Ok. Hier kommt das erste Logfile Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.02.08.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Julian :: JULIAN-PC [Administrator]
Schutz: Aktiviert
08.02.2014 12:49:32
mbam-log-2014-02-08 (12-49-32).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 267912
Laufzeit: 11 Minute(n), 15 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 2
C:\Users\Julian\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Roaming\OpenCandy\74D039F8314245739D8E0879CAF5BA5D (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 16
C:\Users\Julian\AppData\Local\Temp\nsy8E02.tmp\Aypgtkyfipi.exe (PUP.Optional.TubeSing.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\toolbar14557654.exe (PUP.Optional.RegCleanerPro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\RegClean6.exe (PUP.Optional.RegCleanerPro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml (PUP.Optional.Qone8.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Roaming\OpenCandy\74D039F8314245739D8E0879CAF5BA5D\Setupsft_chr_p1v7.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\fullpackage_temp\Baofeng.exe (PUP.Optional.NationZoom.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\fullpackage_temp\package.zip (PUP.Optional.NationZoom.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\toolbar14554394.exe (PUP.Optional.Kozaka.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\kBRqScWQ.exe.part (PUP.Optional.Installrex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\toolbar15229504.exe (PUP.Optional.InstallMonetizer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\toolbar14577279.exe (PUP.Optional.InstallMonetizer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\uninstall16135136.exe (PUP.Optional.GoForFiles.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\nsy8E02.tmp\WrapperUtils.dll (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\sSd2gBrR.exe.part (PUP.Optional.ChipXonio) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\awh7093.tmp (PUP.Optional.Amonetize) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Julian\AppData\Local\Temp\mqvd96Fn.exe.part (PUP.Optional.4Shared) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Und hier das zweite: Code:
# AdwCleaner v3.018 - Bericht erstellt am 08/02/2014 um 13:41:30
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Julian - JULIAN-PC
# Gestartet von : C:\Users\Julian\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\Julian\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Julian\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Datei Gelöscht : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kzf7u3xv.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\softonic.xml
Datei Gelöscht : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kzf7u3xv.default\searchplugins\softonic.xml
Datei Gelöscht : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\t3uqx1r2.default\searchplugins\softonic.xml
Datei Gelöscht : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js
Datei Gelöscht : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kzf7u3xv.default\user.js
Datei Gelöscht : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\t3uqx1r2.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\anchorfree
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v27.0 (de)
[ Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\prefs.js ]
[ Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kzf7u3xv.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=46cb43f800000000000000ffb650a315");
Zeile gelöscht : user_pref("extensions.Softonic.id", "46cb43f800000000000000ffb650a315");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16012");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=46cb43f800000000000000ffb650a315");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=46cb43f800000000000000ffb650a315&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1421:18:04");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
[ Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\t3uqx1r2.default\prefs.js ]
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\5r2f69kw.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [17690 octets] - [02/11/2013 22:54:11]
AdwCleaner[R1].txt - [1401 octets] - [02/11/2013 23:05:26]
AdwCleaner[R2].txt - [5392 octets] - [08/02/2014 13:36:32]
AdwCleaner[S0].txt - [14402 octets] - [02/11/2013 22:58:21]
AdwCleaner[S1].txt - [1462 octets] - [02/11/2013 23:07:09]
AdwCleaner[S2].txt - [5175 octets] - [08/02/2014 13:41:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [5235 octets] ##########
Der Rest kommt dann nach, wenn das Junkware Removal Tool durchgelaufen ist.
Ok, hier das Log vom JRT: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by Julian on 08.02.2014 at 13:52:06,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] hshld
Successfully deleted: [Service] hshld
Successfully stopped: [Service] hsstrayservice
Successfully deleted: [Service] hsstrayservice
Successfully stopped: [Service] hsswd
Successfully deleted: [Service] hsswd
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\hotspotshield
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\hotspotshield
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FD7A30F2-ED36-4D75-8187-C1FF1DBABAA7}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\Program Files (x86)\hotspot shield"
~~~ FireFox
Emptied folder: C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\kzf7u3xv.default\minidumps [1000 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.02.2014 at 13:59:39,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hier der aktuelle FRST-Log:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Julian (administrator) on JULIAN-PC on 08-02-2014 14:05:23
Running from C:\Users\Julian\Desktop\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dropbox, Inc.) C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-39506974-4226529383-182086440-1000\...\Run: [Facebook Update] - C:\Users\Julian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-13] (Facebook Inc.)
HKU\S-1-5-21-39506974-4226529383-182086440-1000\...\Run: [Spotify Web Helper] - C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-01] (Spotify Ltd)
HKU\S-1-5-21-39506974-4226529383-182086440-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-39506974-4226529383-182086440-1000\...\MountPoints2: {4657fd81-713c-11e2-a57b-b297513c8e81} - E:\Autorun.exe
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDD2CD3A2B6A5CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.bravo.de
hxxp://www.clipfish.de
hxxp://www.musicload.de
hxxp://www.spickmich.de
hxxp://www.schuelervz.net
hxxp://moorhuhn.forumieren.de/
hxxp://www2.einfach-spielen.de/shop/moorhuhn_de/index.php
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {4CCF9AF7-541E-449C-AB6A-84D81FAEBB7D} URL = https://www.pagessyndication.com/google/?q={searchTerms}&lang=Deutsch (Deutschland)
SearchScopes: HKCU - {264C62FA-C9CE-4582-A0AF-5C6DAA1133E4} URL = hxxp://www.musicload.de/search.ml?stext={searchTerms}&ref=osd
SearchScopes: HKCU - {2BAC4BEC-7A99-4538-A91E-5EC1F88550BD} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {4CCF9AF7-541E-449C-AB6A-84D81FAEBB7D} URL = https://www.pagessyndication.com/google/?q={searchTerms}&lang=Deutsch (Deutschland)
SearchScopes: HKCU - {4D6E155C-BEFD-4EEC-8CA1-C4BA3AB56846} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {7FECF7FB-973E-4872-A7B8-A45B7B23FDDB} URL = hxxp://www.kochbar.de/rezept/suche?suchbegriff={searchTerms}
SearchScopes: HKCU - {9DDACD26-C98B-4527-91F3-62B0EDB70FFA} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {afdbefaa-5d3f-42ee-b78c-185a7025515b} URL =
SearchScopes: HKCU - {E5CEA9ED-86F8-4377-8689-6B289A16F5EF} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: WEB.DE Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{15877811-7AEC-47A9-9C2E-CB3684FBC7D4}: [NameServer]8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @powerchallenge.com/PowerLoader - C:\Users\Julian\AppData\LocalLow\POWERC~1\nppowerloader.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Julian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\answers.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-en.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startingpage-https---deutsch.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startingpage-https.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\technorati.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\yahoo-en.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Feedback - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\testpilot@labs.mozilla.com [2011-03-12]
FF Extension: UnPlug - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\unplug@compunach [2011-02-28]
FF Extension: JonDoFox - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593} [2011-02-28]
FF Extension: Cookie Monster - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2011-02-28]
FF Extension: NoScript - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-02-28]
FF Extension: Adblock Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-02-28]
FF Extension: ProfileSwitcher - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4} [2011-02-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-06]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-04-04]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-04-04]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
==================== Services (Whitelisted) =================
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-11-02] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-08 13:59 - 2014-02-08 13:59 - 00001941 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-02-08 13:52 - 2014-02-08 13:52 - 00000000 ____D () C:\Windows\ERUNT
2014-02-08 12:59 - 2014-02-08 12:59 - 01037530 _____ (Thisisu) C:\Users\Julian\Desktop\JRT.exe
2014-02-08 12:50 - 2014-02-08 12:50 - 01166132 _____ () C:\Users\Julian\Desktop\adwcleaner.exe
2014-02-08 12:43 - 2014-02-08 12:43 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-08 12:43 - 2014-02-08 12:43 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Malwarebytes
2014-02-08 12:43 - 2014-02-08 12:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 12:43 - 2014-02-08 12:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 12:43 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-08 12:42 - 2014-02-08 12:56 - 00000000 ____D () C:\Users\Julian\Desktop\Für Hochzeit
2014-02-07 09:40 - 2014-02-07 09:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-07 09:39 - 2014-02-07 09:39 - 00003516 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Julian-PC-iTuneskonto
2014-02-07 08:33 - 2014-02-07 08:34 - 00040145 _____ () C:\Users\Julian\Desktop\Addition alt.txt
2014-02-07 08:32 - 2014-02-08 14:05 - 00000000 ____D () C:\FRST
2014-02-07 08:32 - 2014-02-07 08:34 - 00037506 _____ () C:\Users\Julian\Desktop\FRST alt.txt
2014-02-07 07:40 - 2014-02-07 07:49 - 00000000 ____D () C:\Users\Julian\Desktop\Handy
2014-02-07 07:17 - 2014-02-07 07:17 - 00002614 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-02-06 18:53 - 2014-02-06 18:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 17:28 - 2014-02-05 17:28 - 00000000 ____D () C:\Program Files\iPod
2014-02-05 17:28 - 2014-02-05 17:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-05 17:28 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-02-05 16:53 - 2014-02-05 17:28 - 00000000 ____D () C:\Program Files\iTunes
2014-01-28 20:10 - 2014-01-28 20:10 - 00002966 _____ () C:\Users\Julian\Desktop\dream_theater_blind_faith.mid
2014-01-27 16:39 - 2014-02-02 15:27 - 00000000 ____D () C:\Converted Audio Files
2014-01-27 16:37 - 2014-01-27 16:37 - 00000000 ____D () C:\Program Files (x86)\Acoustica MP3 To Wave Converter PLUS
2014-01-26 11:29 - 2014-02-07 12:17 - 00000000 ____D () C:\Users\Julian\Desktop\Sounds
2014-01-15 16:17 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 16:17 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 16:17 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 16:17 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 16:17 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 16:17 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 16:17 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 16:17 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 16:17 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2014-02-08 14:05 - 2014-02-07 08:32 - 00000000 ____D () C:\FRST
2014-02-08 14:05 - 2010-12-27 13:28 - 00000000 ____D () C:\Users\Julian\Desktop\Programme
2014-02-08 14:00 - 2010-12-27 12:04 - 01209630 _____ () C:\Windows\WindowsUpdate.log
2014-02-08 13:59 - 2014-02-08 13:59 - 00001941 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-02-08 13:52 - 2014-02-08 13:52 - 00000000 ____D () C:\Windows\ERUNT
2014-02-08 13:51 - 2009-07-14 05:45 - 00015680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-08 13:51 - 2009-07-14 05:45 - 00015680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-08 13:44 - 2012-01-15 18:47 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Dropbox
2014-02-08 13:43 - 2012-01-15 18:52 - 00000000 ___RD () C:\Users\Julian\Dropbox
2014-02-08 13:42 - 2013-07-12 21:56 - 00043786 _____ () C:\Windows\setupact.log
2014-02-08 13:42 - 2010-12-27 14:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 13:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-08 13:41 - 2013-11-02 22:53 - 00000000 ____D () C:\AdwCleaner
2014-02-08 13:36 - 2007-01-19 14:26 - 00000000 ____D () C:\Users\Julian\Desktop\Julians Hauptordner
2014-02-08 13:07 - 2012-07-07 11:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-08 13:07 - 2010-12-27 14:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 13:06 - 2013-08-07 19:17 - 00030888 _____ () C:\Windows\PFRO.log
2014-02-08 12:59 - 2014-02-08 12:59 - 01037530 _____ (Thisisu) C:\Users\Julian\Desktop\JRT.exe
2014-02-08 12:56 - 2014-02-08 12:42 - 00000000 ____D () C:\Users\Julian\Desktop\Für Hochzeit
2014-02-08 12:50 - 2014-02-08 12:50 - 01166132 _____ () C:\Users\Julian\Desktop\adwcleaner.exe
2014-02-08 12:43 - 2014-02-08 12:43 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-08 12:43 - 2014-02-08 12:43 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Malwarebytes
2014-02-08 12:43 - 2014-02-08 12:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 12:43 - 2014-02-08 12:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 12:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\spool
2014-02-08 12:37 - 2011-01-07 15:45 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5615FF6F-A837-4E38-B0FC-3819769ABCDA}
2014-02-08 12:35 - 2011-10-08 14:25 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-39506974-4226529383-182086440-1000UA.job
2014-02-08 12:30 - 2012-05-05 14:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-08 02:00 - 2010-12-27 13:32 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
2014-02-08 01:52 - 2011-10-08 14:25 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-39506974-4226529383-182086440-1000Core.job
2014-02-07 14:46 - 2009-07-14 18:58 - 00697098 _____ () C:\Windows\system32\perfh007.dat
2014-02-07 14:46 - 2009-07-14 18:58 - 00148362 _____ () C:\Windows\system32\perfc007.dat
2014-02-07 14:46 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-07 12:17 - 2014-01-26 11:29 - 00000000 ____D () C:\Users\Julian\Desktop\Sounds
2014-02-07 09:40 - 2014-02-07 09:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-07 09:39 - 2014-02-07 09:39 - 00003516 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Julian-PC-iTuneskonto
2014-02-07 08:34 - 2014-02-07 08:33 - 00040145 _____ () C:\Users\Julian\Desktop\Addition alt.txt
2014-02-07 08:34 - 2014-02-07 08:32 - 00037506 _____ () C:\Users\Julian\Desktop\FRST alt.txt
2014-02-07 07:49 - 2014-02-07 07:40 - 00000000 ____D () C:\Users\Julian\Desktop\Handy
2014-02-07 07:46 - 2011-07-12 15:26 - 04374016 ___SH () C:\Users\Julian\Desktop\Thumbs.db
2014-02-07 07:17 - 2014-02-07 07:17 - 00002614 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-02-07 07:17 - 2013-05-30 13:58 - 00000000 ____D () C:\Users\Julian\.gimp-2.8
2014-02-06 18:54 - 2014-02-06 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 18:34 - 2012-07-07 11:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-06 18:34 - 2012-07-07 11:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-06 18:34 - 2011-05-16 05:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 17:28 - 2014-02-05 17:28 - 00000000 ____D () C:\Program Files\iPod
2014-02-05 17:28 - 2014-02-05 17:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-05 17:28 - 2014-02-05 16:53 - 00000000 ____D () C:\Program Files\iTunes
2014-02-05 16:44 - 2011-01-08 19:07 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 19:04 - 2013-09-19 14:52 - 00000000 ____D () C:\Users\Julian\Desktop\Das Lied von Eis und Feuer
2014-02-02 15:27 - 2014-01-27 16:39 - 00000000 ____D () C:\Converted Audio Files
2014-02-01 15:14 - 2012-07-31 21:45 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Spotify
2014-02-01 14:19 - 2012-07-31 21:46 - 00000000 ____D () C:\Users\Julian\AppData\Local\Spotify
2014-01-28 20:16 - 2011-09-20 18:50 - 00000000 ____D () C:\Users\Julian\.lilypond-fonts.cache-2
2014-01-28 20:10 - 2014-01-28 20:10 - 00002966 _____ () C:\Users\Julian\Desktop\dream_theater_blind_faith.mid
2014-01-27 16:37 - 2014-01-27 16:37 - 00000000 ____D () C:\Program Files (x86)\Acoustica MP3 To Wave Converter PLUS
2014-01-26 12:58 - 2013-02-12 14:57 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\vlc
2014-01-19 08:33 - 2010-12-27 12:19 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 06:32 - 2012-01-15 18:50 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-17 06:32 - 2010-12-27 12:04 - 00000000 ___RD () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-17 06:28 - 2009-07-14 05:45 - 05026168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 15:33 - 2013-07-17 00:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 15:28 - 2010-12-28 11:20 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 22:10 - 2010-12-27 12:18 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Liteon
Files to move or delete:
====================
C:\ProgramData\hash.dat
Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\AAMHelper.exe
C:\Users\Julian\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Julian\AppData\Local\Temp\AutoRun.exe
C:\Users\Julian\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Julian\AppData\Local\Temp\BackupSetup.exe
C:\Users\Julian\AppData\Local\Temp\EAInstall.dll
C:\Users\Julian\AppData\Local\Temp\fileutil.dll
C:\Users\Julian\AppData\Local\Temp\htmlayout.dll
C:\Users\Julian\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Julian\AppData\Local\Temp\Quarantine.exe
C:\Users\Julian\AppData\Local\Temp\SHSetup.exe
C:\Users\Julian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Julian\AppData\Local\Temp\videoplayer_installer14603191.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-07 03:53
==================== End Of Log ============================
--- --- ---
--- --- ---
und noch die Addition.txt (bin mir nicht sicher, ob du die auch noch mal haben wolltest, aber schaden kann's ja nix): Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2014
Ran by Julian at 2014-02-08 14:05:50
Running from C:\Users\Julian\Desktop\Programme
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
µTorrent (HKCU Version: 3.3.2.30416 - BitTorrent Inc.)
1.5 (x32 Version: - Dirk Paehl)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acer Crystal Eye webcam (x32 Version: 1.0.4.3 - Liteon)
Acer ePower Management (x32 Version: 5.00.3005 - Acer Incorporated)
Acoustica MP3 To Wave Converter PLUS (x32 Version: 2.5 - Acoustica, Inc.)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (x32 Version: 2.1.2.232 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS6 (x32 Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (x32 Version: 7.0 - Atheros)
Aufstieg des Hexenkönigs™ (x32 Version: - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (Version: 5.100.249.2 - Broadcom Corporation)
CCleaner (Version: 4.03 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Die Schlacht um Mittelerde™ II (x32 Version: - )
Direct MIDI to MP3 Converter Version 6.2.2.46 (x32 Version: 6.2.2.46 - Piston Software)
DivX-Setup (x32 Version: 2.5.0.15 - DivX, LLC)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DVD43 Plug-in v1.0.0.5 (x32 Version: - )
EVEREST Home Edition v2.20 (x32 Version: 2.20 - Lavalys Inc)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
Free Audio CD Burner version 2.0.24.1125 (x32 Version: 2.0.24.1125 - DVDVideoSoft Ltd.)
Free RAR Extract Frog (x32 Version: 2.50 - Philipp Winterberg)
Free Studio version 5.6.3.706 (x32 Version: 5.6.3.706 - DVDVideoSoft Ltd.)
Free YouTube to iPod Converter version 3.11.17.1127 (x32 Version: 3.11.17.1127 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.32.918 (x32 Version: 3.11.32.918 - DVDVideoSoft Ltd.)
FreeFileSync 5.23 (x32 Version: 5.23 - Zenju)
FreeMind (x32 Version: 0.9.0_RC_10 - )
GeoGebra 4.2 (x32 Version: 4.2.24.0 - International GeoGebra Institute)
GIMP 2.8.4 (Version: 2.8.4 - The GIMP Team)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Greenfoot 2.1.0 (x32 Version: - La Trobe University)
Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (x32 Version: 1 - Microsoft Corporation)
Hotspot Shield 3.19 (x32 Version: 3.19 - AnchorFree)
ICQ7.5 (x32 Version: 7.5 - ICQ)
ImgBurn (x32 Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.2.1001 - Intel Corporation)
IsoBuster 2.8.5 (x32 Version: 2.8.5 - Smart Projects)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) SE Development Kit 6 Update 26 (64-bit) (Version: 1.6.0.260 - Oracle)
K-Lite Codec Pack 9.7.2 (Basic) (x32 Version: 9.7.2 - )
KODAK Create@Home Software (für dm) (x32 Version: 7.8.1392 - Eastman Kodak Company)
Launch Manager (x32 Version: 4.0.12 - Acer Inc.)
LEGO® Star Wars™: Die Komplette Saga (x32 Version: 1.00.0000 - LucasArts)
LEGO® Star Wars™: The Complete Saga (x32 Version: 1.00.0000 - LucasArts) Hidden
LilyPond (x32 Version: - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft Age of Empires (x32 Version: - )
Microsoft Age of Empires Expansion (x32 Version: - )
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2000 SR-1 Premium (x32 Version: 9.00.3821 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Moorhuhn Kart 3 (x32 Version: 1.00.0000 - )
Moorhuhn Total 4 (x32 Version: 1.00.0000 - )
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.3 (x32 Version: 1.3.0 - Werner Schweer and Others)
Notepad++ (x32 Version: 5.9.3 - )
NVIDIA Display Control Panel (Version: 6.14.12.5997 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0224 - NVIDIA Corporation)
Octava SD4 (x32 Version: 5.01 - Obtiv)
OpenAL (x32 Version: - )
OpenOffice.org 3.4 (x32 Version: 3.4.9590 - OpenOffice.org)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Project64 1.6 (x32 Version: 1.6 - Project64)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
rgc:audio sfz VSTi v1.96 (x32 Version: - )
Samplitude 10 SE 10.2.0.0 (D) (x32 Version: 10.2.0.0 - MAGIX AG)
SAMSUNG Mobile Modem Driver Set (Version: - )
Samsung Mobile phone USB driver Drive Software (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (Version: - )
SAMSUNG Mobile USB Modem Software (Version: - )
Samsung PC Studio 3 USB Driver Installer (x32 Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
Scratch (x32 Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype Click to Call (x32 Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 14.0.19.0 - Synaptics Incorporated)
TeamSpeak 3 Client (Version: 3.0.6 - TeamSpeak Systems GmbH)
TeamViewer 8 (x32 Version: 8.0.16642 - TeamViewer)
The Battle for Middle-earth (tm) (x32 Version: - )
TI Connect 1.6 (x32 Version: 1.6 - Texas Instruments Incorporated)
TuxGuitar (x32 Version: 1.2 - Herac)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VirtualCloneDrive (x32 Version: - Elaborate Bytes)
Virus Guard - powered by BitDefender (x32 Version: 1.0.0.0 - BitDefender)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (x32 Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.5 (Version: 2.0.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (x32 Version: 2.1.4.1300 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (x32 Version: 2.0.1.9 - 1&1 Mail & Media GmbH)
WEB.DE Toolbar für Internet Explorer (x32 Version: 1.7.2.0 - 1&1 Mail & Media GmbH)
WEB.DE Toolbar MSVC100 CRT x64 (Version: 1.0.0 - 1&1 Mail & Media GmbH) Hidden
WEB.DE Toolbar MSVC100 CRT x86 (x32 Version: 1.0.0 - 1&1 Mail & Media GmbH) Hidden
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Wuala (HKCU Version: 1.0.411.0 - LaCie)
Wuala CBFS (x32 Version: 3.2.107.0 - LaCie)
XMedia Recode 3.0.4.9 (x32 Version: 3.0.4.9 - Sebastian Dörfler)
XMedia Recode Version 3.1.4.1 (x32 Version: 3.1.4.1 - XMedia Recode)
Yenka (x32 Version: 3.1.2.0 - Crocodile Clips Ltd)
Zero-K (HKCU Version: 2.75.0.16 - Zero-K)
==================== Restore Points =========================
16-01-2014 14:27:27 Windows Update
20-01-2014 15:04:34 Windows Update
23-01-2014 20:22:43 Windows Update
27-01-2014 15:01:53 Windows Update
31-01-2014 12:05:50 Windows Update
03-02-2014 14:49:45 Windows Update
05-02-2014 16:15:38 Removed iTunes
05-02-2014 16:27:28 Installed iTunes
06-02-2014 15:19:52 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0373C16B-787E-4BEE-8A10-075E15396A52} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {0517E595-B64C-4243-B263-18D948516521} - System32\Tasks\{A9DD6423-EC02-456B-8783-684880699DAD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {0AA2FCE0-804C-49CD-8233-E0369A29BE45} - \GoforFilesUpdate No Task File
Task: {1F47C5F4-6132-40B2-BC47-F797E2BAB271} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2011-07-28] (1&1 Mail & Media GmbH)
Task: {2A7B2D37-01AB-45F3-86A4-4A5DFB376563} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-39506974-4226529383-182086440-1000UA => C:\Users\Julian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-13] (Facebook Inc.)
Task: {4AB0C8AF-8D3E-4AD5-A0D4-303898A42A38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {5EC36439-42E5-4503-A485-1A889BDF9B22} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-06] (Adobe Systems Incorporated)
Task: {5F93A259-D241-4304-8EB1-04E34F41F174} - System32\Tasks\Games\UpdateCheck_S-1-5-21-39506974-4226529383-182086440-501
Task: {8024B419-5528-46EE-917C-1965CB20BAF1} - System32\Tasks\{F35295F4-1648-4E1B-A372-4F5A5F50174E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.111/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {A2CF35B9-FF31-4204-A76F-55BE7AD42125} - System32\Tasks\AdobeAAMUpdater-1.0-Julian-PC-iTuneskonto => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {A61C4614-9B68-4BF4-8EA1-507A478929A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-27] (Google Inc.)
Task: {C3E7322C-377F-46ED-BF31-3805E04C663E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CD52D205-289E-4D19-8E0A-FCED8704AFC0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-39506974-4226529383-182086440-1000
Task: {CE60B7D5-2CC6-499B-B097-E38E4A476F64} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-39506974-4226529383-182086440-1000Core => C:\Users\Julian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-13] (Facebook Inc.)
Task: {E431E732-1BC4-48C5-B957-4A0330AD4140} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-27] (Google Inc.)
Task: {F7828C06-A933-4E52-A2E4-D715289A9FC3} - System32\Tasks\AdobeAAMUpdater-1.0-Julian-PC-Julian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-39506974-4226529383-182086440-1000Core.job => C:\Users\Julian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-39506974-4226529383-182086440-1000UA.job => C:\Users\Julian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2006-12-04 01:26 - 2006-12-04 01:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll
2013-02-12 16:30 - 2012-11-28 18:50 - 00019880 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-05-20 14:02 - 2009-05-20 14:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2011-03-21 19:57 - 2011-03-21 19:57 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Julian\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-03 14:25 - 2013-09-03 14:25 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 12:42 - 2013-06-05 13:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-08-30 09:00 - 2013-08-30 09:00 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2013-08-16 18:52 - 2013-08-16 18:52 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\eff228aa396c1d45248a54b44d7ce5a0\IsdiInterop.ni.dll
2010-12-27 12:13 - 2010-04-13 09:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-06 18:53 - 2014-02-06 18:53 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-06 18:34 - 2014-02-06 18:34 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-12-21 12:54:22.373
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Julian\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-21 12:54:21.926
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Julian\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-21 12:54:21.383
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-21 12:54:20.778
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-12-03 14:51:00.657
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-12-03 14:51:00.487
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-29 15:40:12.693
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-29 15:40:12.599
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-01-27 23:25:59.568
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Acer\Acer ePower Management\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-01-27 23:25:59.558
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Acer\Acer ePower Management\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 50%
Total physical RAM: 3958.71 MB
Available physical RAM: 1940.04 MB
Total Pagefile: 7915.6 MB
Available Pagefile: 5723.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Lokaler Datenträger) (Fixed) (Total:465.66 GB) (Free:207.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 67B46E32)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
