| dermister | 05.02.2014 22:19 |
wow, das geht ja schnell hier, nice.
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by fabian(administrator) on FABIAN-PC on 05-02-2014 17:47:48
Running from C:\Users\fabian\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
() C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(MySQL, Inc.) C:\ProgramData\8CIOQVez.exe
(Formosa Soft Inc. www.formosasoft.com) C:\Users\fabian\AppData\Local\gcltyjkvumwd.exe
(Dropbox, Inc.) C:\Users\fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2776872 2011-08-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10357008 2011-10-18] (Intel Corporation)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [1208320 2010-12-17] ()
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [305088 2011-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\Run: [Google Update] - C:\Users\fabian\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-04-10] (Google Inc.)
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\Run: [MusicManager] - C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7380992 2013-11-12] (Google Inc.)
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung)
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\Run: [8CIOQVez] - C:\ProgramData\8CIOQVez.exe [428032 2014-02-05] (MySQL, Inc.)
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\Run: [cdrhvqs] - C:\Users\fabian\AppData\Local\gcltyjkvumwd.exe [189952 2014-02-05] (Formosa Soft Inc. www.formosasoft.com)
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\MountPoints2: D - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\MountPoints2: {42f18b84-19e8-11e3-8693-d7546356d475} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-454197360-789761907-2218566396-1000\...\MountPoints2: {42f18b8d-19e8-11e3-8693-d7546356d475} - D:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\Users\fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\fabian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
URLSearchHook: HKCU - (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF ProfilePath: C:\Users\fabian\AppData\Roaming\Mozilla\Firefox\Profiles\wrxm4sch.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @FortinetCacheClean - C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll (Fortinet Inc.)
FF Plugin-x32: @FortinetTunnelControl - C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll (Fortinet Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @FortinetCacheClean - C:\Users\fabian\AppData\Roaming\Fortinet\SslvpnClient\npccplugin.dll (Fortinet Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\fabian\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\fabian\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Save now - C:\Users\fabian\AppData\Roaming\Mozilla\Firefox\Profiles\wrxm4sch.default\Extensions\507bdb1404926@507bdb140495f.com.xpi [2012-10-15]
FF Extension: Adblock Plus - C:\Users\fabian\AppData\Roaming\Mozilla\Firefox\Profiles\wrxm4sch.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-24]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-02-05]
Chrome:
=======
CHR HomePage:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-15]
CHR Extension: (YouTube) - C:\Users\fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15]
CHR Extension: (Google-Suche) - C:\Users\fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15]
CHR Extension: (AdBlock) - C:\Users\fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-11-15]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-12-24]
CHR Extension: (Google Wallet) - C:\Users\fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15]
CHR HKCU\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\fabian\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2012-07-15]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-24]
CHR HKLM-x32\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\fabian\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2012-07-15]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FortiSslvpnDaemon; C:\windows\SysWOW64\FortiSSLVPNdaemon.exe [954080 2013-09-19] (Fortinet Inc.)
R2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-12-17] ()
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [184320 2011-07-06] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-15] (Intel Corporation)
R3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Inc.)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SBIOSIO; \??\C:\Users\fabian\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-05 17:47 - 2014-02-05 17:48 - 00025837 _____ () C:\Users\fabian\Desktop\FRST.txt
2014-02-05 17:47 - 2014-02-05 17:47 - 00000000 ___SH () C:\DkHyperbootSync
2014-02-05 17:47 - 2014-02-05 17:47 - 00000000 ____D () C:\FRST
2014-02-05 17:46 - 2014-02-05 17:46 - 02080256 _____ (Farbar) C:\Users\fabian\Desktop\FRST64.exe
2014-02-05 16:37 - 2014-02-05 16:37 - 00189952 _____ (Formosa Soft Inc. www.formosasoft.com) C:\Users\fabian\AppData\Local\gcltyjkvumwd.exe
2014-02-05 16:35 - 2014-02-05 16:35 - 00428032 ____H (MySQL, Inc.) C:\ProgramData\8CIOQVez.exe
2014-02-03 16:10 - 2014-02-03 16:10 - 00005459 _____ () C:\Users\fabian\Downloads\New.Girl.S03E14.HDTV.x264-LOL.[eztv].torrent
2014-01-31 16:53 - 2014-01-31 16:53 - 00008089 _____ () C:\Users\fabian\Downloads\Two.and.a.Half.Men.S11E13.HDTV.x264-LOL.[eztv].torrent
2014-01-31 16:52 - 2014-01-31 16:52 - 00006190 _____ () C:\Users\fabian\Downloads\The.Big.Bang.Theory.S07E14.HDTV.x264-LOL.[eztv].torrent
2014-01-31 16:52 - 2014-01-31 16:52 - 00006190 _____ () C:\Users\fabian\Downloads\The.Big.Bang.Theory.S07E14.HDTV.x264-LOL.[eztv] (1).torrent
2014-01-29 11:32 - 2014-01-29 11:32 - 00015464 _____ () C:\Users\fabian\Downloads\Spanisch Zamfassa Endklausur (1).xlsx
2014-01-28 18:24 - 2014-01-28 18:24 - 00268056 _____ () C:\windows\Minidump\012814-26972-01.dmp
2014-01-28 16:25 - 2014-01-28 16:25 - 00015464 _____ () C:\Users\fabian\Downloads\Spanisch Zamfassa Endklausur.xlsx
2014-01-28 16:25 - 2014-01-28 16:25 - 00000165 ____H () C:\Users\fabian\Downloads\~$Spanisch Zamfassa Endklausur.xlsx
2014-01-20 20:27 - 2014-01-20 20:27 - 00266824 _____ () C:\windows\Minidump\012014-17440-01.dmp
2014-01-17 13:59 - 2014-01-17 13:59 - 00021331 _____ () C:\Users\fabian\Downloads\C7C4A3B9DECD4EF5A462099CE121AB799F78AAF5.torrent
2014-01-16 19:42 - 2014-01-16 19:42 - 00033423 _____ () C:\Users\fabian\Downloads\Orange.Is.The.New.Black.S01E02.720p.WEBRip.AAC2.0.H.264-Abjex.[eztv].torrent
2014-01-16 19:41 - 2014-01-16 19:41 - 00031103 _____ () C:\Users\fabian\Downloads\Orange.Is.The.New.Black.S01E01.720p.WEBRip.AAC2.0.H.264-Abjex.[eztv] (1).torrent
2014-01-15 19:08 - 2014-01-15 19:08 - 00031103 _____ () C:\Users\fabian\Downloads\Orange.Is.The.New.Black.S01E01.720p.WEBRip.AAC2.0.H.264-Abjex.[eztv].torrent
2014-01-15 17:15 - 2014-01-15 17:15 - 00000000 ____D () C:\Users\fabian\AppData\Local\{7BD4AA42-A7E0-4C3B-8643-2917AD633514}
2014-01-15 12:04 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 12:04 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 12:04 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 12:04 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 12:04 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 12:04 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 12:04 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 12:04 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 12:04 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-13 10:28 - 2014-01-13 10:28 - 00446736 _____ () C:\Users\fabian\Downloads\Episodes_S03E01_Episode_one_HDTV_XViD-DOT[ettv]_mp4.exe
2014-01-10 15:14 - 2014-01-10 15:14 - 00007372 _____ () C:\Users\fabian\Downloads\Two.and.a.Half.Men.S11E12.HDTV.x264-LOL.[eztv].torrent
2014-01-10 15:14 - 2014-01-10 15:14 - 00006853 _____ () C:\Users\fabian\Downloads\The.Big.Bang.Theory.S07E13.HDTV.x264-LOL.[eztv].torrent
2014-01-09 11:06 - 2014-01-09 11:06 - 00049525 _____ () C:\Users\fabian\Downloads\Modern.Family.S05E11.720p.HDTV.x264-REMARKABLE[rarbg].torrent
2014-01-09 11:05 - 2014-01-09 11:05 - 00003821 _____ () C:\Users\fabian\Downloads\2A6A9CB70D6B59DE77C08F01779D58FE179C431E.torrent
==================== One Month Modified Files and Folders =======
2014-02-05 17:48 - 2014-02-05 17:47 - 00025837 _____ () C:\Users\fabian\Desktop\FRST.txt
2014-02-05 17:47 - 2014-02-05 17:47 - 00000000 ___SH () C:\DkHyperbootSync
2014-02-05 17:47 - 2014-02-05 17:47 - 00000000 ____D () C:\FRST
2014-02-05 17:47 - 2013-04-10 12:40 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-454197360-789761907-2218566396-1000UA.job
2014-02-05 17:47 - 2011-12-28 01:06 - 01936115 _____ () C:\windows\WindowsUpdate.log
2014-02-05 17:46 - 2014-02-05 17:46 - 02080256 _____ (Farbar) C:\Users\fabian\Desktop\FRST64.exe
2014-02-05 17:38 - 2013-07-15 10:43 - 00550400 ___SH () C:\Users\fabian\Desktop\Thumbs.db
2014-02-05 17:36 - 2013-02-26 15:50 - 00000000 ____D () C:\Users\fabian\AppData\Roaming\Dropbox
2014-02-05 17:08 - 2009-07-14 05:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-05 17:08 - 2009-07-14 05:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-05 17:03 - 2013-02-26 15:53 - 00000000 ___RD () C:\Users\fabian\Dropbox
2014-02-05 17:03 - 2011-11-20 06:47 - 00654400 _____ () C:\windows\system32\perfh007.dat
2014-02-05 17:03 - 2011-11-20 06:47 - 00130240 _____ () C:\windows\system32\perfc007.dat
2014-02-05 17:03 - 2009-07-14 06:13 - 01498742 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-05 16:59 - 2012-11-15 14:15 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-05 16:59 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-05 16:59 - 2009-07-14 05:51 - 00148074 _____ () C:\windows\setupact.log
2014-02-05 16:52 - 2012-11-15 14:15 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 16:49 - 2012-07-24 18:06 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 16:37 - 2014-02-05 16:37 - 00189952 _____ (Formosa Soft Inc. www.formosasoft.com) C:\Users\fabian\AppData\Local\gcltyjkvumwd.exe
2014-02-05 16:35 - 2014-02-05 16:35 - 00428032 ____H (MySQL, Inc.) C:\ProgramData\8CIOQVez.exe
2014-02-04 23:25 - 2012-07-24 18:32 - 00000000 ____D () C:\Users\fabian\AppData\Roaming\BitTorrent
2014-02-04 22:50 - 2012-07-30 19:14 - 00000000 ____D () C:\Users\fabian\Desktop\filme&serien
2014-02-03 22:01 - 2012-07-30 20:55 - 00000000 ____D () C:\Users\fabian\AppData\Roaming\vlc
2014-02-03 16:10 - 2014-02-03 16:10 - 00005459 _____ () C:\Users\fabian\Downloads\New.Girl.S03E14.HDTV.x264-LOL.[eztv].torrent
2014-02-03 15:47 - 2013-04-10 12:40 - 00001072 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-454197360-789761907-2218566396-1000Core.job
2014-02-03 14:29 - 2012-07-24 13:20 - 00000000 ____D () C:\Users\fabian\Desktop\Dokumente
2014-01-31 16:53 - 2014-01-31 16:53 - 00008089 _____ () C:\Users\fabian\Downloads\Two.and.a.Half.Men.S11E13.HDTV.x264-LOL.[eztv].torrent
2014-01-31 16:52 - 2014-01-31 16:52 - 00006190 _____ () C:\Users\fabian\Downloads\The.Big.Bang.Theory.S07E14.HDTV.x264-LOL.[eztv].torrent
2014-01-31 16:52 - 2014-01-31 16:52 - 00006190 _____ () C:\Users\fabian\Downloads\The.Big.Bang.Theory.S07E14.HDTV.x264-LOL.[eztv] (1).torrent
2014-01-29 11:32 - 2014-01-29 11:32 - 00015464 _____ () C:\Users\fabian\Downloads\Spanisch Zamfassa Endklausur (1).xlsx
2014-01-29 11:32 - 2012-10-03 19:28 - 00000000 ____D () C:\Users\fabian\Desktop\fh bfi
2014-01-29 11:31 - 2012-07-24 13:20 - 00000000 ____D () C:\Users\fabian\Desktop\SDL
2014-01-28 18:24 - 2014-01-28 18:24 - 00268056 _____ () C:\windows\Minidump\012814-26972-01.dmp
2014-01-28 18:24 - 2013-11-01 20:58 - 00000000 ____D () C:\windows\Minidump
2014-01-28 18:24 - 2013-11-01 20:57 - 1507973493 _____ () C:\windows\MEMORY.DMP
2014-01-28 16:25 - 2014-01-28 16:25 - 00015464 _____ () C:\Users\fabian\Downloads\Spanisch Zamfassa Endklausur.xlsx
2014-01-28 16:25 - 2014-01-28 16:25 - 00000165 ____H () C:\Users\fabian\Downloads\~$Spanisch Zamfassa Endklausur.xlsx
2014-01-20 20:27 - 2014-01-20 20:27 - 00266824 _____ () C:\windows\Minidump\012014-17440-01.dmp
2014-01-17 13:59 - 2014-01-17 13:59 - 00021331 _____ () C:\Users\fabian\Downloads\C7C4A3B9DECD4EF5A462099CE121AB799F78AAF5.torrent
2014-01-16 19:42 - 2014-01-16 19:42 - 00033423 _____ () C:\Users\fabian\Downloads\Orange.Is.The.New.Black.S01E02.720p.WEBRip.AAC2.0.H.264-Abjex.[eztv].torrent
2014-01-16 19:41 - 2014-01-16 19:41 - 00031103 _____ () C:\Users\fabian\Downloads\Orange.Is.The.New.Black.S01E01.720p.WEBRip.AAC2.0.H.264-Abjex.[eztv] (1).torrent
2014-01-16 16:40 - 2013-07-31 10:44 - 00637952 ___SH () C:\Users\fabian\Downloads\Thumbs.db
2014-01-15 19:08 - 2014-01-15 19:08 - 00031103 _____ () C:\Users\fabian\Downloads\Orange.Is.The.New.Black.S01E01.720p.WEBRip.AAC2.0.H.264-Abjex.[eztv].torrent
2014-01-15 19:08 - 2012-07-30 20:37 - 00000000 ____D () C:\Users\fabian\Desktop\fotos
2014-01-15 17:15 - 2014-01-15 17:15 - 00000000 ____D () C:\Users\fabian\AppData\Local\{7BD4AA42-A7E0-4C3B-8643-2917AD633514}
2014-01-15 16:35 - 2009-07-14 05:45 - 00409216 _____ () C:\windows\system32\FNTCACHE.DAT
2014-01-15 13:16 - 2012-07-24 18:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 13:15 - 2013-08-19 11:34 - 00000000 ____D () C:\windows\system32\MRT
2014-01-15 13:11 - 2012-09-06 12:48 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-13 10:28 - 2014-01-13 10:28 - 00446736 _____ () C:\Users\fabian\Downloads\Episodes_S03E01_Episode_one_HDTV_XViD-DOT[ettv]_mp4.exe
2014-01-10 15:14 - 2014-01-10 15:14 - 00007372 _____ () C:\Users\fabian\Downloads\Two.and.a.Half.Men.S11E12.HDTV.x264-LOL.[eztv].torrent
2014-01-10 15:14 - 2014-01-10 15:14 - 00006853 _____ () C:\Users\fabian\Downloads\The.Big.Bang.Theory.S07E13.HDTV.x264-LOL.[eztv].torrent
2014-01-09 11:06 - 2014-01-09 11:06 - 00049525 _____ () C:\Users\fabian\Downloads\Modern.Family.S05E11.720p.HDTV.x264-REMARKABLE[rarbg].torrent
2014-01-09 11:05 - 2014-01-09 11:05 - 00003821 _____ () C:\Users\fabian\Downloads\2A6A9CB70D6B59DE77C08F01779D58FE179C431E.torrent
2014-01-09 08:49 - 2013-02-26 15:53 - 00001021 _____ () C:\Users\fabian\Desktop\Dropbox.lnk
2014-01-09 08:49 - 2013-02-26 15:51 - 00000000 ____D () C:\Users\fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-09 08:49 - 2012-07-24 17:55 - 00000000 ___RD () C:\Users\fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Files to move or delete:
====================
C:\ProgramData\8CIOQVez.exe
Some content of TEMP:
====================
C:\Users\fabian\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-31 19:45
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by fabian at 2014-02-05 17:48:50
Running from C:\Users\fabian\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Absolute Reminder (x32 Version: 2.0.0.17 - Absolute Software)
Accelerometer (x32 Version: 1.06.08.53 - STMicroelectronics)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Arena 12.0 (CPR 9) (x32 Version: 12.00.00 - Rockwell Automation, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0 - Asmedia Technology)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BitTorrent (x32 Version: 7.6.1 - BitTorrent Inc.)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Citrix Online Plug-in - Web (x32 Version: 12.1.44.1 - Citrix Systems, Inc.)
Citrix Online Plug-in (DV) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix Online Plug-in (HDX) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix Online Plug-in (USB) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix Online Plug-in (Web) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
CyberLink YouCam (x32 Version: 3.1.4417 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.4417 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Easy File Share (x32 Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (x32 Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (x32 Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Support Center (Version: 1.2.32 - Samsung Electronics CO., LTD.)
E-POP (x32 Version: 1.0.1 - Samsung)
ETDWare PS/2-X64 10.0.7.3_WHQL (Version: 10.0.7.3 - ELAN Microelectronic Corp.)
ExpressCache (Version: 1.0.86 - Diskeeper Corporation)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fast Flash Sleep Resume (x32 Version: 1.0.11 - Samsung) Hidden
FortiClient SSLVPN CacheCleaner for FireFox3 v4.0.2294 (x32 Version: 4.0.2294 - Fortinet Inc.)
FortiClient SSLVPN v4.0.2294 (x32 Version: 4.0.2294 - Fortinet Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Alarm (HKCU Version: - )
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.22.0 (x32 Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.2.1.0608 - Intel Corporation)
Intel(R) Rapid Start Technology (x32 Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.5.1001 - Intel Corporation)
Intel(R) WiDi (x32 Version: 2.2.14.0 - Intel Corporation)
Intel(R) Wireless Display (Version: - )
Intel® PROSet/Wireless WiFi-Software (Version: 15.03.1000.1637 - Intel Corporation)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 23.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia POP (x32 Version: 1.1 - )
Music Manager (HKCU Version: - Google, Inc.)
PDF Architect (x32 Version: 1.0.52.8917 - pdfforge)
PDFCreator (x32 Version: 1.6.2 - pdfforge)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PS3 Media Server (x32 Version: 1.82.0 - PS3 Media Server)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 5 (x32 Version: 5.6.0.2 - Samsung Electronics CO., LTD.)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
Ski Challenge 13 (CH) (HKCU Version: - )
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
Software Launcher (x32 Version: 1.0.2 - Samsung)
SopCast 3.5.0 (x32 Version: 3.5.0 - www.sopcast.com)
SW Update (x32 Version: 2.1.21 - Samsung Electronics CO., LTD.)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
User Guide (x32 Version: 1.1 - )
VLC media player 2.0.3 (x32 Version: 2.0.3 - VideoLAN)
WildTangent Games (x32 Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 메일 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
24-01-2014 20:45:55 Windows Update
28-01-2014 12:53:39 Windows Update
31-01-2014 13:24:49 Windows Update
04-02-2014 16:58:22 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0700957C-D252-4987-BC9B-6FA562151680} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {13F7F9F2-0699-491C-970D-591176B4F83D} - System32\Tasks\Absolute Reminder => C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe [2011-07-12] (Absolute Software)
Task: {36C243A8-6C7D-42CE-827D-088DCC70EADF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-454197360-789761907-2218566396-1000Core => C:\Users\fabian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-10] (Google Inc.)
Task: {3D105AA7-8AAE-41F1-8792-7A2B7631FCE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.)
Task: {3DDC7709-41FE-4131-A67A-FF09C232D307} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {4B598B96-A021-444F-87AD-4F0F2224A414} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.)
Task: {4E5F53C9-20A9-4EB9-82FF-7BFCBC8DFE93} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {4EC922BF-5D27-4127-9367-3E7591248FA6} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC)
Task: {638F447F-286C-4E33-A467-0A5D1D617865} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: {A61A2DA4-972D-4F0A-8D34-3887D4F49F60} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-02] (Samsung Electronics Co., Ltd.)
Task: {A933B1F2-3DFE-401B-ADB1-AA21B3D87ABD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-454197360-789761907-2218566396-1000UA => C:\Users\fabian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-10] (Google Inc.)
Task: {B36EFC08-6148-4A52-9B0B-642265970E12} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {B3800898-1E19-4971-822C-ABDEC97634AE} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-12-06] (Samsung Electronics CO., LTD.)
Task: {C30D71B5-964F-4364-B44B-F4C8367A3460} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {D1B09894-BE4B-48CE-9C48-490558CD98C0} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {D1B725C3-D9C8-4AA4-AF89-BAF1C801017E} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2011-12-17] (Samsung)
Task: {DE915C59-89AB-40CB-AF42-20BFAC580F0C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {E9BAEDD1-1DD5-446D-960C-A97414C21C33} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-454197360-789761907-2218566396-1000Core.job => C:\Users\fabian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-454197360-789761907-2218566396-1000UA.job => C:\Users\fabian\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-12-02 03:27 - 2011-07-26 06:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-12 13:28 - 2013-08-12 11:43 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-02-27 20:33 - 2013-02-27 20:33 - 10683392 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-02-27 20:32 - 2013-02-27 20:32 - 07741952 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-02-27 20:32 - 2013-02-27 20:32 - 02248192 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-02-27 20:33 - 2013-02-27 20:33 - 01681408 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2013-11-12 02:03 - 2013-11-12 02:03 - 00117248 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2013-11-12 02:04 - 2013-11-12 02:04 - 00231936 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2013-11-12 02:03 - 2013-11-12 02:03 - 00253440 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2013-11-12 02:05 - 2013-11-12 02:05 - 00344064 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-02-27 20:33 - 2013-02-27 20:33 - 00026624 _____ () C:\Users\fabian\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\fabian\AppData\Roaming\Dropbox\bin\libcef.dll
2012-10-10 15:24 - 2006-08-12 11:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2013-10-22 15:20 - 2011-09-08 18:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2014-02-04 18:06 - 2014-02-02 00:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-04 18:06 - 2014-02-02 00:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-04 18:06 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 18:06 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 18:06 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-04 18:06 - 2014-02-02 00:42 - 13616456 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\fabian\Downloads\[LOGT-L2] Modul_Privatrecht_Noteneingabeliste_WS2013_Becker_20130805.xlsx (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\fabian\Downloads\[LOGT-L2] Modul_Privatrecht_Noteneingabeliste_WS2013_Becker_20130805.xlsx.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2014 05:00:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MovieColorEnhancer.exe, Version: 1.0.5.7, Zeitstempel: 0x4f9788e7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x85c
Startzeit der fehlerhaften Anwendung: 0xMovieColorEnhancer.exe0
Pfad der fehlerhaften Anwendung: MovieColorEnhancer.exe1
Pfad des fehlerhaften Moduls: MovieColorEnhancer.exe2
Berichtskennung: MovieColorEnhancer.exe3
Error: (02/05/2014 04:59:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ExpressCacheRun64.exe, Version: 1.0.0.2, Zeitstempel: 0x4df608c1
Name des fehlerhaften Moduls: ecapi64.dll, Version: 1.0.46.0, Zeitstempel: 0x4ddeea46
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000001ae7
ID des fehlerhaften Prozesses: 0x704
Startzeit der fehlerhaften Anwendung: 0xExpressCacheRun64.exe0
Pfad der fehlerhaften Anwendung: ExpressCacheRun64.exe1
Pfad des fehlerhaften Moduls: ExpressCacheRun64.exe2
Berichtskennung: ExpressCacheRun64.exe3
Error: (02/05/2014 04:59:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/05/2014 04:07:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MovieColorEnhancer.exe, Version: 1.0.5.7, Zeitstempel: 0x4f9788e7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xe84
Startzeit der fehlerhaften Anwendung: 0xMovieColorEnhancer.exe0
Pfad der fehlerhaften Anwendung: MovieColorEnhancer.exe1
Pfad des fehlerhaften Moduls: MovieColorEnhancer.exe2
Berichtskennung: MovieColorEnhancer.exe3
Error: (02/05/2014 04:06:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ExpressCacheRun64.exe, Version: 1.0.0.2, Zeitstempel: 0x4df608c1
Name des fehlerhaften Moduls: ecapi64.dll, Version: 1.0.46.0, Zeitstempel: 0x4ddeea46
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000001ae7
ID des fehlerhaften Prozesses: 0x5f0
Startzeit der fehlerhaften Anwendung: 0xExpressCacheRun64.exe0
Pfad der fehlerhaften Anwendung: ExpressCacheRun64.exe1
Pfad des fehlerhaften Moduls: ExpressCacheRun64.exe2
Berichtskennung: ExpressCacheRun64.exe3
Error: (02/05/2014 04:06:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 05:50:34 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MovieColorEnhancer.exe, Version: 1.0.5.7, Zeitstempel: 0x4f9788e7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xf40
Startzeit der fehlerhaften Anwendung: 0xMovieColorEnhancer.exe0
Pfad der fehlerhaften Anwendung: MovieColorEnhancer.exe1
Pfad des fehlerhaften Moduls: MovieColorEnhancer.exe2
Berichtskennung: MovieColorEnhancer.exe3
Error: (02/04/2014 05:50:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ExpressCacheRun64.exe, Version: 1.0.0.2, Zeitstempel: 0x4df608c1
Name des fehlerhaften Moduls: ecapi64.dll, Version: 1.0.46.0, Zeitstempel: 0x4ddeea46
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000001ae7
ID des fehlerhaften Prozesses: 0x768
Startzeit der fehlerhaften Anwendung: 0xExpressCacheRun64.exe0
Pfad der fehlerhaften Anwendung: ExpressCacheRun64.exe1
Pfad des fehlerhaften Moduls: ExpressCacheRun64.exe2
Berichtskennung: ExpressCacheRun64.exe3
Error: (02/04/2014 05:50:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/02/2014 11:37:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MovieColorEnhancer.exe, Version: 1.0.5.7, Zeitstempel: 0x4f9788e7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xef8
Startzeit der fehlerhaften Anwendung: 0xMovieColorEnhancer.exe0
Pfad der fehlerhaften Anwendung: MovieColorEnhancer.exe1
Pfad des fehlerhaften Moduls: MovieColorEnhancer.exe2
Berichtskennung: MovieColorEnhancer.exe3
System errors:
=============
Error: (02/05/2014 05:06:44 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{AD2E3BB1-8D6B-41D0-B447-A5097897F657}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/05/2014 05:00:57 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (02/05/2014 04:30:45 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{AD2E3BB1-8D6B-41D0-B447-A5097897F657}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/05/2014 04:18:42 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{AD2E3BB1-8D6B-41D0-B447-A5097897F657}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/05/2014 04:07:41 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (02/04/2014 09:19:18 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{AD2E3BB1-8D6B-41D0-B447-A5097897F657}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2014 07:03:40 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{AD2E3BB1-8D6B-41D0-B447-A5097897F657}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2014 06:09:48 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{AD2E3BB1-8D6B-41D0-B447-A5097897F657}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2014 05:55:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde nicht richtig gestartet.
Error: (02/04/2014 05:51:10 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 81%
Total physical RAM: 3990.23 MB
Available physical RAM: 754.19 MB
Total Pagefile: 7978.65 MB
Available Pagefile: 4093.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:443.98 GB) (Free:64.29 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: CB9885AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=444 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22 GB) - (Type=27)
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=11 GB) - (Type=73)
Partition 2: (Not Active) - (Size=4 GB) - (Type=84)
==================== End Of Log ============================
passt das so, oder habe ich einen fehler gemacht?
avira hat mir jetzt anscheinend dateien in die quarantäne verschoben und mein problem scheint gelöst... |
FRST 32-Bit | FRST 64-Bit