 10576657 _____ C:\Users\marc\Downloads\DisneyInfinity.themepack
2013-12-12 14:45 - 2013-12-12 14:45 - 00001203 _____ C:\Users\marc\Desktop\Any Video Converter.lnk
2013-12-12 14:45 - 2013-12-12 14:45 - 00000000 ____D C:\Users\marc\Documents\Any Video Converter
2013-12-12 14:45 - 2013-12-12 14:45 - 00000000 ____D C:\Users\marc\AppData\Roaming\AnvSoft
2013-12-12 14:45 - 2013-12-12 14:45 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2013-12-12 14:41 - 2013-12-12 14:41 - 00000000 ____D C:\Users\marc\Desktop\Camtasia
2013-12-12 14:34 - 2013-12-12 14:34 - 00000000 ____D C:\Users\marc\AppData\Local\TechSmith
2013-12-12 14:07 - 2013-12-12 14:07 - 00341232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 05:55 - 2013-12-12 05:55 - 00001172 _____ C:\Users\Public\Desktop\Camtasia Studio 7.lnk
2013-12-12 05:54 - 2013-12-12 05:54 - 00000000 ____D C:\Windows\SysWOW64\QuickTime
2013-12-12 05:54 - 2013-12-12 05:54 - 00000000 ____D C:\ProgramData\TechSmith
2013-12-12 05:54 - 2013-12-12 05:54 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-12 05:54 - 2013-12-12 05:54 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-11 19:53 - 2013-12-11 19:53 - 00000000 ____D C:\N360_BACKUP
2013-12-11 16:49 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 16:49 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 16:49 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-11 16:49 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 16:49 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 16:49 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 16:49 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 16:49 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 16:49 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 16:49 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 16:49 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 16:49 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 16:49 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 16:49 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 16:49 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 16:49 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 16:49 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 16:49 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 16:48 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 16:48 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 16:48 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 16:48 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-11 16:48 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-12-11 16:48 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-12-11 16:48 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-12-11 16:48 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-12-11 16:48 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-12-11 16:48 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-11 16:48 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-11 16:48 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-12-11 16:48 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-11 16:48 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-12-11 16:48 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-12-11 16:48 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-12-11 16:48 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-11 16:48 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-11 16:48 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-12-11 16:48 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-12-11 16:48 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-12-11 16:48 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 16:48 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-11 16:48 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2013-12-11 16:48 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-12-11 16:48 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-12-11 16:48 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-12-11 16:47 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 16:47 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 16:47 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 16:47 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 16:47 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 16:47 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-11 16:47 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 16:47 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 16:47 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 16:47 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-11 16:47 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 16:27 - 2013-12-11 16:27 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 14:20 - 2013-12-11 14:22 - 00000000 ____D C:\Users\marc\Downloads\assets
2013-12-11 14:20 - 2013-12-11 14:21 - 00000000 ____D C:\Users\marc\Downloads\libraries
2013-12-11 14:20 - 2013-12-11 14:20 - 00000000 ____D C:\Users\marc\Downloads\versions
2013-12-10 18:42 - 2013-12-10 18:42 - 00000930 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-12-10 18:42 - 2013-12-10 18:42 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-10 17:16 - 2013-12-10 17:16 - 00000000 ____D C:\Users\marc\AppData\Roaming\TechSmith
2013-12-10 17:06 - 2013-12-10 17:06 - 00134215 _____ C:\Users\marc\Downloads\lololo cra.rar
2013-12-10 16:54 - 2013-12-10 16:54 - 07073958 _____ C:\Users\marc\Downloads\The_Jellyfish_Jam.mp4
2013-12-10 16:54 - 2013-12-10 16:54 - 03639540 _____ C:\Users\marc\Downloads\Map Hogwarts v 3.1 by Adriento.zip
2013-12-04 18:19 - 2013-12-04 18:19 - 26328684 _____ C:\Users\marc\Downloads\FTB Lite Server 1.2.3.zip
2013-12-04 05:29 - 2013-12-04 05:29 - 00000000 ____D C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-01 18:03 - 2013-12-01 18:03 - 10598422 _____ C:\Users\marc\Downloads\laputa_bals.zip
2013-12-01 18:02 - 2013-12-01 18:02 - 00005819 _____ C:\Users\marc\Downloads\LAPUTAテクスチャ.zip
2013-11-30 13:01 - 2013-11-30 13:01 - 00270240 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-30 13:01 - 2013-11-30 13:01 - 00000000 ____D C:\Users\marc\AppData\Local\PunkBuster
2013-11-30 12:58 - 2013-11-30 13:18 - 00000000 ____D C:\Users\marc\Documents\Battlefield Heroes
2013-11-30 12:57 - 2013-11-30 13:01 - 00270240 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-30 12:57 - 2013-11-30 12:57 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-30 12:57 - 2013-11-30 12:57 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-30 12:57 - 2013-11-30 12:57 - 00000000 ____D C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2013-11-30 12:25 - 2013-11-30 12:25 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-11-29 16:19 - 2013-11-29 16:19 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2013-11-27 15:37 - 2013-11-27 15:37 - 00000000 ____D C:\Users\marc\AppData\Local\DDMSettings
2013-11-27 15:35 - 2013-11-27 15:36 - 00000000 ____D C:\Program Files (x86)\DivX
2013-11-27 15:35 - 2013-11-27 15:35 - 00000000 ____D C:\Program Files\DivX
2013-11-27 15:34 - 2013-11-27 15:37 - 00000000 ____D C:\ProgramData\DivX
2013-11-27 15:34 - 2013-11-27 15:34 - 00000000 _____ C:\END
2013-11-23 12:46 - 2013-11-23 12:45 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-23 12:45 - 2013-11-23 12:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-23 12:45 - 2013-11-23 12:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-23 12:45 - 2013-11-23 12:45 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-23 12:45 - 2013-11-23 12:45 - 00000000 ____D C:\Program Files\Java
==================== One Month Modified Files and Folders =======
2013-12-22 10:50 - 2013-12-22 10:47 - 00017851 _____ C:\Users\marc\Downloads\FRST.txt
2013-12-22 10:47 - 2013-12-22 10:47 - 00000000 ____D C:\FRST
2013-12-22 10:46 - 2013-12-22 10:46 - 02193141 _____ (Farbar) C:\Users\marc\Downloads\FRST64.exe
2013-12-22 10:45 - 2013-10-21 13:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-22 10:28 - 2013-12-22 08:45 - 00000000 ____D C:\ProgramData\Wizard101(DE)
2013-12-22 10:20 - 2013-11-20 15:16 - 00000000 ____D C:\Users\marc\AppData\Local\LogMeIn Hamachi
2013-12-22 10:14 - 2013-10-21 13:48 - 00000000 ____D C:\Users\marc\AppData\Roaming\Skype
2013-12-22 10:03 - 2013-10-20 18:48 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-22 10:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-12-22 09:48 - 2013-12-17 15:57 - 00000000 ____D C:\Users\marc\Downloads\FTB
2013-12-22 09:36 - 2013-10-31 15:42 - 00000000 ____D C:\Users\marc\AppData\Local\CrashDumps
2013-12-22 08:47 - 2012-08-31 13:46 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-12-22 08:47 - 2012-08-31 13:46 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-12-22 08:47 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-22 08:45 - 2013-12-22 08:45 - 00001493 _____ C:\Users\marc\Desktop\Wizard101.lnk
2013-12-22 08:45 - 2013-12-22 08:45 - 00000000 ____D C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard101(DE)
2013-12-22 08:43 - 2013-12-22 08:43 - 04105416 _____ (Gameforge 4D GmbH ) C:\Users\marc\Downloads\Wizard101_Installer_DE.exe
2013-12-22 08:41 - 2013-10-24 13:36 - 00000441 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-22 08:41 - 2013-10-20 18:48 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-22 08:41 - 2013-10-20 17:23 - 00000362 _____ C:\Windows\Tasks\dsmonitor.job
2013-12-22 08:41 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-22 08:40 - 2013-12-22 08:40 - 467498452 _____ C:\Windows\MEMORY.DMP
2013-12-22 08:40 - 2013-12-22 08:40 - 00284944 _____ C:\Windows\Minidump\122213-33843-01.dmp
2013-12-22 08:40 - 2013-12-22 08:40 - 00000000 ____D C:\Windows\Minidump
2013-12-22 07:52 - 2013-12-22 07:52 - 00001606 _____ C:\Users\marc\Desktop\cheatengine-x86_64 - Verknüpfung.lnk
2013-12-21 21:36 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-21 13:33 - 2013-10-21 18:09 - 00000000 ____D C:\Users\marc\AppData\Roaming\ftblauncher
2013-12-21 13:33 - 2013-10-21 18:02 - 00765101 _____ () C:\Users\marc\Desktop\FTB_Launcher.exe
2013-12-21 13:21 - 2013-10-21 16:14 - 00000000 ____D C:\Users\marc\AppData\Roaming\kamera
2013-12-21 13:09 - 2013-11-07 19:06 - 00000000 ____D C:\Users\marc\AppData\Roaming\.minecraft
2013-12-21 11:33 - 2013-12-21 11:33 - 06933154 _____ C:\Users\marc\Downloads\WiZARDHAX.com-Nodus1.7.2MCP.zip
2013-12-21 10:23 - 2013-10-24 13:31 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2013-12-21 09:17 - 2013-12-21 09:17 - 06933154 _____ C:\Users\marc\Downloads\Nodus1.7.2MCP.zip
2013-12-20 19:18 - 2013-12-20 19:18 - 00084529 _____ C:\Users\marc\Downloads\XRayInstaller_WithFly (1).jar
2013-12-20 18:44 - 2013-12-20 18:44 - 00084529 _____ C:\Users\marc\Downloads\XRayInstaller_WithFly.jar
2013-12-20 18:42 - 2013-12-20 18:42 - 00075191 _____ C:\Users\marc\Downloads\[1.7.2] XRay.zip
2013-12-20 14:34 - 2013-12-19 19:01 - 00000000 ____D C:\Users\marc\AppData\Roaming\vlc
2013-12-19 19:00 - 2013-12-19 19:00 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-19 19:00 - 2013-12-19 19:00 - 00000000 ____D C:\Program Files\VideoLAN
2013-12-19 18:58 - 2013-12-19 18:58 - 23679700 _____ C:\Users\marc\Downloads\vlc-2.1.1-win64.exe
2013-12-19 17:25 - 2013-12-19 17:17 - 00000000 ____D C:\Users\marc\AppData\Local\CyberGhost
2013-12-19 17:25 - 2013-12-19 17:16 - 00000000 ____D C:\Program Files\CyberGhost 5
2013-12-19 17:20 - 2013-10-20 16:45 - 01561041 _____ C:\Windows\WindowsUpdate.log
2013-12-19 17:17 - 2013-12-19 17:17 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-19 17:17 - 2013-12-19 17:16 - 00000000 ____D C:\Program Files\TAP-Windows
2013-12-19 17:17 - 2013-10-21 13:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-19 17:17 - 2013-10-21 13:48 - 00000000 ____D C:\ProgramData\Skype
2013-12-19 17:16 - 2013-12-19 17:16 - 00001732 _____ C:\Users\marc\Desktop\CyberGhost 5.lnk
2013-12-19 17:15 - 2013-12-19 17:15 - 08566128 _____ (CyberGhost S.R.L. ) C:\Users\marc\Downloads\CG_5.0.9.8chip.de.exe
2013-12-19 17:14 - 2013-12-19 17:13 - 35095200 _____ (Skype Technologies S.A.) C:\Users\marc\Downloads\Skype611SetupFull.exe
2013-12-19 05:07 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-12-18 19:42 - 2013-10-21 19:01 - 00000000 ____D C:\Users\marc\Desktop\filme
2013-12-18 18:43 - 2013-12-18 18:43 - 04157011 _____ C:\Users\marc\Downloads\Phineas und Ferb - Isi hat ne Krause (2.Staffel).mp4
2013-12-18 14:11 - 2012-08-03 08:35 - 00023654 _____ C:\Windows\PFRO.log
2013-12-18 05:06 - 2013-10-21 14:07 - 00000000 ____D C:\Program Files (x86)\Brick-Force
2013-12-17 19:17 - 2013-10-20 18:12 - 00000000 ____D C:\Windows\system32\MRT
2013-12-17 19:15 - 2013-10-20 18:12 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-17 16:35 - 2013-12-17 16:35 - 00000000 _____ C:\Users\marc\Desktop\server.log
2013-12-17 15:58 - 2013-12-17 15:58 - 00000963 _____ C:\Users\marc\Desktop\IT - Verknüpfung.lnk
2013-12-17 15:58 - 2013-12-17 15:55 - 00000000 ____D C:\Users\marc\Downloads\IT
2013-12-17 15:58 - 2013-11-05 16:38 - 00117760 ___SH C:\Users\marc\Desktop\Thumbs.db
2013-12-13 17:59 - 2013-12-13 17:59 - 00000000 ____D C:\Users\marc\AppData\Local\Unity
2013-12-13 17:10 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-12-12 17:43 - 2013-10-20 16:57 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1337385019-782056237-1828007073-1001
2013-12-12 16:10 - 2013-12-12 16:10 - 10576657 _____ C:\Users\marc\Downloads\DisneyInfinity.themepack
2013-12-12 14:45 - 2013-12-12 14:45 - 00001203 _____ C:\Users\marc\Desktop\Any Video Converter.lnk
2013-12-12 14:45 - 2013-12-12 14:45 - 00000000 ____D C:\Users\marc\Documents\Any Video Converter
2013-12-12 14:45 - 2013-12-12 14:45 - 00000000 ____D C:\Users\marc\AppData\Roaming\AnvSoft
2013-12-12 14:45 - 2013-12-12 14:45 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2013-12-12 14:41 - 2013-12-12 14:41 - 00000000 ____D C:\Users\marc\Desktop\Camtasia
2013-12-12 14:37 - 2013-11-05 15:10 - 00114176 ___SH C:\Users\marc\Downloads\Thumbs.db
2013-12-12 14:34 - 2013-12-12 14:34 - 00000000 ____D C:\Users\marc\AppData\Local\TechSmith
2013-12-12 14:07 - 2013-12-12 14:07 - 00341232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 05:55 - 2013-12-12 05:55 - 00001172 _____ C:\Users\Public\Desktop\Camtasia Studio 7.lnk
2013-12-12 05:55 - 2013-10-20 16:44 - 00000000 ____D C:\Users\marc
2013-12-12 05:54 - 2013-12-12 05:54 - 00000000 ____D C:\Windows\SysWOW64\QuickTime
2013-12-12 05:54 - 2013-12-12 05:54 - 00000000 ____D C:\ProgramData\TechSmith
2013-12-12 05:54 - 2013-12-12 05:54 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-12 05:54 - 2013-12-12 05:54 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-11 20:46 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-11 19:53 - 2013-12-11 19:53 - 00000000 ____D C:\N360_BACKUP
2013-12-11 17:53 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-11 16:27 - 2013-12-11 16:27 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 16:27 - 2013-10-21 13:40 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 14:22 - 2013-12-11 14:20 - 00000000 ____D C:\Users\marc\Downloads\assets
2013-12-11 14:21 - 2013-12-11 14:20 - 00000000 ____D C:\Users\marc\Downloads\libraries
2013-12-11 14:20 - 2013-12-11 14:20 - 00000000 ____D C:\Users\marc\Downloads\versions
2013-12-10 18:49 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-10 18:42 - 2013-12-10 18:42 - 00000930 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-12-10 18:42 - 2013-12-10 18:42 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-10 18:20 - 2013-11-14 16:55 - 02303911 _____ () C:\Users\marc\Desktop\TechnicLauncher.exe
2013-12-10 18:20 - 2013-11-14 16:55 - 00000000 ____D C:\Users\marc\AppData\Roaming\.technic
2013-12-10 17:16 - 2013-12-10 17:16 - 00000000 ____D C:\Users\marc\AppData\Roaming\TechSmith
2013-12-10 17:06 - 2013-12-10 17:06 - 00134215 _____ C:\Users\marc\Downloads\lololo cra.rar
2013-12-10 17:05 - 2013-10-20 18:49 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-10 16:58 - 2013-10-20 18:48 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-10 16:58 - 2013-10-20 18:48 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-10 16:54 - 2013-12-10 16:54 - 07073958 _____ C:\Users\marc\Downloads\The_Jellyfish_Jam.mp4
2013-12-10 16:54 - 2013-12-10 16:54 - 03639540 _____ C:\Users\marc\Downloads\Map Hogwarts v 3.1 by Adriento.zip
2013-12-08 13:45 - 2013-11-07 19:01 - 00000000 ____D C:\Users\marc\Desktop\.minecraft
2013-12-08 12:05 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2013-12-04 18:19 - 2013-12-04 18:19 - 26328684 _____ C:\Users\marc\Downloads\FTB Lite Server 1.2.3.zip
2013-12-04 05:29 - 2013-12-04 05:29 - 00000000 ____D C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-04 05:29 - 2013-10-20 16:45 - 00000000 ____D C:\Users\marc\AppData\Local\Packages
2013-12-04 01:53 - 2013-11-19 05:04 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2013-11-19 05:04 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-01 18:03 - 2013-12-01 18:03 - 10598422 _____ C:\Users\marc\Downloads\laputa_bals.zip
2013-12-01 18:02 - 2013-12-01 18:02 - 00005819 _____ C:\Users\marc\Downloads\LAPUTAテクスチャ.zip
2013-12-01 15:42 - 2012-08-03 08:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-30 13:18 - 2013-11-30 12:58 - 00000000 ____D C:\Users\marc\Documents\Battlefield Heroes
2013-11-30 13:01 - 2013-11-30 13:01 - 00270240 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-30 13:01 - 2013-11-30 13:01 - 00000000 ____D C:\Users\marc\AppData\Local\PunkBuster
2013-11-30 13:01 - 2013-11-30 12:57 - 00270240 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-30 12:57 - 2013-11-30 12:57 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-30 12:57 - 2013-11-30 12:57 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-30 12:57 - 2013-11-30 12:57 - 00000000 ____D C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2013-11-30 12:25 - 2013-11-30 12:25 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-11-30 12:16 - 2013-10-21 13:28 - 00000000 ____D C:\Users\marc\AppData\Local\Mozilla
2013-11-29 16:19 - 2013-11-29 16:19 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2013-11-27 15:37 - 2013-11-27 15:37 - 00000000 ____D C:\Users\marc\AppData\Local\DDMSettings
2013-11-27 15:37 - 2013-11-27 15:34 - 00000000 ____D C:\ProgramData\DivX
2013-11-27 15:36 - 2013-11-27 15:35 - 00000000 ____D C:\Program Files (x86)\DivX
2013-11-27 15:36 - 2013-10-21 13:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-27 15:35 - 2013-11-27 15:35 - 00000000 ____D C:\Program Files\DivX
2013-11-27 15:34 - 2013-11-27 15:34 - 00000000 _____ C:\END
2013-11-27 05:30 - 2013-10-21 14:48 - 00017447 _____ C:\Users\marc\Documents\Vokabeln.odt
2013-11-23 17:10 - 2013-10-30 15:09 - 00001089 _____ C:\Users\marc\Desktop\Cheat Engine.lnk
2013-11-23 17:10 - 2013-10-30 15:09 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-11-23 12:46 - 2013-10-21 13:55 - 00000000 ____D C:\ProgramData\Oracle
2013-11-23 12:45 - 2013-11-23 12:46 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-23 12:45 - 2013-11-23 12:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-23 12:45 - 2013-11-23 12:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-23 12:45 - 2013-11-23 12:45 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-23 12:45 - 2013-11-23 12:45 - 00000000 ____D C:\Program Files\Java
2013-11-23 07:43 - 2013-12-11 16:47 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-23 06:05 - 2013-12-11 16:47 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-21 16:29
==================== End Of Log ============================
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2013 02
Ran by marc at 2013-12-22 10:51:43
Running from C:\Users\marc\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Online (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Online (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
clear.fi SDK - Video 2 (x32 Version: 2.1.1910)
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910)
Acer Backup Manager (x32 Version: 4.0.0.0053)
Acer Device Fast-lane (Version: 1.00.3003)
Acer Power Management (Version: 7.00.3003)
Acer Recovery Management (Version: 6.00.3006)
AcerCloud (x32 Version: 2.01.3112)
AcerCloud Docs (x32 Version: 1.00.3103)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Aeria Ignite (x32 Version: 1.13.3296)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Akamai NetSession Interface (HKCU)
Aloha TriPeaks (x32 Version: 2.2.0.98)
Any Video Converter 5.5.1 (x32)
Backup Manager v4 (x32 Version: 4.0.0.0053)
Battlefield Heroes (HKCU)
Bejeweled 3 (x32 Version: 2.2.0.98)
BlueStacks App Player (x32 Version: 0.7.18.921)
BlueStacks Notification Center (x32 Version: 0.7.18.921)
Brick-Force (x32 Version: 2.12.256.51.62)
Broadcom Card Reader Driver Installer (Version: 15.4.4.2)
Camtasia Studio 7 (x32 Version: 7.0.1)
Cheat Engine 6.3 (x32)
clear.fi Media (x32 Version: 2.01.3107)
clear.fi Photo (x32 Version: 2.01.3107)
CyberGhost 5
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
Die Sims™ 3 (x32 Version: 1.63.5)
Die Sims™ 3 Inselparadies (x32 Version: 19.0.101)
Die Sims™ 3 Into the Future (x32 Version: 21.0.150)
Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136)
Die Sims™ 3 Late Night (x32 Version: 6.0.81)
Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152)
Die Sims™ 3 Luxus-Accessoires (x32 Version: 3.0.38)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86)
Die Sims™ 3 Showtime (x32 Version: 12.0.273)
Die Sims™ 3 Supernatural (x32 Version: 15.0.135)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87)
Die Sims™ 3 Wildes Studentenleben (x32 Version: 18.0.126)
DivX-Setup (x32 Version: 2.6.1.87)
ETDWare PS/2-X64 11.6.22.201_WHQL (Version: 11.6.22.201)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Google Chrome (x32 Version: 31.0.1650.63)
Google Update Helper (x32 Version: 1.3.22.3)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110)
GrandFantasia-DE (x32)
Identity Card (x32 Version: 2.00.3002)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Island Tribe (x32 Version: 2.2.0.98)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Launch Manager (x32 Version: 7.0.4)
LibreOffice 4.1.2.3 (x32 Version: 4.1.2.3)
Live Updater (x32 Version: 2.00.3002)
LogMeIn Hamachi (x32 Version: 2.2.0.109)
Magic Academy (x32 Version: 2.2.0.98)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
Norton 360 (x32 Version: 21.1.0.18)
Norton Online Backup (x32 Version: 2.2.3.45)
Norton Online Backup ARA (x32 Version: 4.1.0.10)
Notepad++ (x32 Version: 6.5)
NTI Media Maker 9 (x32 Version: 9.0.2.9008)
Office Addin (x32 Version: 2.01.3102)
Office Addin 2003 (x32 Version: 2.01.3102)
Origin (x32 Version: 9.0.14.2148)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
PunkBuster Services (x32 Version: 0.990)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.05)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Skype™ 6.11 (x32 Version: 6.11.102)
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Tales of Lagoona (x32 Version: 2.2.0.110)
TAP-Windows 9.9.2 (Version: 9.9.2)
Tomb Raider Chronicles (x32)
Tunngle beta (x32)
Unity Web Player (HKCU Version: )
Update Installer for WildTangent Games App (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
VLC media player 2.1.1 (Version: 2.1.1)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.3)
WinRAR 5.00 (64-Bit) (Version: 5.00.0)
Wizard101(DE) (HKCU)
YTD Video Downloader 4.5.1 (x32 Version: 4.5.1)
Zuma's Revenge (x32 Version: 2.2.0.98)
==================== Restore Points =========================
01-12-2013 14:39:19 Installiert T-Online WLAN-Access Finder
10-12-2013 16:10:34 Camtasia Studio 8 wird installiert
12-12-2013 04:52:55 Camtasia Studio 7 wird installiert
17-12-2013 18:14:14 Windows Update
19-12-2013 16:10:18 Removed Skype™ 6.11
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01ABB403-37A1-4CB7-B808-7D2C9E446F9F} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {0F12CEC6-940E-4995-84C8-066EA1A2493B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06] (Google Inc.)
Task: {17E4CA9F-25FD-494E-BB74-B84A209FCA12} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {30AB6876-B345-4863-B7FC-9079C92CA7B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {5031E43D-8433-478B-ADEF-ED7A3609D51E} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {799475E8-61A0-426F-A04F-21951A88DC6D} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {8930FCE8-B2D5-4BEC-BDB0-669EB8DF6670} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {98CEFDC9-4187-453C-A3B4-C49FB9152592} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B6EE652E-7E6F-49AB-B358-78F6CA9D978D} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {C22008F0-E7C7-49E2-9189-40205F65B976} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: {C26874A0-F467-4F63-8A24-361690665300} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA5EC3C1-BCB6-4D81-A206-5ABE315B0FB4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06] (Google Inc.)
Task: {DB52C38A-7BED-4C11-8C09-4DA13108FB1A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F75FEFF0-D59A-4CCB-BE4E-CAD1C6FCF2FB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\wscstub.exe [2013-10-08] (Symantec Corporation)
Task: {F83191E3-E913-4DC2-BE22-C614E7BF5FB0} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PmmUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-08-09 10:12 - 2012-08-08 16:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-31 04:05 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-10 17:04 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-10 17:04 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-10 17:04 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-10 17:04 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-10 17:04 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/22/2013 09:36:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WizardGraphicalClient.exe, Version: 0.0.0.0, Zeitstempel: 0x52336c60
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00057431
ID des fehlerhaften Prozesses: 0x1464
Startzeit der fehlerhaften Anwendung: 0xWizardGraphicalClient.exe0
Pfad der fehlerhaften Anwendung: WizardGraphicalClient.exe1
Pfad des fehlerhaften Moduls: WizardGraphicalClient.exe2
Berichtskennung: WizardGraphicalClient.exe3
Vollständiger Name des fehlerhaften Pakets: WizardGraphicalClient.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WizardGraphicalClient.exe5
Error: (12/21/2013 11:41:34 AM) (Source: Application Hang) (User: )
Description: Programm Skype.exe, Version 6.11.0.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bb4
Startzeit: 01cefe1c46084318
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID: 293e3396-6a2c-11e3-beef-b888e3bf3538
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/20/2013 05:02:11 AM) (Source: ESENT) (User: )
Description: taskhostex (2820) Versuch, Datei "C:\Users\marc\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (12/20/2013 05:01:09 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/19/2013 06:41:59 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/19/2013 05:19:22 PM) (Source: Application Hang) (User: )
Description: Programm Skype.exe, Version 6.11.0.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1918
Startzeit: 01cefcd5dd870b52
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID: 4c5150fa-68c9-11e3-bee9-b888e3bf3538
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/17/2013 04:08:10 PM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 31.0.1650.63 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 10e0
Startzeit: 01cefb37bd98eb2a
Endzeit: 29
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 02fb329c-672d-11e3-bee4-b888e3bf3538
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/14/2013 09:36:54 PM) (Source: Application Hang) (User: )
Description: Programm javaw.exe, Version 7.0.450.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 7f4
Startzeit: 01cef8f0b2a78b14
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe
Berichts-ID: 7147db3b-64ff-11e3-bedb-fc36370772d3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/12/2013 02:36:19 PM) (Source: Application Hang) (User: )
Description: Programm CamtasiaStudio.exe, Version 7.0.1.106 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 14a0
Startzeit: 01cef73ec9c4b939
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe
Berichts-ID: 610a0169-6332-11e3-beda-b888e3bf3538
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/10/2013 06:38:47 PM) (Source: Application Hang) (User: )
Description: Programm Skype.exe, Version 6.11.0.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 163c
Startzeit: 01cef5cbfeb1824e
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID: c0983248-61c1-11e3-bed5-cc1f14ab1055
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (12/22/2013 10:21:09 AM) (Source: Service Control Manager) (User: )
Description: Dienst "BlueStacks Android Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/22/2013 08:41:43 AM) (Source: ipnathlp) (User: )
Description: 192.168.2.105192.168.137.0255.255.255.0
Error: (12/22/2013 08:41:43 AM) (Source: ipnathlp) (User: )
Description:
Error: (12/22/2013 08:41:08 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/22/2013 08:40:54 AM) (Source: BugCheck) (User: )
Description: 0x00000133 (0x0000000000000000, 0x0000000000000501, 0x0000000000000500, 0x0000000000000000)C:\Windows\MEMORY.DMP122213-33843-01
Error: (12/22/2013 08:40:49 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 22.12.2013 um 08:09:10 unerwartet heruntergefahren.
Error: (12/22/2013 08:27:48 AM) (Source: ipnathlp) (User: )
Description: 192.168.2.105192.168.137.0255.255.255.0
Error: (12/22/2013 07:38:09 AM) (Source: ipnathlp) (User: )
Description: 192.168.2.105192.168.137.0255.255.255.0
Error: (12/22/2013 07:38:09 AM) (Source: ipnathlp) (User: )
Description:
Error: (12/22/2013 07:37:07 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (12/22/2013 09:36:15 AM) (Source: Application Error)(User: )
Description: WizardGraphicalClient.exe0.0.0.052336c60ntdll.dll6.2.9200.16578515fac6ec000000500057431146401cefeea00e348cbC:\ProgramData\Wizard101(DE)\Bin\WizardGraphicalClient.exeC:\Windows\SYSTEM32\ntdll.dll1e806fc2-6ae4-11e3-bef2-b888e3bf3538
Error: (12/21/2013 11:41:34 AM) (Source: Application Hang)(User: )
Description: Skype.exe6.11.0.102bb401cefe1c4608431860000C:\Program Files (x86)\Skype\Phone\Skype.exe293e3396-6a2c-11e3-beef-b888e3bf3538
Error: (12/20/2013 05:02:11 AM) (Source: ESENT)(User: )
Description: taskhostex2820C:\Users\marc\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (12/20/2013 05:01:09 AM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/19/2013 06:41:59 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/19/2013 05:19:22 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.11.0.102191801cefcd5dd870b524294967295C:\Program Files (x86)\Skype\Phone\Skype.exe4c5150fa-68c9-11e3-bee9-b888e3bf3538
Error: (12/17/2013 04:08:10 PM) (Source: Application Hang)(User: )
Description: chrome.exe31.0.1650.6310e001cefb37bd98eb2a29C:\Program Files (x86)\Google\Chrome\Application\chrome.exe02fb329c-672d-11e3-bee4-b888e3bf3538
Error: (12/14/2013 09:36:54 PM) (Source: Application Hang)(User: )
Description: javaw.exe7.0.450.187f401cef8f0b2a78b144294967295C:\Program Files\Java\jre7\bin\javaw.exe7147db3b-64ff-11e3-bedb-fc36370772d3
Error: (12/12/2013 02:36:19 PM) (Source: Application Hang)(User: )
Description: CamtasiaStudio.exe7.0.1.10614a001cef73ec9c4b9394294967295C:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe610a0169-6332-11e3-beda-b888e3bf3538
Error: (12/10/2013 06:38:47 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.11.0.102163c01cef5cbfeb1824e60000C:\Program Files (x86)\Skype\Phone\Skype.exec0983248-61c1-11e3-bed5-cc1f14ab1055
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 3911.27 MB
Available physical RAM: 2586.49 MB
Total Pagefile: 7879.27 MB
Available Pagefile: 6195.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:446.19 GB) (Free:251.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: E88FEB6F)
Partition: GPT Partition Type
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
