Vielen Dank für deine Antwort!! Hier die entsprechenden Logs..
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 01
Ran by ele (administrator) on ELE-PC on 15-01-2014 20:50:07
Running from C:\Users\ele\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) ===================
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\CoolPic\ExtensionUpdaterService.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Insyde Software Corp.) C:\Program Files\Acer\Android Manager\iSync.exe
(Insyde Software Corp.) C:\Program Files\Acer\Updater\iUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Dropbox, Inc.) C:\Users\ele\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Spotify Ltd) C:\Users\ele\AppData\Roaming\Spotify\spotify.exe
() C:\Users\ele\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
() C:\Users\ele\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\ele\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\ele\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\ele\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Tweaking.com) C:\Users\ele\Desktop\Tweaking.com - Windows Repair\Repair_Windows.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [960080 2010-05-25] (Dritek System Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9292392 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SuiteTray] - C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [EgisUpdate] - C:\Program Files\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM\...\Run: [EgisTecPMMUpdate] - C:\Program Files\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM\...\Run: [mwlDaemon] - C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1692968 2010-02-05] (Synaptics Incorporated)
HKLM\...\Run: [iSyncData] - C:\Program Files\Acer\Android Manager\iSync.exe [407416 2010-01-08] (Insyde Software Corp.)
HKLM\...\Run: [AndroidManager] - C:\Program Files\Acer\Android Manager\AML.exe [508280 2010-01-08] ()
HKLM\...\Run: [iPatchData] - C:\Program Files\Acer\Updater\iUpdate.exe [490872 2010-01-08] (Insyde Software Corp.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [715296 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [PMBVolumeWatcher] - C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2359832 2013-10-29] (Sony Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\ele\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-14] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\ele\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-14] (Spotify Ltd)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files\Acer\Screensaver\run_Acer.exe /default
Startup: C:\Users\ele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE514DE514
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\ele\AppData\Roaming\Mozilla\Firefox\Profiles\dwrpzpr6.default
FF user.js: detected! => C:\Users\ele\AppData\Roaming\Mozilla\Firefox\Profiles\dwrpzpr6.default\user.js
FF NewTab: hxxp://www.dosearches.com/newtab/?utm_source=b&utm_medium=vit&utm_campaign=eXQ&utm_content=nt&from=vit&uid=WDCXWD2500BEVT-22A23T0_WD-WX21A60P9329P9329&ts=1383250214
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-02-18]
FF HKCU\...\Firefox\Extensions: [{81b13b5d-fba1-49fd-9a6b-189483ac548a}] - C:\Program Files\Pass-Widget\134.xpi
FF Extension: PassWidget - C:\Program Files\Pass-Widget\134.xpi [2013-10-31]
========================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-26] (Avira Operations GmbH & Co. KG)
R2 CoolPic Updater; C:\Program Files\CoolPic\ExtensionUpdaterService.exe [185856 2013-10-08] ()
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [735776 2010-06-11] (Acer Incorporated)
R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MWLService; C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-29] (Sony Corporation)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
==================== Drivers (Whitelisted) ====================
R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [57944 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-26] (Avira Operations GmbH & Co. KG)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
S3 EUCR; C:\Windows\System32\DRIVERS\EUCR6SK.SYS [82768 2010-06-17] (ENE Technology Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [18992 2009-06-03] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2009-06-03] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [60976 2009-06-03] (Egis Technology Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-15 20:50 - 2014-01-15 20:52 - 00015236 _____ C:\Users\ele\Desktop\FRST.txt
2014-01-15 20:49 - 2014-01-15 20:49 - 01220608 _____ (Farbar) C:\Users\ele\Desktop\FRST.exe
2014-01-15 10:14 - 2014-01-15 10:14 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ELE-PC-Microsoft-Windows-7-Starter-(32-bit).dat
2014-01-15 00:48 - 2014-01-15 00:48 - 00000000 ____D C:\RegBackup
2014-01-14 22:25 - 2014-01-14 22:27 - 00000000 ____D C:\Users\ele\Desktop\Tweaking.com - Windows Repair
2014-01-14 22:10 - 2014-01-14 22:10 - 00145368 _____ C:\Windows\Minidump\011414-27814-01.dmp
2014-01-14 22:06 - 2014-01-14 22:06 - 00000000 ____D C:\FRST
2014-01-14 22:05 - 2014-01-14 22:05 - 00000000 _____ C:\Users\ele\defogger_reenable
2014-01-08 00:34 - 2014-01-08 00:34 - 00063572 _____ C:\Users\ele\Desktop\OTL.Txt2.txt
2014-01-08 00:25 - 2014-01-08 00:25 - 00042892 _____ C:\Users\ele\Desktop\Extras.Txt
2014-01-08 00:22 - 2014-01-08 00:22 - 00063572 _____ C:\Users\ele\Desktop\OTL.Txt
2014-01-07 11:10 - 2014-01-07 11:10 - 00004788 _____ C:\Users\ele\Desktop\a2scan_140106-234026.txt
2014-01-07 00:13 - 2014-01-07 00:13 - 02903255 _____ C:\Users\ele\Desktop\tweaking.com_windows_repair_aio.zip
2014-01-07 00:12 - 2014-01-07 00:13 - 00602112 _____ (OldTimer Tools) C:\Users\ele\Desktop\OTL.exe
2014-01-06 22:15 - 2014-01-06 22:15 - 00001053 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-06 22:13 - 2014-01-14 22:15 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2014-01-06 22:13 - 2014-01-06 22:13 - 00000000 ____D C:\Users\ele\Documents\Anti-Malware
2014-01-06 22:06 - 2014-01-06 22:09 - 235598880 _____ (Emsisoft GmbH ) C:\Users\ele\Desktop\EmsisoftAntiMalwareSetup.exe
2014-01-06 22:04 - 2014-01-06 22:04 - 00000000 ____D C:\Users\ele\AppData\Roaming\Malwarebytes
2014-01-06 22:04 - 2014-01-06 22:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-06 22:04 - 2014-01-06 22:04 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-06 22:04 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-06 22:03 - 2014-01-06 22:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ele\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-06 21:47 - 2014-01-06 21:47 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-06 10:30 - 2014-01-06 21:45 - 00001981 _____ C:\Users\ele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2014-01-04 18:45 - 2014-01-04 18:48 - 00000000 ____D C:\Windows\A358F2F62500420C989C25C4F22DF51E.TMP
2014-01-04 18:42 - 2014-01-06 22:03 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-01-04 18:42 - 2013-12-20 03:23 - 00000000 ____D C:\Users\ele\Desktop\SpyHunter 4.1.11.0 + Crackk
2014-01-04 18:41 - 2014-01-04 18:41 - 00000000 ____D C:\Users\ele\AppData\Roaming\WinRAR
2014-01-04 18:40 - 2014-01-04 18:40 - 00000000 ____D C:\Users\ele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-04 18:40 - 2014-01-04 18:40 - 00000000 ____D C:\Program Files\WinRAR
2014-01-02 19:35 - 2014-01-04 18:42 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-30 03:06 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-30 03:06 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-30 03:02 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-30 03:02 - 2013-10-25 05:45 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-30 03:02 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-30 03:02 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-30 03:02 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-30 03:02 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-30 02:35 - 2013-12-30 02:35 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-29 20:31 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-26 00:57 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-26 00:57 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-26 00:57 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-26 00:57 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-26 00:57 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-26 00:57 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-26 00:57 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-26 00:57 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-26 00:56 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-26 00:56 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-26 00:47 - 2013-12-26 14:39 - 106980217 _____ C:\Windows\system32\㥭�ᨬ_
==================== One Month Modified Files and Folders =======
2014-01-15 20:52 - 2014-01-15 20:50 - 00015236 _____ C:\Users\ele\Desktop\FRST.txt
2014-01-15 20:49 - 2014-01-15 20:49 - 01220608 _____ (Farbar) C:\Users\ele\Desktop\FRST.exe
2014-01-15 20:47 - 2012-12-12 19:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-15 20:47 - 2012-12-11 17:45 - 01563494 _____ C:\Windows\WindowsUpdate.log
2014-01-15 20:37 - 2012-12-11 23:52 - 00000000 ____D C:\Users\ele\AppData\Roaming\Spotify
2014-01-15 10:21 - 2012-12-11 23:53 - 00000000 ____D C:\Users\ele\AppData\Local\Spotify
2014-01-15 10:14 - 2014-01-15 10:14 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ELE-PC-Microsoft-Windows-7-Starter-(32-bit).dat
2014-01-15 00:48 - 2014-01-15 00:48 - 00000000 ____D C:\RegBackup
2014-01-14 22:28 - 2009-07-14 05:34 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-14 22:28 - 2009-07-14 05:34 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-14 22:27 - 2014-01-14 22:25 - 00000000 ____D C:\Users\ele\Desktop\Tweaking.com - Windows Repair
2014-01-14 22:21 - 2012-12-11 23:58 - 00000000 ____D C:\Users\ele\AppData\Roaming\Dropbox
2014-01-14 22:19 - 2012-12-12 00:02 - 00000000 ___RD C:\Users\ele\Dropbox
2014-01-14 22:15 - 2014-01-06 22:13 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2014-01-14 22:11 - 2013-10-31 21:10 - 00000364 _____ C:\Windows\Tasks\PassWidget Update.job
2014-01-14 22:11 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-14 22:11 - 2009-07-14 05:39 - 00055386 _____ C:\Windows\setupact.log
2014-01-14 22:10 - 2014-01-14 22:10 - 00145368 _____ C:\Windows\Minidump\011414-27814-01.dmp
2014-01-14 22:10 - 2013-02-28 13:47 - 226779512 _____ C:\Windows\MEMORY.DMP
2014-01-14 22:10 - 2013-02-28 13:47 - 00000000 ____D C:\Windows\Minidump
2014-01-14 22:06 - 2014-01-14 22:06 - 00000000 ____D C:\FRST
2014-01-14 22:05 - 2014-01-14 22:05 - 00000000 _____ C:\Users\ele\defogger_reenable
2014-01-14 22:05 - 2012-12-11 20:09 - 00000000 ____D C:\Users\ele
2014-01-08 00:34 - 2014-01-08 00:34 - 00063572 _____ C:\Users\ele\Desktop\OTL.Txt2.txt
2014-01-08 00:25 - 2014-01-08 00:25 - 00042892 _____ C:\Users\ele\Desktop\Extras.Txt
2014-01-08 00:22 - 2014-01-08 00:22 - 00063572 _____ C:\Users\ele\Desktop\OTL.Txt
2014-01-07 11:11 - 2013-10-31 21:10 - 00000000 ____D C:\Program Files\Pass-Widget
2014-01-07 11:10 - 2014-01-07 11:10 - 00004788 _____ C:\Users\ele\Desktop\a2scan_140106-234026.txt
2014-01-07 05:19 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2014-01-07 00:13 - 2014-01-07 00:13 - 02903255 _____ C:\Users\ele\Desktop\tweaking.com_windows_repair_aio.zip
2014-01-07 00:13 - 2014-01-07 00:12 - 00602112 _____ (OldTimer Tools) C:\Users\ele\Desktop\OTL.exe
2014-01-06 23:15 - 2012-12-11 17:42 - 00127844 _____ C:\Windows\PFRO.log
2014-01-06 23:11 - 2013-10-31 21:10 - 00000000 ____D C:\Program Files\CoolPic
2014-01-06 22:15 - 2014-01-06 22:15 - 00001053 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-06 22:13 - 2014-01-06 22:13 - 00000000 ____D C:\Users\ele\Documents\Anti-Malware
2014-01-06 22:09 - 2014-01-06 22:06 - 235598880 _____ (Emsisoft GmbH ) C:\Users\ele\Desktop\EmsisoftAntiMalwareSetup.exe
2014-01-06 22:04 - 2014-01-06 22:04 - 00000000 ____D C:\Users\ele\AppData\Roaming\Malwarebytes
2014-01-06 22:04 - 2014-01-06 22:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-06 22:04 - 2014-01-06 22:04 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-06 22:03 - 2014-01-06 22:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ele\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-06 22:03 - 2014-01-04 18:42 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-01-06 21:47 - 2014-01-06 21:47 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-06 21:45 - 2014-01-06 10:30 - 00001981 _____ C:\Users\ele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2014-01-06 20:59 - 2010-07-01 13:31 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-06 10:27 - 2012-12-11 23:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-04 18:48 - 2014-01-04 18:45 - 00000000 ____D C:\Windows\A358F2F62500420C989C25C4F22DF51E.TMP
2014-01-04 18:42 - 2014-01-02 19:35 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2014-01-04 18:41 - 2014-01-04 18:41 - 00000000 ____D C:\Users\ele\AppData\Roaming\WinRAR
2014-01-04 18:40 - 2014-01-04 18:40 - 00000000 ____D C:\Users\ele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-04 18:40 - 2014-01-04 18:40 - 00000000 ____D C:\Program Files\WinRAR
2013-12-30 03:34 - 2009-07-14 05:33 - 00285496 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-30 03:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-30 02:35 - 2013-12-30 02:35 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-26 14:39 - 2013-12-26 00:47 - 106980217 _____ C:\Windows\system32\㥭�ᨬ_
2013-12-26 14:38 - 2013-05-09 14:15 - 00069240 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-26 14:38 - 2012-12-12 00:49 - 00135648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-26 14:38 - 2012-12-12 00:49 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-26 14:38 - 2012-12-12 00:49 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-26 00:48 - 2012-12-12 19:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-26 00:48 - 2012-12-12 19:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-20 03:23 - 2014-01-04 18:42 - 00000000 ____D C:\Users\ele\Desktop\SpyHunter 4.1.11.0 + Crackk
Some content of TEMP:
====================
C:\Users\ele\AppData\Local\Temp\227400-659614-picture-motion-browser.exe
C:\Users\ele\AppData\Local\Temp\avgnt.exe
C:\Users\ele\AppData\Local\Temp\GLFCE19.EXE
C:\Users\ele\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 02:51
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2014 01
Ran by ele at 2014-01-15 20:53:45
Running from C:\Users\ele\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Emsisoft Anti-Malware (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
==================== Installed Programs ======================
7-Zip 9.20 (Version: - )
Acer Crystal Eye webcam (Version: 4.0.2.1 - Liteon)
Acer ePower Management (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (Version: 1.03.3003 - Acer Incorporated)
Acer Updater (Version: 1.02.3001 - Acer Incorporated)
Acer VCM (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05 - Adobe Systems Incorporated)
Amazonia (Version: - Oberon Media)
AndroidInstaller (Version: 1.00.022 - Ihr Firmenname) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.31 - Atheros Communications Inc.)
Avira Free Antivirus (Version: 14.0.2.286 - Avira)
Cake Mania (Version: - Oberon Media)
CoolPic 2.0.0.429 (Version: 2.0.0.429 - Bitcoktail)
Dream Day First Home (Version: - Oberon Media)
Dropbox (Version: 2.0.22 - Dropbox, Inc.)
Emsisoft Anti-Malware (Version: 8.1 - Emsisoft GmbH)
ENE USB Card Reader Driver (Version: 5.89.0.70 - ENE)
eSobi v2 (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
f4 3.1.0 (Version: 3.1.0 - MAXqda)
Farm Frenzy 2 (Version: - Oberon Media)
Galapago (Version: - Oberon Media)
Heroes of Hellas (Version: - Oberon Media)
Identity Card (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Graphics Media Accelerator Driver (Version: 8.14.10.2117 - Intel Corporation)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
Java 7 Update 9 (Version: 7.0.90 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (Version: 4.0.10 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Merriam Websters Spell Jam (Version: - Oberon Media)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (Version: 17.0.8 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MyWinLocker (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
OpenOffice.org 3.4.1 (Version: 3.41.9593 - Apache Software Foundation)
PassWidget (Version: - PassWidget Software)
PDF Architect (Version: 1.0.52.8917 - pdfforge)
PDFCreator (Version: 1.6.2 - pdfforge)
PlayMemories Home (Version: 8.0.10.10290 - Sony Corporation)
Poker Pop (Version: - Oberon Media)
Realtek High Definition Audio Driver (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
SOHLib for PlayMemories Home (Version: 1.0.0.09130 - Sony Corporation) Hidden
Spin & Win (Version: - Oberon Media)
Spotify (Version: 0.9.7.16.g4b197456 - Spotify AB)
Synaptics Pointing Device Driver (Version: 15.0.7.0 - Synaptics Incorporated)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
VLC media player 2.0.4 (Version: 2.0.4 - VideoLAN)
Welcome Center (Version: 1.02.3002 - Acer Incorporated)
Windows Live Anmelde-Assistent (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (Version: 5.01.0 - win.rar GmbH)
Wise Registry Cleaner 7.71 (Version: 7.71 - WiseCleaner.com, Inc.)
Wsys Control 10.2.1.2652 (Version: 10.2.1.2652 - Wsys Co., Ltd.) <==== ATTENTION
==================== Restore Points =========================
05-11-2013 10:38:31 eBay Worldwide wird entfernt
15-11-2013 11:40:11 Windows Update
18-11-2013 21:17:29 Windows Modules Installer
25-11-2013 19:54:42 Windows Update
25-12-2013 23:51:37 Windows Update
29-12-2013 19:24:29 Windows Update
30-12-2013 02:00:44 Windows Update
02-01-2014 18:05:26 Windows Update
02-01-2014 18:36:06 Installed SpyHunter
04-01-2014 17:42:51 Installed SpyHunter
04-01-2014 17:59:38 Installed SpyHunter
04-01-2014 18:04:17 Installed SpyHunter
06-01-2014 19:56:27 Removed SpyHunter
06-01-2014 20:25:47 Removed SpyHunter
06-01-2014 20:27:19 Removed SpyHunter
06-01-2014 20:46:39 Installed SpyHunter
06-01-2014 20:59:20 Removed SpyHunter
07-01-2014 05:51:38 Windows Update
13-01-2014 20:55:18 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {2204F2E1-B1D4-4F8B-A15D-1DBD6497BCC9} - System32\Tasks\PassWidget Update => C:\Program Files\Pass-Widget\PassWidget_.exe
Task: {2D6DC5C1-B12D-413A-855E-D6DDA0094FBF} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-09-12] (Sony Corporation)
Task: {5066D60F-A6FC-44AF-BE70-19B4473B7515} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-26] (Adobe Systems Incorporated)
Task: {BE683D90-7346-4385-A5E3-99B6D166B745} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PassWidget Update.job => C:\Program Files\Pass-Widget\PassWidget_.exe
==================== Loaded Modules (whitelisted) =============
2010-07-01 14:14 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files\Launch Manager\CdDirIo.dll
2010-04-06 08:55 - 2010-04-06 08:55 - 00410624 _____ () C:\Program Files\Acer\Android Manager\DEU.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\ele\AppData\Roaming\Dropbox\bin\libcef.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2012-12-11 23:53 - 2014-01-14 22:19 - 36967424 _____ () C:\Users\ele\AppData\Roaming\Spotify\Data\libcef.dll
2013-10-09 17:02 - 2014-01-14 22:19 - 00887808 _____ () C:\Users\ele\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-09 17:02 - 2014-01-14 22:19 - 00109568 _____ () C:\Users\ele\AppData\Roaming\Spotify\Data\libegl.dll
2013-09-12 01:52 - 2013-09-12 01:52 - 02244504 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2013-09-12 01:52 - 2013-09-12 01:52 - 00158104 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2013-09-12 01:52 - 2013-09-12 01:52 - 00022424 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-12-30 02:35 - 2013-12-30 02:35 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-26 00:48 - 2013-12-26 00:48 - 16242056 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:E3C56885
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/14/2014 10:21:12 PM) (Source: MsiInstaller) (User: ele-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011006}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (01/14/2014 10:19:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SpfService.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684be0
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005d032
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xSpfService.exe0
Pfad der fehlerhaften Anwendung: SpfService.exe1
Pfad des fehlerhaften Moduls: SpfService.exe2
Berichtskennung: SpfService.exe3
Error: (01/07/2014 05:17:03 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (01/04/2014 05:34:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PmmUpdate.exe, Version: 1.1.34.0, Zeitstempel: 0x4b97a6a2
Name des fehlerhaften Moduls: netprofm.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bda75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002505
ID des fehlerhaften Prozesses: 0xee8
Startzeit der fehlerhaften Anwendung: 0xPmmUpdate.exe0
Pfad der fehlerhaften Anwendung: PmmUpdate.exe1
Pfad des fehlerhaften Moduls: PmmUpdate.exe2
Berichtskennung: PmmUpdate.exe3
Error: (01/02/2014 09:34:17 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1d20
Startzeit: 01cf07ebc3ee0bd7
Endzeit: 3295
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 2555180c-73ed-11e3-ac3e-88ae1d6c7d8d
Error: (11/26/2013 10:02:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: lollipop_11262046.exe, Version: 0.0.0.0, Zeitstempel: 0x4cf94c7e
Name des fehlerhaften Moduls: lollipop_11262046.exe, Version: 0.0.0.0, Zeitstempel: 0x4cf94c7e
Ausnahmecode: 0x40000015
Fehleroffset: 0x000053e0
ID des fehlerhaften Prozesses: 0x1aa0
Startzeit der fehlerhaften Anwendung: 0xlollipop_11262046.exe0
Pfad der fehlerhaften Anwendung: lollipop_11262046.exe1
Pfad des fehlerhaften Moduls: lollipop_11262046.exe2
Berichtskennung: lollipop_11262046.exe3
Error: (11/26/2013 00:25:34 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SpfService.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684be0
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c3873
ID des fehlerhaften Prozesses: 0x2cc
Startzeit der fehlerhaften Anwendung: 0xSpfService.exe0
Pfad der fehlerhaften Anwendung: SpfService.exe1
Pfad des fehlerhaften Moduls: SpfService.exe2
Berichtskennung: SpfService.exe3
Error: (11/18/2013 10:13:56 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (11/12/2013 11:50:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Adobe_Updater.exe, Version: 6.2.0.1474, Zeitstempel: 0x49661cac
Name des fehlerhaften Moduls: netprofm.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4a5bda75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72012505
ID des fehlerhaften Prozesses: 0x1d90
Startzeit der fehlerhaften Anwendung: 0xAdobe_Updater.exe0
Pfad der fehlerhaften Anwendung: Adobe_Updater.exe1
Pfad des fehlerhaften Moduls: Adobe_Updater.exe2
Berichtskennung: Adobe_Updater.exe3
Error: (11/07/2013 06:28:55 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: AUSNAHMEFEHLER beim Aufruf der Funktion IThread(ProtocolSrvConThread)::run() für die Datei
unknown
[ACCESS_VIOLATION Exception!! EIP = 0x62298fdc]
Bitte Avira informieren und die obige Datei übersenden!
System errors:
=============
Error: (01/15/2014 07:37:31 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
Error: (01/15/2014 10:21:06 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioEndpointBuilder erreicht.
Error: (01/15/2014 10:19:50 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
Error: (01/15/2014 10:08:24 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (01/15/2014 10:07:27 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
Error: (01/14/2014 10:20:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/14/2014 10:19:53 PM) (Source: DCOM) (User: )
Description: {A13E129C-F190-4B14-9AD5-A6C09004E43E}
Error: (01/14/2014 10:19:23 PM) (Source: Service Control Manager) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/14/2014 10:11:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (01/14/2014 10:11:20 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 14.01.2014 um 22:08:50 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (01/14/2014 10:21:12 PM) (Source: MsiInstaller)(User: ele-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011006}1625(NULL)(NULL)(NULL)
Error: (01/14/2014 10:19:03 PM) (Source: Application Error)(User: )
Description: SpfService.exe1.3.0.90904e684be0ntdll.dll6.1.7601.18247521ea91cc00000050005d03272401cf116e2497d6e2C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exeC:\Windows\SYSTEM32\ntdll.dll7db4de8b-7d61-11e3-a9b9-46ac4c2fc046
Error: (01/07/2014 05:17:03 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (01/04/2014 05:34:13 PM) (Source: Application Error)(User: )
Description: PmmUpdate.exe1.1.34.04b97a6a2netprofm.dll6.1.7600.163854a5bda75c000000500002505ee801cf0507f7dd2127C:\Program Files\EgisTec IPS\PmmUpdate.exeC:\Windows\System32\netprofm.dll0b40090a-755e-11e3-ac3e-88ae1d6c7d8d
Error: (01/02/2014 09:34:17 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.50871d2001cf07ebc3ee0bd73295C:\Program Files\Mozilla Firefox\firefox.exe2555180c-73ed-11e3-ac3e-88ae1d6c7d8d
Error: (11/26/2013 10:02:26 PM) (Source: Application Error)(User: )
Description: lollipop_11262046.exe0.0.0.04cf94c7elollipop_11262046.exe0.0.0.04cf94c7e40000015000053e01aa001ceeae89675d82aC:\Users\ele\AppData\Local\Lollipop\lollipop_11262046.exeC:\Users\ele\AppData\Local\Lollipop\lollipop_11262046.exe0cd192d1-56de-11e3-abe5-88ae1d6c7d8d
Error: (11/26/2013 00:25:34 PM) (Source: Application Error)(User: )
Description: SpfService.exe1.3.0.90904e684be0ntdll.dll6.1.7601.18247521ea91cc0000374000c38732cc01cee4a55cab842aC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exeC:\Windows\SYSTEM32\ntdll.dll76cc71df-568d-11e3-abe5-88ae1d6c7d8d
Error: (11/18/2013 10:13:56 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (11/12/2013 11:50:14 PM) (Source: Application Error)(User: )
Description: Adobe_Updater.exe6.2.0.147449661cacnetprofm.dll_unloaded0.0.0.04a5bda75c0000005720125051d9001cedbdf0756dba2C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exenetprofm.dllca3c7885-4bec-11e3-aacb-88ae1d6c7d8d
Error: (11/07/2013 06:28:55 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: unknownACCESS_VIOLATION0x62298fdcIThread(ProtocolSrvConThread)::run()
CodeIntegrity Errors:
===================================
Date: 2013-03-13 10:31:41.925
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\Acer\Acer ePower Management\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-13 10:31:41.558
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\Acer\Acer ePower Management\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-13 10:08:43.187
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\Acer\Acer ePower Management\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-13 10:08:42.573
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\Acer\Acer ePower Management\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 92%
Total physical RAM: 1013.1 MB
Available physical RAM: 78.05 MB
Total Pagefile: 2655.88 MB
Available Pagefile: 319.24 MB
Total Virtual: 2047.88 MB
Available Virtual: 1923.44 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:215.79 GB) (Free:107.22 GB) NTFS
Drive d: () (Fixed) (Total:4 GB) (Free:2.66 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: F76B5194)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Not Active) - (Size=4 GB) - (Type=0C)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=216 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
