| Enidan008 | 07.02.2014 19:25 |
Hallo,
Avira meldet das.
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by user (administrator) on USER-PC on 07-02-2014 19:18:49
Running from C:\Users\user\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(g10 Code GmbH) C:\Program Files (x86)\GNU\GnuPG\gpg-agent.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_12_0_0_44_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-28] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2014-01-01] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2574729686-3444381949-2078131722-1000\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-26]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-01-01]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-26]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2013-08-05]
CHR Extension: (FastestChrome - Browse Faster) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-12-16]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Lavasoft NewTab) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-11-30]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-12-20]
CHR HKLM-x32\...\Chrome\Extension: [gpicboiclhmnllnjdcfcffifpoaebgkm] - C:\Program Files (x86)\Freecorder extension\Freecorder.crx [2013-12-20]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-10-30]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] ()
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [103936 2013-12-12] (Freemake)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [138232 2013-07-17] (BitDefender LLC)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-09-17] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-07 19:18 - 2014-02-07 19:18 - 00018201 _____ () C:\Users\user\Desktop\FRST.txt
2014-02-07 19:17 - 2014-02-07 19:17 - 02079744 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2014-02-07 17:38 - 2014-02-07 17:38 - 00000022 _____ () C:\Windows\S.dirmngr
2014-02-05 20:41 - 2014-02-05 20:41 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-05 20:41 - 2014-02-05 20:41 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-05 20:41 - 2014-02-05 20:41 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-05 19:45 - 2014-02-05 19:45 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-05 16:12 - 2014-02-05 14:59 - 00002309 _____ () C:\Users\user\Desktop\Ad-Aware Antivirus.lnk
2014-02-05 16:10 - 2014-01-19 15:07 - 00002094 _____ () C:\Users\user\Desktop\Mozilla Thunderbird.lnk
2014-01-30 20:42 - 2014-01-30 20:42 - 00000054 _____ () C:\Users\user\AppData\Roaming\mbam.context.scan
2014-01-29 22:39 - 2014-01-29 22:39 - 00491847 _____ () C:\Users\user\Downloads\FACTSHEET - U S Africa Command-November2013 (1)
2014-01-29 21:53 - 2014-01-29 21:53 - 00491847 _____ () C:\Users\user\Downloads\FACTSHEET - U S Africa Command-November2013
2014-01-29 21:46 - 2014-01-29 21:46 - 02044502 _____ () C:\Users\user\Downloads\2013 10 25 US AFRICA COMMAND Overview Brief
2014-01-23 17:37 - 2014-01-23 17:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-01-20 19:14 - 2014-01-20 19:14 - 00000000 ____D () C:\Users\user\AppData\Local\Macromedia
2014-01-19 20:29 - 2014-01-19 20:29 - 00009982 _____ () C:\Users\user\Documents\nadine nadine-ra@gmx.net (0xAFD891D6) pub-sec.asc
2014-01-19 15:31 - 2014-01-19 15:31 - 00000918 _____ () C:\Users\user\Documents\nadine-ra@gmx.net (0xAFD891D6) rev.asc
2014-01-19 15:24 - 2014-01-19 15:24 - 00000568 _____ () C:\Users\user\Documents\nadine-ra@gmx.net (0xC130BF13) rev.asc
2014-01-19 15:11 - 2014-01-19 15:11 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-01-19 15:07 - 2014-02-05 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 15:07 - 2014-02-05 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-01-19 15:07 - 2014-02-04 19:25 - 00000000 ____D () C:\Users\user\AppData\Local\Thunderbird
2014-01-19 15:07 - 2014-01-19 15:07 - 00000000 ____D () C:\Users\user\AppData\Roaming\Thunderbird
2014-01-19 15:07 - 2014-01-19 15:07 - 00000000 ____D () C:\ProgramData\Mozilla
2014-01-19 14:56 - 2014-01-19 14:57 - 00000000 ____D () C:\Users\user\AppData\Roaming\gtk-2.0
2014-01-19 14:51 - 2014-01-19 14:51 - 00000218 _____ () C:\Users\user\.recently-used.xbel
2014-01-19 14:46 - 2014-01-19 14:58 - 00000000 ____D () C:\Users\user\.gconfd
2014-01-19 14:46 - 2014-01-19 14:57 - 00000000 ____D () C:\Users\user\.evolution
2014-01-19 14:46 - 2014-01-19 14:52 - 00000000 ____D () C:\Users\user\.gconf
2014-01-19 14:46 - 2014-01-19 14:46 - 00000000 ____D () C:\Users\user\.gnome2_private
2014-01-19 14:46 - 2014-01-19 14:46 - 00000000 ____D () C:\Users\user\.gnome2
2014-01-19 14:31 - 2014-01-19 14:31 - 00000000 ____D () C:\Users\user\AppData\Roaming\PGP Corporation
2014-01-19 14:28 - 2014-01-19 14:28 - 00123066 _____ () C:\Windows\SysWOW64\PGPlspRollback.reg
2014-01-18 18:56 - 2014-01-18 18:56 - 00007614 _____ () C:\Users\user\AppData\Local\recently-used.xbel
2014-01-18 18:22 - 2014-01-18 18:55 - 00000000 ____D () C:\Users\user\AppData\Roaming\fucknsa
2014-01-18 18:21 - 2014-01-18 18:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mail
2014-01-18 11:21 - 2014-01-18 11:40 - 00000000 ____D () C:\Users\user\AppData\Roaming\NSAHome
2014-01-18 08:00 - 2014-01-18 08:18 - 00000000 ____D () C:\Users\user\AppData\Roaming\Nsalala
2014-01-18 07:50 - 2014-01-18 07:50 - 00000000 ____D () C:\Users\user\AppData\Roaming\NSA
2014-01-18 07:29 - 2014-01-19 20:48 - 00001777 _____ () C:\Users\user\Desktop\0x97C5921C.asc
2014-01-18 07:28 - 2014-01-19 10:34 - 00000000 ____D () C:\Users\user\AppData\Local\enchant
2014-01-18 07:27 - 2014-01-18 07:27 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mailnsa
2014-01-18 07:19 - 2014-01-19 10:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\Claws-mail
2014-01-17 18:30 - 2014-01-17 18:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\.kde
2014-01-17 18:30 - 2014-01-17 18:30 - 00000000 ____D () C:\Users\user\AppData\Local\GNU
2014-01-17 18:25 - 2014-02-07 17:40 - 00000000 ____D () C:\Users\user\AppData\Roaming\gnupg
2014-01-17 18:25 - 2014-01-17 18:25 - 00000000 ____D () C:\ProgramData\GNU
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\Users\user\AppData\Roaming\Postbox
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\Users\user\AppData\Local\Postbox
2014-01-17 07:12 - 2014-01-17 22:06 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-01-15 13:29 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 13:29 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 13:29 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 13:29 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 09:56 - 2014-01-14 09:56 - 00001139 _____ () C:\Users\Public\Desktop\Alfons Lernwelt Englisch 6.lnk
2014-01-14 09:48 - 2014-01-14 09:48 - 00000000 ____D () C:\Windows\SysWOW64\Alfons
2014-01-14 09:43 - 2014-01-23 19:29 - 00000000 ____D () C:\ProgramData\alw
2014-01-14 09:43 - 2014-01-14 09:52 - 00000000 ____D () C:\Program Files (x86)\Alfons
2014-01-12 14:59 - 2014-01-12 14:59 - 00000000 ____D () C:\Users\user\Desktop\2013-12-15 001
2014-01-12 13:15 - 2014-01-12 13:24 - 294783406 _____ () C:\Users\user\Desktop\Rundreise.mp4
==================== One Month Modified Files and Folders =======
2014-02-07 19:19 - 2014-02-07 19:18 - 00018201 _____ () C:\Users\user\Desktop\FRST.txt
2014-02-07 19:18 - 2013-12-30 20:19 - 00000000 ____D () C:\FRST
2014-02-07 19:17 - 2014-02-07 19:17 - 02079744 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2014-02-07 19:08 - 2012-04-22 23:49 - 01400974 _____ () C:\Windows\WindowsUpdate.log
2014-02-07 19:00 - 2013-12-21 10:59 - 00007650 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2014-02-07 18:48 - 2013-06-06 20:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-07 17:46 - 2009-07-14 05:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-07 17:46 - 2009-07-14 05:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-07 17:40 - 2014-01-17 18:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\gnupg
2014-02-07 17:38 - 2014-02-07 17:38 - 00000022 _____ () C:\Windows\S.dirmngr
2014-02-07 17:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-07 17:38 - 2009-07-14 05:51 - 00140872 _____ () C:\Windows\setupact.log
2014-02-07 07:40 - 2012-08-13 16:01 - 00000000 ____D () C:\Users\user\AppData\Roaming\SoftGrid Client
2014-02-06 17:48 - 2013-06-06 20:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-06 17:48 - 2013-06-06 20:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-06 17:48 - 2012-01-20 09:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 21:44 - 2013-12-31 16:58 - 00000000 ____D () C:\Users\user\Desktop\mbar
2014-02-05 20:41 - 2014-02-05 20:41 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-05 20:41 - 2014-02-05 20:41 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-05 20:41 - 2014-02-05 20:41 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-05 19:45 - 2014-02-05 19:45 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-05 19:45 - 2013-08-06 13:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-05 19:43 - 2012-08-13 15:55 - 00071808 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-05 18:24 - 2013-10-01 10:16 - 00000000 ____D () C:\Users\user\Desktop\Politics
2014-02-05 16:13 - 2014-01-19 15:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-05 16:00 - 2014-01-19 15:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 14:59 - 2014-02-05 16:12 - 00002309 _____ () C:\Users\user\Desktop\Ad-Aware Antivirus.lnk
2014-02-04 19:25 - 2014-01-19 15:07 - 00000000 ____D () C:\Users\user\AppData\Local\Thunderbird
2014-02-01 20:52 - 2013-09-17 08:14 - 00000000 ____D () C:\Users\user\Desktop\For Justice
2014-02-01 20:52 - 2013-05-15 20:23 - 00000000 ____D () C:\Users\user\Desktop\Bewerbungen
2014-02-01 13:42 - 2013-07-22 17:28 - 00000000 ____D () C:\Users\user\Desktop\auch mamas sachen
2014-01-31 17:53 - 2012-04-22 23:48 - 00220208 _____ () C:\Windows\DPINST.LOG
2014-01-31 14:56 - 2013-10-14 08:11 - 00000000 ____D () C:\Users\user\Desktop\Neuer Ordner (6)
2014-01-31 10:13 - 2012-04-23 09:37 - 00656746 _____ () C:\Windows\system32\perfh007.dat
2014-01-31 10:13 - 2012-04-23 09:37 - 00131088 _____ () C:\Windows\system32\perfc007.dat
2014-01-31 10:13 - 2009-07-14 06:13 - 01500294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-30 21:11 - 2013-12-31 17:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-30 20:42 - 2014-01-30 20:42 - 00000054 _____ () C:\Users\user\AppData\Roaming\mbam.context.scan
2014-01-30 20:33 - 2013-12-31 16:58 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-30 13:38 - 2013-11-17 19:57 - 00000000 ____D () C:\Users\user\Desktop\Neuer Ordner (7)
2014-01-29 22:39 - 2014-01-29 22:39 - 00491847 _____ () C:\Users\user\Downloads\FACTSHEET - U S Africa Command-November2013 (1)
2014-01-29 21:53 - 2014-01-29 21:53 - 00491847 _____ () C:\Users\user\Downloads\FACTSHEET - U S Africa Command-November2013
2014-01-29 21:46 - 2014-01-29 21:46 - 02044502 _____ () C:\Users\user\Downloads\2013 10 25 US AFRICA COMMAND Overview Brief
2014-01-28 15:07 - 2012-08-14 14:27 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-01-26 12:19 - 2013-09-17 13:02 - 00000000 ____D () C:\Users\user\Desktop\Justice!
2014-01-26 12:02 - 2013-08-10 10:58 - 00000000 ____D () C:\Users\user\Desktop\Musiksong
2014-01-26 11:51 - 2013-11-10 11:10 - 00000000 ____D () C:\Users\user\AppData\Local\Windows Live
2014-01-23 19:29 - 2014-01-14 09:43 - 00000000 ____D () C:\ProgramData\alw
2014-01-23 17:38 - 2013-11-30 16:01 - 00000000 ____D () C:\Users\user\AppData\Roaming\LavasoftStatistics
2014-01-23 17:37 - 2014-01-23 17:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-01-21 09:43 - 2013-11-10 17:11 - 00000000 ___RD () C:\Users\user\Desktop\movie makers
2014-01-20 19:14 - 2014-01-20 19:14 - 00000000 ____D () C:\Users\user\AppData\Local\Macromedia
2014-01-19 20:48 - 2014-01-18 07:29 - 00001777 _____ () C:\Users\user\Desktop\0x97C5921C.asc
2014-01-19 20:29 - 2014-01-19 20:29 - 00009982 _____ () C:\Users\user\Documents\nadine nadine-ra@gmx.net (0xAFD891D6) pub-sec.asc
2014-01-19 15:31 - 2014-01-19 15:31 - 00000918 _____ () C:\Users\user\Documents\nadine-ra@gmx.net (0xAFD891D6) rev.asc
2014-01-19 15:24 - 2014-01-19 15:24 - 00000568 _____ () C:\Users\user\Documents\nadine-ra@gmx.net (0xC130BF13) rev.asc
2014-01-19 15:11 - 2014-01-19 15:11 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-01-19 15:07 - 2014-02-05 16:10 - 00002094 _____ () C:\Users\user\Desktop\Mozilla Thunderbird.lnk
2014-01-19 15:07 - 2014-01-19 15:07 - 00000000 ____D () C:\Users\user\AppData\Roaming\Thunderbird
2014-01-19 15:07 - 2014-01-19 15:07 - 00000000 ____D () C:\ProgramData\Mozilla
2014-01-19 14:58 - 2014-01-19 14:46 - 00000000 ____D () C:\Users\user\.gconfd
2014-01-19 14:57 - 2014-01-19 14:56 - 00000000 ____D () C:\Users\user\AppData\Roaming\gtk-2.0
2014-01-19 14:57 - 2014-01-19 14:46 - 00000000 ____D () C:\Users\user\.evolution
2014-01-19 14:52 - 2014-01-19 14:46 - 00000000 ____D () C:\Users\user\.gconf
2014-01-19 14:51 - 2014-01-19 14:51 - 00000218 _____ () C:\Users\user\.recently-used.xbel
2014-01-19 14:46 - 2014-01-19 14:46 - 00000000 ____D () C:\Users\user\.gnome2_private
2014-01-19 14:46 - 2014-01-19 14:46 - 00000000 ____D () C:\Users\user\.gnome2
2014-01-19 14:31 - 2014-01-19 14:31 - 00000000 ____D () C:\Users\user\AppData\Roaming\PGP Corporation
2014-01-19 14:30 - 2010-11-21 04:47 - 00185390 _____ () C:\Windows\PFRO.log
2014-01-19 14:28 - 2014-01-19 14:28 - 00123066 _____ () C:\Windows\SysWOW64\PGPlspRollback.reg
2014-01-19 10:35 - 2014-01-18 07:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\Claws-mail
2014-01-19 10:34 - 2014-01-18 07:28 - 00000000 ____D () C:\Users\user\AppData\Local\enchant
2014-01-19 09:55 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-18 18:56 - 2014-01-18 18:56 - 00007614 _____ () C:\Users\user\AppData\Local\recently-used.xbel
2014-01-18 18:55 - 2014-01-18 18:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\fucknsa
2014-01-18 18:35 - 2013-08-03 19:58 - 00000000 ____D () C:\Users\user\AppData\Local\gtk-2.0
2014-01-18 18:24 - 2014-01-18 18:21 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mail
2014-01-18 18:17 - 2013-11-27 21:23 - 00000000 ____D () C:\Users\user\Desktop\Video,Audio,Bild Converter
2014-01-18 15:37 - 2013-03-30 12:34 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-18 11:40 - 2014-01-18 11:21 - 00000000 ____D () C:\Users\user\AppData\Roaming\NSAHome
2014-01-18 08:18 - 2014-01-18 08:00 - 00000000 ____D () C:\Users\user\AppData\Roaming\Nsalala
2014-01-18 07:50 - 2014-01-18 07:50 - 00000000 ____D () C:\Users\user\AppData\Roaming\NSA
2014-01-18 07:27 - 2014-01-18 07:27 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mailnsa
2014-01-17 22:06 - 2014-01-17 07:12 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-01-17 18:30 - 2014-01-17 18:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\.kde
2014-01-17 18:30 - 2014-01-17 18:30 - 00000000 ____D () C:\Users\user\AppData\Local\GNU
2014-01-17 18:25 - 2014-01-17 18:25 - 00000000 ____D () C:\ProgramData\GNU
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\Users\user\AppData\Roaming\Postbox
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\Users\user\AppData\Local\Postbox
2014-01-16 19:55 - 2013-11-29 19:43 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc
2014-01-15 21:04 - 2013-11-09 10:23 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-15 14:57 - 2009-07-14 05:45 - 00309784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 13:56 - 2013-08-07 23:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 13:55 - 2012-12-26 16:57 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 13:23 - 2013-12-21 18:34 - 00002030 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-01-15 13:23 - 2012-01-20 09:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-14 17:28 - 2012-10-24 19:04 - 00000000 ____D () C:\Users\user\AppData\Roaming\Windows Live Writer
2014-01-14 09:56 - 2014-01-14 09:56 - 00001139 _____ () C:\Users\Public\Desktop\Alfons Lernwelt Englisch 6.lnk
2014-01-14 09:52 - 2014-01-14 09:43 - 00000000 ____D () C:\Program Files (x86)\Alfons
2014-01-14 09:48 - 2014-01-14 09:48 - 00000000 ____D () C:\Windows\SysWOW64\Alfons
2014-01-12 20:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-12 14:59 - 2014-01-12 14:59 - 00000000 ____D () C:\Users\user\Desktop\2013-12-15 001
2014-01-12 13:24 - 2014-01-12 13:15 - 294783406 _____ () C:\Users\user\Desktop\Rundreise.mp4
2014-01-09 12:19 - 2013-12-05 18:59 - 00000000 ____D () C:\AdwCleaner
Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-20 20:14
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2014
Ran by user at 2014-02-07 19:23:10
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Backup Manager (x32 Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (x32 Version: 6.00.3007 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 5.00.3502 - Acer Incorporated)
Acer Registration (x32 Version: 1.04.3505 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0517.2011 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3500 - Acer Incorporated)
Acer VCM (x32 Version: 4.05.3501 - Acer Incorporated)
Ad-Aware Antivirus (Version: 11.1.5354.0 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638 - Adobe Systems, Inc.)
AKVIS Magnifier (x32 Version: 6.0.1006.8910 - AKVIS)
Alfons Lernwelt (x32 Version: - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2948 - APN, LLC)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom NetLink Controller (Version: 14.8.4.1 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (Version: 4.10 - Piriform)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (x32 Version: 1.6.1.242 - Corel Corporation)
Corel WinDVD (x32 Version: 10.0.5.899 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Designer 2.0 (x32 Version: 7.9.4 - Fomanu AG)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
eBay Worldwide (x32 Version: 2.2.0409 - OEM)
Evernote v. 4.5.1 (x32 Version: 4.5.1.5451 - Evernote Corp.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Freemake Audio Converter Version 1.1.0 (x32 Version: 1.1.0 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotogràfica (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Gpg4win (2.2.1) (x32 Version: 2.2.1 - The Gpg4win Project)
Hex-Editor MX (x32 Version: 6.0 - NEXT-Soft)
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Document Manager 2.0 (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (Version: 4.5 - HP)
HP Solution Center 13.0 (Version: 13.0 - HP)
HP Update (x32 Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICA (x32 Version: 1.6.1.242 - Corel Corporation) Hidden
Identity Card (x32 Version: 1.00.3501 - Acer Incorporated)
Install Absolute Data Protect (x32 Version: 1.0.0.42 - Absolute Software)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2418 - Intel Corporation)
IPM_PSP_CL (x32 Version: 1.00.0000 - Your Company Name) Hidden
IPM_PSP_COM (x32 Version: 1.00.0000 - Your Company Name) Hidden
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Meleon 1.5.4 de-DE (nur entfernen) (x32 Version: 1.5.4 - K-Meleon Team)
Launch Manager (x32 Version: 6.0.5 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (x32 Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (x32 Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP)
Perfect Photo Suite 7.5 (x32 Version: 7.5 - onOne Software)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rossmann Fotowelt Software 4.12.1 (x32 Version: 4.12.1 - ORWO Net)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Setup (x32 Version: 1.6.1.242 - Corel Corporation) Hidden
Shop for HP Supplies (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony PC Companion 2.10.188 (x32 Version: 2.10.188 - Sony)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 15.2.17.5 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Valokuvavalikoima (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Vegas Pro 12.0 (64-bit) (Version: 12.0.770 - Sony)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome Center (x32 Version: 1.02.3505 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001 - CACE Technologies)
Xilisoft Video Converter Ultimate (HKCU Version: 7.7.3.20131014 - Xilisoft)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
==================== Restore Points =========================
15-01-2014 12:54:46 Windows Update
15-01-2014 19:56:09 Removed iTunes
19-01-2014 13:27:23 Installed PGP Desktop
19-01-2014 13:33:57 Removed PGP Desktop
19-01-2014 13:41:31 Installed Evolution.
19-01-2014 13:58:33 Removed Evolution.
21-01-2014 06:09:56 Windows Update
23-01-2014 16:36:34 AA11
24-01-2014 15:54:22 Windows Update
28-01-2014 12:43:08 Windows Update
31-01-2014 16:52:30 Sony PC Companion
04-02-2014 18:28:35 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-12-31 16:36 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {05ACA2B2-47EC-4936-821B-2C0EE5CFFB4D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0A2D3E75-A718-4C9A-A4B5-E64D7E5AA842} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2574729686-3444381949-2078131722-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {19F42A96-5518-4816-91F8-A26F10D5B54B} - \EPUpdater No Task File
Task: {241131AC-CE4F-4EB6-94AE-F971435927B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-06] (Adobe Systems Incorporated)
Task: {2C91E854-4BDA-4403-AFB5-DE308F522D9A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2574729686-3444381949-2078131722-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2CE49049-F5EA-414C-A658-C3B79B802AC8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {3355C804-F904-477F-AE92-3063164FF959} - \BrowserDefendert No Task File
Task: {44F2E9A7-FC0F-48AE-BA95-9A9BE624C09B} - System32\Tasks\{B059951D-986A-4E2E-96AA-466728EC9F38} => C:\Users\user\Desktop\FreemakeVideo4121ConverterSetup.exe
Task: {58E2E1FD-321F-4891-883D-167F7C6C157B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2574729686-3444381949-2078131722-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {75AB2EA0-0414-46AD-957D-7036A246035F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2574729686-3444381949-2078131722-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9AB8861D-1A81-4CCA-9DBB-1C19739A9C90} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2574729686-3444381949-2078131722-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9FC57016-A59A-479B-AEF2-E4E4FB1007E4} - \BackgroundContainer Startup Task No Task File
Task: {AB4A0906-5083-4CFD-B3A7-4251452658EE} - System32\Tasks\{DE39553C-B997-42A9-880A-55EC26B2F175} => C:\Program Files (x86)\HP\Digital Imaging\{E11448F2-0B44-4239-B04E-D88FE743E929}\hpzstub.exe
Task: {B94ACC83-E640-4AB1-8FE3-94FB7328E204} - System32\Tasks\{D71256CC-BC2D-4617-A796-11CF2B9FF47C} => C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-01-23 16:29 - 2014-01-23 16:29 - 02141040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareShellExtension.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2010-07-28 02:24 - 2010-07-28 02:24 - 00124560 _____ () c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
2013-10-30 19:28 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\AiCM64.dll
2012-01-20 08:26 - 2011-06-10 03:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 18:10 - 2013-07-17 18:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2013-08-05 16:18 - 2013-08-05 16:15 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-07 15:49 - 2013-10-07 15:49 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-10-07 15:47 - 2013-10-07 15:47 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-10-07 15:44 - 2013-10-07 15:44 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-10-07 15:49 - 2013-10-07 15:49 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-10-07 15:49 - 2013-10-07 15:49 - 00628224 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2013-12-21 18:34 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2013-12-21 18:34 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2013-12-21 18:34 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2013-12-21 18:34 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:31D9EFCC
AlternateDataStreams: C:\ProgramData\Temp:AD022376
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/07/2014 05:38:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2014 03:53:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2014 07:32:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/06/2014 08:45:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/06/2014 04:46:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/06/2014 03:19:33 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (02/06/2014 03:19:29 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (02/06/2014 03:19:28 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (02/06/2014 03:19:28 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (02/06/2014 03:19:28 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
System errors:
=============
Error: (02/06/2014 08:48:25 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:25 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (02/06/2014 08:48:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Microsoft Office Sessions:
=========================
Error: (02/07/2014 05:38:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2014 03:53:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2014 07:32:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/06/2014 08:45:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/06/2014 04:46:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/06/2014 03:19:33 PM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (02/06/2014 03:19:29 PM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (02/06/2014 03:19:28 PM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (02/06/2014 03:19:28 PM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (02/06/2014 03:19:28 PM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{ab7efdae-e556-11e1-b550-e840f2cbd5f9}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
CodeIntegrity Errors:
===================================
Date: 2013-12-31 16:35:27.676
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-31 16:35:27.583
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 18:59:12.803
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 18:59:12.713
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 18:59:12.503
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 18:59:12.393
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-28 19:25:46.781
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-28 19:25:46.741
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-28 19:25:46.671
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-28 19:25:46.591
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 3764.36 MB
Available physical RAM: 1322.22 MB
Total Pagefile: 7526.9 MB
Available Pagefile: 4936.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:371.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: ACC1A0B8)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit