| kinosergio | 16.04.2014 20:38 |
Hier sind die Logs:
FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-04-2014 02
Ran by Surfer (administrator) on ARBEITSZIMMER on 16-04-2014 21:32:39
Running from C:\Users\Bronson\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files\Hotspot Shield\bin\hsswd.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Dropbox, Inc.) C:\Users\Bronson\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\hsscp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corp.) C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\af_proxy_cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Bing Bar] => C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544 2010-04-27] (Microsoft Corp.)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NoIE4StubProcessing] - C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f [62464 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [BrowserChoice] - browserchoice.exe [293376 2010-02-11] (Microsoft Corporation)
HKLM\...\Runonce: [!BingBar] - "C:\Program Files\Microsoft\BingBar\7.1.361.0\MUExe\7.1.361.0\BingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ismu=2"
HKLM\...\Runonce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
Startup: C:\Users\Bronson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Surfer\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Microsoft.com/NpWinExt,version=5.0 - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-03-29]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-07]
FF HKLM\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [2013-11-07]
FF HKLM\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: Search Helper Extension - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-07]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ []
========================== Services (Whitelisted) =================
R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [944424 2014-01-15] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-01-15] ()
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [555304 2014-01-15] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [238592 2011-03-09] (WDC)
R2 WDFME; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060864 2011-03-09] ()
R2 WDSC; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [484352 2011-03-09] ()
==================== Drivers (Whitelisted) ====================
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2014-01-15] (AnchorFree Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-01-15] (Anchorfree Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-16 21:32 - 2014-04-16 21:32 - 00012200 _____ () C:\Users\Bronson\Desktop\FRST.txt
2014-04-16 21:32 - 2014-04-16 21:32 - 00000000 ____D () C:\FRST
2014-04-16 21:31 - 2014-04-16 21:31 - 01146880 _____ (Farbar) C:\Users\Bronson\Desktop\FRST.exe
2014-04-16 12:08 - 2014-04-16 12:08 - 00000000 __SHD () C:\Users\Bronson\AppData\Local\EmieUserList
2014-04-16 12:08 - 2014-04-16 12:08 - 00000000 __SHD () C:\Users\Bronson\AppData\Local\EmieSiteList
2014-04-15 14:02 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-15 14:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-15 14:02 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 14:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-15 14:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-15 14:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-15 14:02 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-15 14:02 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-15 14:02 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-15 14:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-15 14:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-15 14:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-15 14:02 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-15 14:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-15 14:02 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 14:02 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-15 14:02 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-15 14:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 14:02 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-15 14:02 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-15 14:02 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-15 14:02 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-15 14:02 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-15 14:02 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-15 14:02 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-15 14:02 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-14 20:41 - 2014-04-14 20:41 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 20:41 - 2014-04-14 20:41 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-14 20:40 - 2014-04-14 20:40 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-14 20:40 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 20:40 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-11 21:25 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-11 21:25 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-11 21:25 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-11 21:25 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-11 21:25 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-11 21:25 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-01 17:08 - 2014-04-01 17:09 - 00000000 ____D () C:\Users\Bronson\AppData\Local\Microsoft Help
2014-03-29 17:57 - 2014-03-29 17:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-25 11:58 - 2014-03-25 12:48 - 00000000 ____D () C:\Users\Bronson\AppData\Roaming\IrfanView
2014-03-25 11:57 - 2014-03-25 11:58 - 00000000 ____D () C:\ProgramData\IrfanView
2014-03-20 17:53 - 2014-03-20 17:53 - 00002278 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-03-20 17:53 - 2014-03-20 17:53 - 00001203 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-03-17 22:12 - 2014-03-17 22:12 - 00000000 ____D () C:\Users\Bronson\AppData\Local\Western Digital
2014-03-17 22:12 - 2014-03-17 22:12 - 00000000 ____D () C:\ProgramData\Western Digital
2014-03-17 22:11 - 2014-03-17 22:11 - 00000000 ____D () C:\Program Files\Western Digital
2014-03-17 22:10 - 2014-03-17 22:10 - 00000000 ____D () C:\Users\Surfer\AppData\Local\Western Digital
==================== One Month Modified Files and Folders =======
2014-04-16 21:32 - 2014-04-16 21:32 - 00012200 _____ () C:\Users\Bronson\Desktop\FRST.txt
2014-04-16 21:32 - 2014-04-16 21:32 - 00000000 ____D () C:\FRST
2014-04-16 21:31 - 2014-04-16 21:31 - 01146880 _____ (Farbar) C:\Users\Bronson\Desktop\FRST.exe
2014-04-16 20:47 - 2013-11-21 16:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 20:43 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-16 20:42 - 2009-07-14 06:39 - 00048658 _____ () C:\Windows\setupact.log
2014-04-16 18:02 - 2013-11-05 16:59 - 01505621 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 15:11 - 2013-11-11 00:36 - 00000000 ____D () C:\Users\Bronson\AppData\Roaming\vlc
2014-04-16 13:06 - 2009-07-14 06:34 - 00026704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 13:06 - 2009-07-14 06:34 - 00026704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 12:58 - 2013-12-17 17:47 - 00000000 ___RD () C:\Users\Bronson\Dropbox
2014-04-16 12:58 - 2013-12-17 17:23 - 00000000 ____D () C:\Users\Bronson\AppData\Roaming\Dropbox
2014-04-16 12:57 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 12:08 - 2014-04-16 12:08 - 00000000 __SHD () C:\Users\Bronson\AppData\Local\EmieUserList
2014-04-16 12:08 - 2014-04-16 12:08 - 00000000 __SHD () C:\Users\Bronson\AppData\Local\EmieSiteList
2014-04-15 20:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-15 19:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-14 21:06 - 2010-11-21 02:38 - 00000000 ____D () C:\Windows\DigitalLocker
2014-04-14 21:06 - 2010-11-20 23:48 - 00063958 _____ () C:\Windows\PFRO.log
2014-04-14 20:41 - 2014-04-14 20:41 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 20:41 - 2014-04-14 20:41 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-14 20:41 - 2013-11-06 20:18 - 00000000 ____D () C:\Users\Surfer\AppData\Roaming\Malwarebytes
2014-04-14 20:41 - 2013-11-06 20:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 20:40 - 2014-04-14 20:40 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-14 20:38 - 2013-11-05 17:36 - 00069464 _____ () C:\Users\Surfer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:56 - 2013-11-21 16:13 - 00000000 ____D () C:\Users\Surfer\AppData\Local\Adobe
2014-04-14 11:56 - 2013-11-07 01:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-14 11:56 - 2013-11-07 01:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-11-07 15:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-14 11:01 - 2013-11-07 00:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-14 10:59 - 2013-11-07 00:22 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-03 15:26 - 2013-11-05 17:36 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-03 15:25 - 2013-11-05 17:35 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-03 09:51 - 2014-04-14 20:40 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-14 20:40 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2013-12-07 15:38 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-01 17:09 - 2014-04-01 17:08 - 00000000 ____D () C:\Users\Bronson\AppData\Local\Microsoft Help
2014-04-01 09:08 - 2009-07-14 06:33 - 00310912 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-31 20:33 - 2013-11-05 17:52 - 00069464 _____ () C:\Users\Bronson\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 16:20 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-30 09:32 - 2013-11-05 17:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-29 17:58 - 2014-03-29 17:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 01:30 - 2013-11-05 18:05 - 00000000 ____D () C:\Users\Bronson\AppData\Local\Microsoft Games
2014-03-26 00:00 - 2013-12-01 13:19 - 00000000 ____D () C:\Users\Bronson\Documents\Eigene Scans
2014-03-25 12:48 - 2014-03-25 11:58 - 00000000 ____D () C:\Users\Bronson\AppData\Roaming\IrfanView
2014-03-25 11:58 - 2014-03-25 11:57 - 00000000 ____D () C:\ProgramData\IrfanView
2014-03-21 15:41 - 2014-03-11 10:58 - 00000000 ____D () C:\Users\Bronson\Documents\DVDVideoSoft
2014-03-21 15:41 - 2014-03-11 10:58 - 00000000 ____D () C:\Users\Bronson\AppData\Roaming\DVDVideoSoft
2014-03-20 17:53 - 2014-03-20 17:53 - 00002278 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-03-20 17:53 - 2014-03-20 17:53 - 00001203 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-03-20 17:53 - 2014-03-11 10:57 - 00000000 ____D () C:\Users\Surfer\AppData\Roaming\DVDVideoSoft
2014-03-20 17:53 - 2014-03-11 10:57 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-03-20 17:52 - 2014-03-11 10:57 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-03-17 22:12 - 2014-03-17 22:12 - 00000000 ____D () C:\Users\Bronson\AppData\Local\Western Digital
2014-03-17 22:12 - 2014-03-17 22:12 - 00000000 ____D () C:\ProgramData\Western Digital
2014-03-17 22:11 - 2014-03-17 22:11 - 00000000 ____D () C:\Program Files\Western Digital
2014-03-17 22:10 - 2014-03-17 22:10 - 00000000 ____D () C:\Users\Surfer\AppData\Local\Western Digital
Some content of TEMP:
====================
C:\Users\Bronson\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Surfer\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Surfer\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe
C:\Users\Surfer\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-11 22:00
==================== End Of Log ============================
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-04-2014 02
Ran by Surfer at 2014-04-16 21:33:12
Running from C:\Users\Bronson\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (Version: 140.0.000.000 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AWIN NotenBox 7 (HKLM\...\NotenBox7_is1) (Version: 7 - AWIN Software)
Bing Bar (HKLM\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation)
Bing Bar Platform (Version: 5.0.1449.0 - Microsoft Corporation) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.213.000 - Hewlett-Packard) Hidden
DocMgr (Version: 140.0.65.000 - Ihr Firmenname) Hidden
DocProc (Version: 140.0.100.000 - Hewlett-Packard) Hidden
DriverTuner 3.1.0.1 (HKLM\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
Eraser 6.0.10.2620 (HKLM\...\{A45C5EC7-F13E-4414-99BE-47373935C0FE}) (Version: 6.0.2620 - The Eraser Project)
Fax (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Free YouTube Download version 3.2.29.303 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.29.303 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.30.319 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.30.319 - DVDVideoSoft Ltd.)
GPBaseService2 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Hotspot Shield 3.32 (HKLM\...\HotspotShield) (Version: 3.32 - AnchorFree Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPProductAssistant (Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Default Manager (Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (Version: 3.0.126.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PhotoFiltre (HKLM\...\PhotoFiltre) (Version: - )
ProductContext (Version: 140.0.000.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Scan (Version: 140.0.167.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (Version: 140.0.256.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WD SmartWare (HKLM\...\{BC3804E5-77CC-47A0-8BD5-797355A26BA3}) (Version: 1.4.5.5 - Western Digital)
WebReg (Version: 140.0.213.017 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WINZD 2013-08 Rev. 2 (HKLM\...\WINZD_is1) (Version: - R. Aquila, F. Ostermeier)
==================== Restore Points =========================
29-03-2014 15:18:43 Windows Update
30-03-2014 21:05:55 Windows-Sicherung
02-04-2014 15:37:46 Windows Update
03-04-2014 13:25:14 Windows Update
06-04-2014 17:21:56 Windows-Sicherung
11-04-2014 19:30:05 Windows Update
14-04-2014 08:57:25 Windows Update
14-04-2014 09:03:49 Windows-Sicherung
15-04-2014 12:02:01 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {80AA8E9A-6DBB-49AB-8FD9-291A11D8F253} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {ECA6576B-24A2-4FD5-88E4-DB028AA2E001} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-01-15 01:23 - 2014-01-15 01:23 - 00937768 _____ () C:\Program Files\Hotspot Shield\bin\af_proxy.dll
2014-01-15 01:30 - 2014-01-15 01:30 - 00514344 _____ () C:\Program Files\Hotspot Shield\bin\HssRep.dll
2014-01-15 01:29 - 2014-01-15 01:29 - 00555304 _____ () C:\Program Files\Hotspot Shield\bin\hsswd.exe
2011-03-09 12:18 - 2011-03-09 12:18 - 01060864 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
2011-03-09 12:29 - 2011-03-09 12:29 - 00886272 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll
2011-03-09 12:16 - 2011-03-09 12:16 - 00484352 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Bronson\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-29 17:57 - 2014-03-29 17:57 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-14 11:56 - 2014-04-14 11:56 - 16351920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/16/2014 08:52:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/16/2014 00:58:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/16/2014 00:53:36 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17041 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 82c
Startzeit: 01cf595e937c00a8
Endzeit: 60000
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (04/16/2014 00:03:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/15/2014 08:46:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/15/2014 07:41:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/15/2014 10:45:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2014 09:08:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2014 03:46:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/14/2014 11:41:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/16/2014 08:50:57 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (04/16/2014 06:02:13 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (04/16/2014 06:02:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
Error: (04/16/2014 03:24:42 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (04/16/2014 00:58:36 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/16/2014 00:55:25 PM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (04/16/2014 00:02:50 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/15/2014 07:41:48 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/15/2014 10:45:20 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/14/2014 09:08:06 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-12-07 17:37:45.087
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_6d564c64c358b59e\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:37:45.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_6d564c64c358b59e\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:37:44.931
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_6d564c64c358b59e\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:37:40.485
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:37:40.407
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:37:40.345
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:37:09.550
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:37:09.472
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:37:09.394
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 17:35:51.051
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\Backup\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb_bcrypt.dll_e2f091ac" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 56%
Total physical RAM: 2046.49 MB
Available physical RAM: 883.97 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 2638.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.49 MB
==================== Drives ================================
Drive a: (OS) (Fixed) (Total:222.78 GB) (Free:107.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive c: (Volume) (Fixed) (Total:97.66 GB) (Free:71.34 GB) NTFS
Drive d: (Volume) (Fixed) (Total:390.62 GB) (Free:329.61 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.35 GB) NTFS
Drive f: (Kindle) (Removable) (Total:3.05 GB) (Free:3 GB) FAT32
Drive j: (My Book) (Fixed) (Total:1862.98 GB) (Free:1123.04 GB) NTFS
Drive v: (Volume) (Fixed) (Total:443.23 GB) (Free:25.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 50000000)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=223 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 33491025)
Partition 1: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=391 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=443 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00021365)
Partition 1: (Not Active) - (Size=-198659014656) - (Type=07 NTFS)
========================================================
Disk: 7 (Size: 3 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
