Sabine73

Member
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Sabine73

  • Rank
    Member

Profile Information

  • Gender
    Not Telling
  1. Hallo Kathrin, mein Netzwerk ist "PRIVAT". Also war es die ganze Zeit. Leider geht es nicht. Woran kann es sonst noch liegen. Wenn wir Emsisoft "deaktivieren" dann ist die Netzwerkverbindung da. Sabine
  2. Guten Abend, bisher hatte ich keine Probleme. Wir haben jetzt seit neuestem einen NAS-Server, darauf liegen all unsere Fotos. Man kann von jedem Rechner im Haus darauf zugreifen. Bloß der Rechner, auf dem Emsisoft läuft ist das nicht möglich. Emsisoft blockiert den Zugriff auf die Netzwerkgeräte. Wir wollte diese jetzt freigeben, aber wir kommen gar nicht auf "\\NAS" drauf. Also das Laufwerk wird uns unter Netzwerk gar nicht angezeigt. Wo kann man das einstellen, Sollte ja möglich sein Hier Informationen zum Rechner Vielen Dank für Ihre Hilfe
  3. Alles toll - keine Meldungen mehr. Komisch verhalten hat sich der Rechner ja nicht. Ist mir ja nur beim Scan aufgefallen.
  4. Hallo, sorry, dass ich mich erst heute melde. Scan mit Emsisoft ist ohne Befund.
  5. Hallo, alles erledigt. anbei die gewünschten Dateien: FRST.txt AdwCleanerC1.txt Addition.txt
  6. Danke für den netten Empfang. Hier die gewünschten Dateien: FRST.txt Addition.txt
  7. Guten Abend, heute habe ich beim scannen einen Fund - kein Risiko steht dahinter - möchte ihn aber gerne löschen bzw. in die Quarantäne verschieben. Leider geht das nicht. Können Sie mir dabei behilflich sein?? vielen Dank Hier die gewünschten Dateien: Extras.Txt OTL.Txt scan_151013-184139.txt
  8. Sabine73

    Nation Zoom

    So, da bin ich wieder, habe endlich die Zeit gefunden "aufzuräumen". Ich habe alles wie beschrieben getan, und ich denke alles ist gut. Vielen Dank noch mal Sabine
  9. Sabine73

    Nation Zoom

    Hallo nochmal, ja der Rechner funktioniert wieder einwandfrei. Besser als vorher. Vielen lieben Dank nochmal für die Hilfe. Eine Frage hab ich noch. Die ganzen Tools die wir benutzt haben, bleiben die am Rechner oder sollte ich die löschen?? Und warum findet die Emsisoft -Malware Software diese fiesen Dinge nicht?? Schönen Abend noch und hoffentlich benötige ich Ihre Hilfe nicht so schnell wieder. Sabine
  10. Sabine73

    Nation Zoom

    Guten Morgen, Also ich konnte es nirgends finden. Hab den komplette PC nach Outlook durchsucht. Blöd dachte ich mir. Mein Mann war leicht angesäuert. Hab's dann mit der Office cd installiert und im Programmeordner gefunden. Doppelklick darauf um wieder alles einzustellen, aber es war noch alles da. Die Postfächer, Kontakte alles.
  11. Sabine73

    Nation Zoom

    Hallo, Mozilla hab ich gelöscht und neu installiert. Von Nation Zoom keine Spur mehr. Fixlog hänge ich an. Bei der ganzen Aktion ist mir mein Qutlook verloren gegangen!? Ansonsten siehts glaube ich gut aus.
  12. Sabine73

    Nation Zoom

    Guten Morgen, habe alle Anweisungen befolgt. Im IE und Google Chrome erscheint Nation Zoom nicht mehr - leider aber immer noch im Mozilla. Die Scanergebnisse versuche ich anzuhängen. Ich hoffe das klappt Danke Sabine
  13. Sabine73

    Nation Zoom

    HIer die Ergebnisse des Scans: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01 Ran by ADMIN (administrator) on PC on 14-12-2013 17:39:46 Running from C:\Users\ADMIN\Desktop Windows 8.1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe () C:\Program Files (x86)\Polar\Daemon\polard.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oacat.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe (NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oahlp.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJHE.EXE (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\Polar\WebSync\WebSync.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe (Visicom Media Inc.) C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe () C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing-tray.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [beatsOSDApp] - C:\Program Files\IDT\WDM\Beats64.exe [37888 2012-08-10] (Hewlett-Packard ) HKLM\...\Run: [WrtMon.exe] - C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation) HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.) HKLM\...\Run: [@OnlineArmor GUI] - C:\Program Files (x86)\Online Armor\oaui.exe [7558464 2013-10-11] (Emsisoft GmbH) HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom) HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\System32\spool\drivers\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-04-03] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-04-03] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe [116632 2010-07-29] (NewSoft Technology Corporation) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [Anti-phishing Domain Advisor] - C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [235072 2013-05-31] (Visicom Media Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH) AppInit_DLLs: [ ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPDSK13/4 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1386860198&from=tugs&uid=HitachiXHDS723020BLA642_MN1240FA00WRWD00WRWDX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1386860198&from=tugs&uid=HitachiXHDS723020BLA642_MN1240FA00WRWD00WRWDX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com/?type=hp&ts=1386860198&from=tugs&uid=HitachiXHDS723020BLA642_MN1240FA00WRWD00WRWDX HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com/?type=hp&ts=1386860198&from=tugs&uid=HitachiXHDS723020BLA642_MN1240FA00WRWD00WRWDX StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1386860198&from=tugs&uid=HitachiXHDS723020BLA642_MN1240FA00WRWD00WRWDX&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1386860198&from=tugs&uid=HitachiXHDS723020BLA642_MN1240FA00WRWD00WRWDX&q={searchTerms} SearchScopes: HKLM - {5C066E4E-BF62-492A-99B2-2FE1F400FF94} URL = http://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=58e6af27-ddaa-26e6-2635-a825e1dc31df&searchtype=ds&q={searchTerms}&installDate=26/08/2013 SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\ADMIN\AppData\Roaming\Mozilla\Firefox\Profiles\hprg8g14.default FF user.js: detected! => C:\Users\ADMIN\AppData\Roaming\Mozilla\Firefox\Profiles\hprg8g14.default\user.js FF DefaultSearchEngine: nationzoom FF SearchEngineOrder.1: metaCrawler FF SelectedSearchEngine: nationzoom FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\nationzoom.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\testlog.txt FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahootc.xml FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\[email protected] FF StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultSearchKeyword: google.de CHR DefaultSearchProvider: Google CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding} CHR Extension: (Docs) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 CHR Extension: (Google Drive) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0 CHR Extension: (YouTube) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 CHR Extension: (Google Search) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 CHR Extension: (Plus-HD-1.3) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.113_0 CHR Extension: (Google Wallet) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\hp\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx ==================== Services (Whitelisted) ================= R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation) R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.) R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [584864 2013-10-11] (Emsisoft GmbH) R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [419536 2012-12-12] () S2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4457688 2013-10-11] (Emsisoft GmbH) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-19] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH) R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH) R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH) R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH) S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider) R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-10-08] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) R1 OADevice; C:\WINDOWS\SysWow64\Drivers\OADriver.sys [64720 2013-10-11] () R1 oahlpXX; C:\WINDOWS\syswow64\drivers\oahlp64.sys [62008 2013-10-11] () R1 OAmon; C:\WINDOWS\SysWOW64\Drivers\OAmon.sys [52360 2013-10-11] (Emsisoft) R3 OAnet; C:\Windows\system32\DRIVERS\oanet.sys [35368 2013-10-11] (Emsisoft) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R4 EsgScanner; system32\DRIVERS\EsgScanner.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-14 17:39 - 2013-12-14 17:39 - 00021869 _____ C:\Users\ADMIN\Desktop\FRST.txt 2013-12-14 17:39 - 2013-12-14 17:39 - 00000000 ____D C:\FRST 2013-12-14 17:38 - 2013-12-14 17:38 - 01927796 _____ (Farbar) C:\Users\ADMIN\Downloads\FRST64 (1).exe 2013-12-14 17:37 - 2013-12-14 17:37 - 01927796 _____ (Farbar) C:\Users\ADMIN\Desktop\FRST64.exe 2013-12-14 17:36 - 2013-12-14 17:37 - 01927796 _____ (Farbar) C:\Users\ADMIN\Downloads\FRST64.exe 2013-12-14 10:46 - 2013-12-14 10:46 - 00003314 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup 2013-12-13 16:11 - 2013-12-13 16:15 - 00000000 ____D C:\Program Files (x86)\Online Armor 2013-12-13 16:11 - 2013-12-13 16:12 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\OnlineArmor 2013-12-13 16:11 - 2013-12-13 16:12 - 00000000 ____D C:\ProgramData\OnlineArmor 2013-12-13 16:11 - 2013-10-11 03:41 - 00062008 _____ C:\WINDOWS\SysWOW64\Drivers\oahlp64.sys 2013-12-13 16:11 - 2013-10-11 03:40 - 00064720 _____ C:\WINDOWS\SysWOW64\Drivers\OADriver.sys 2013-12-13 16:11 - 2013-10-11 03:40 - 00052360 _____ (Emsisoft) C:\WINDOWS\SysWOW64\Drivers\OAmon.sys 2013-12-13 16:11 - 2013-10-11 03:40 - 00035368 _____ (Emsisoft) C:\WINDOWS\system32\Drivers\OAnet.sys 2013-12-13 16:10 - 2013-12-13 16:10 - 10696960 _____ (Emsisoft GmbH ) C:\Users\ADMIN\Downloads\OnlineArmorSetup.exe 2013-12-13 16:02 - 2013-12-13 16:02 - 00001109 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2013-12-13 16:01 - 2013-12-14 17:26 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware 2013-12-13 16:01 - 2013-12-13 16:01 - 00000000 ____D C:\Users\ADMIN\Documents\Anti-Malware 2013-12-13 15:51 - 2013-12-13 15:57 - 231302192 _____ (Emsisoft GmbH ) C:\Users\ADMIN\Downloads\EmsisoftAntiMalwareSetup.exe 2013-12-13 15:43 - 2013-12-13 15:43 - 00000000 ____D C:\Users\ADMIN\AppData\Local\toolbarcleaner 2013-12-13 07:35 - 2013-12-13 07:35 - 01214896 _____ (Visicom Media Inc.) C:\Users\ADMIN\Downloads\toolbarcleaner_setup.exe 2013-12-13 07:35 - 2013-12-13 07:35 - 00001104 _____ C:\Users\ADMIN\Desktop\Toolbar Cleaner.lnk 2013-12-13 07:35 - 2013-12-13 07:35 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner 2013-12-12 21:39 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-12-12 21:39 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-12-12 21:39 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-12-12 21:39 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-12-12 21:39 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-12-12 21:39 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-12-12 21:39 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-12-12 21:39 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-12-12 21:39 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-12-12 21:39 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-12-12 21:39 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-12-12 21:39 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-12-12 21:39 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-12-12 21:39 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2013-12-12 21:39 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2013-12-12 21:39 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-12-12 21:39 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-12-12 21:39 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2013-12-12 21:39 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2013-12-12 21:39 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-12-12 21:39 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2013-12-12 21:39 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2013-12-12 21:39 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2013-12-12 21:39 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2013-12-12 21:39 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-12-12 21:39 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2013-12-12 21:39 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2013-12-12 21:39 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2013-12-12 21:39 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2013-12-12 19:34 - 2013-12-12 19:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ADMIN\Downloads\mbam-setup-1.75.0.1300.exe 2013-12-12 19:34 - 2013-12-12 19:34 - 00001127 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-12 19:34 - 2013-12-12 19:34 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\Malwarebytes 2013-12-12 19:34 - 2013-12-12 19:34 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-12 19:34 - 2013-12-12 19:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-12 19:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-12-12 17:13 - 2013-12-12 17:13 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-12-12 17:13 - 2013-12-12 17:13 - 00000000 _____ C:\autoexec.bat 2013-12-12 17:12 - 2013-12-14 12:01 - 00000000 ____D C:\WINDOWS\72AAF4551E54475BB0AB5413C78D0E63.TMP 2013-12-12 15:57 - 2013-12-12 16:25 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro 2013-12-12 15:56 - 2013-12-12 17:16 - 00000000 ____D C:\Program Files (x86)\Re-markit 2013-12-12 15:56 - 2013-12-12 16:28 - 00000000 ____D C:\ProgramData\WPM 2013-12-09 21:49 - 2013-12-11 19:46 - 00012192 _____ C:\Users\ADMIN\Desktop\Busplan ab 16.12.2013.xlsx 2013-12-09 21:49 - 2013-12-09 21:49 - 00011804 _____ C:\Users\ADMIN\Documents\Busplan ab 16.12.2013.xlsx 2013-12-03 20:00 - 2013-12-03 20:00 - 00000000 ____D C:\Users\ADMIN\AppData\Local\Cyberlink 2013-12-03 17:35 - 2013-12-03 17:35 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\WebApp 2013-12-03 17:31 - 2013-12-03 17:31 - 00000000 ____D C:\Users\ADMIN\Documents\CyberLink 2013-12-03 17:31 - 2013-12-03 17:31 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\NVIDIA 2013-12-03 17:31 - 2013-12-03 17:31 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\CyberLink 2013-11-30 11:21 - 2013-11-30 11:21 - 00009728 ___SH C:\Users\Jonas\Downloads\Thumbs.db 2013-11-30 10:43 - 2013-11-30 10:54 - 429727279 _____ C:\Users\Jonas\Downloads\HAUPTFILM - Imagefilm der Freiwilligen Feuerwehr Stadt Jever 2012.mp4 2013-11-25 20:15 - 2013-11-25 20:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-25 18:55 - 2013-11-25 19:16 - 00000000 ____D C:\Users\ADMIN\Desktop\SharePod_3.99 2013-11-25 18:55 - 2013-11-25 18:55 - 02140631 _____ C:\Users\ADMIN\Desktop\SharePod_3.99.zip 2013-11-22 20:10 - 2013-11-22 20:10 - 00000000 ____D C:\Users\Jonas\AppData\Local\Google 2013-11-22 20:02 - 2013-11-22 20:02 - 00005938 _____ C:\Users\Jonas\Desktop\Silena.odt 2013-11-22 19:05 - 2013-11-22 19:05 - 00000000 ____D C:\Users\Jonas\AppData\Local\Apple 2013-11-22 18:59 - 2013-11-22 18:59 - 1698913557 _____ C:\WINDOWS\MEMORY.DMP 2013-11-22 18:59 - 2013-11-22 18:59 - 00300440 _____ C:\WINDOWS\Minidump\112213-30171-01.dmp 2013-11-22 18:59 - 2013-11-22 18:59 - 00000000 ____D C:\WINDOWS\Minidump 2013-11-22 18:52 - 2013-11-22 18:52 - 00000000 ____D C:\Users\Jonas\AppData\Local\Apple Computer 2013-11-19 20:05 - 2013-11-19 20:20 - 562335264 _____ C:\Users\ADMIN\Downloads\WISOSteuersoftware2014.exe 2013-11-17 14:38 - 2013-11-17 14:38 - 00001797 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____D C:\Program Files\iTunes 2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____D C:\Program Files\iPod 2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-11-16 08:46 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-11-16 08:46 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2013-11-16 08:46 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-11-16 08:46 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-11-16 08:46 - 2013-11-05 15:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-11-16 08:46 - 2013-11-05 15:29 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-11-16 08:46 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2013-11-16 08:46 - 2013-10-23 12:21 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2013-11-16 08:46 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2013-11-16 08:46 - 2013-10-23 06:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-16 08:46 - 2013-10-23 06:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-16 08:46 - 2013-10-23 05:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-11-16 08:46 - 2013-10-23 05:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-11-16 08:46 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-11-16 08:46 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-11-16 08:46 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-11-16 08:46 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2013-11-16 08:46 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2013-11-16 08:46 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-11-16 08:46 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-11-16 08:46 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-11-16 08:46 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2013-11-16 08:46 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-11-16 08:46 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-11-16 08:46 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-11-16 08:46 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-11-16 08:46 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-11-16 08:46 - 2013-10-19 10:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-11-16 08:46 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-11-16 08:46 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2013-11-16 08:46 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2013-11-16 08:46 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2013-11-16 08:46 - 2013-10-19 04:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-11-16 08:46 - 2013-10-19 04:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-11-16 08:46 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-11-16 08:46 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2013-11-16 08:46 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2013-11-16 08:46 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2013-11-16 08:46 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2013-11-16 08:46 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2013-11-16 08:46 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2013-11-16 08:46 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-11-16 08:46 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-11-16 08:46 - 2013-10-11 16:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-11-16 08:46 - 2013-10-11 15:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-11-16 08:46 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-11-16 08:46 - 2013-10-11 14:04 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-11-16 08:46 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-11-16 08:46 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2013-11-16 08:46 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-11-16 08:46 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2013-11-16 08:46 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2013-11-16 08:46 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-11-16 08:46 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2013-11-16 08:46 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-11-16 08:46 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2013-11-16 08:46 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-11-16 08:46 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2013-11-16 08:46 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2013-11-16 08:46 - 2013-10-10 11:40 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-11-16 08:46 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-11-16 08:46 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2013-11-16 08:46 - 2013-10-10 11:19 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-11-16 08:46 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-11-16 08:46 - 2013-10-08 12:07 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-11-16 08:46 - 2013-10-08 11:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2013-11-16 08:46 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-11-16 08:46 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2013-11-16 08:46 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2013-11-16 08:46 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2013-11-16 08:46 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2013-11-16 08:46 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2013-11-16 08:46 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-11-16 08:46 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2013-11-16 08:46 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2013-11-16 08:46 - 2013-10-07 08:21 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-11-16 08:46 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-11-16 08:46 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-11-16 08:46 - 2013-10-05 16:25 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-11-16 08:46 - 2013-10-05 16:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2013-11-16 08:46 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-11-16 08:46 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2013-11-16 08:46 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2013-11-16 08:46 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2013-11-16 08:46 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2013-11-16 08:46 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-11-16 08:46 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-11-16 08:46 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-11-16 08:46 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2013-11-16 08:46 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2013-11-16 08:46 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2013-11-16 08:46 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2013-11-16 08:46 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-11-16 08:46 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-11-16 08:46 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-11-16 08:46 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2013-11-16 08:46 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-11-16 08:46 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-11-16 08:46 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-11-16 08:46 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2013-11-16 08:46 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-11-16 08:46 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2013-11-16 08:46 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2013-11-16 08:46 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2013-11-16 08:46 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2013-11-16 08:46 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2013-11-16 08:46 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2013-11-16 08:46 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-11-16 08:46 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2013-11-16 08:46 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2013-11-16 08:46 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2013-11-16 08:46 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2013-11-16 08:46 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2013-11-16 08:46 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2013-11-16 08:46 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2013-11-16 08:46 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2013-11-16 08:46 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2013-11-16 08:46 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2013-11-16 08:46 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2013-11-16 08:46 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2013-11-16 08:46 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2013-11-16 08:46 - 2013-09-11 13:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-11-16 08:46 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2013-11-16 08:46 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2013-11-16 08:46 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2013-11-16 08:35 - 2013-12-13 15:38 - 00077982 _____ C:\WINDOWS\PFRO.log 2013-11-15 16:07 - 2013-11-22 20:10 - 00002273 _____ C:\Users\Jonas\Desktop\Google Chrome.lnk ==================== One Month Modified Files and Folders ======= 2013-12-14 17:39 - 2013-12-14 17:39 - 00021869 _____ C:\Users\ADMIN\Desktop\FRST.txt 2013-12-14 17:39 - 2013-12-14 17:39 - 00000000 ____D C:\FRST 2013-12-14 17:38 - 2013-12-14 17:38 - 01927796 _____ (Farbar) C:\Users\ADMIN\Downloads\FRST64 (1).exe 2013-12-14 17:37 - 2013-12-14 17:37 - 01927796 _____ (Farbar) C:\Users\ADMIN\Desktop\FRST64.exe 2013-12-14 17:37 - 2013-12-14 17:36 - 01927796 _____ (Farbar) C:\Users\ADMIN\Downloads\FRST64.exe 2013-12-14 17:30 - 2013-10-20 10:03 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\ClassicShell 2013-12-14 17:26 - 2013-12-13 16:01 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware 2013-12-14 17:03 - 2013-01-05 16:32 - 00001108 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-14 17:02 - 2013-10-22 06:11 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-12-14 17:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru 2013-12-14 16:52 - 2013-10-20 10:07 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2824886842-1903998303-2860717336-1011 2013-12-14 16:45 - 2013-11-12 13:46 - 01542962 _____ C:\WINDOWS\WindowsUpdate.log 2013-12-14 16:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2013-12-14 15:34 - 2013-01-05 17:13 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-12-14 15:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2013-12-14 12:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2013-12-14 12:01 - 2013-12-12 17:12 - 00000000 ____D C:\WINDOWS\72AAF4551E54475BB0AB5413C78D0E63.TMP 2013-12-14 11:56 - 2012-11-01 23:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2013-12-14 11:55 - 2012-07-26 06:26 - 00000111 _____ C:\WINDOWS\win.ini 2013-12-14 10:46 - 2013-12-14 10:46 - 00003314 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup 2013-12-14 10:33 - 2013-10-20 10:08 - 00000000 ____D C:\Users\ADMIN\Documents\WISO Mein Geld 2013-12-14 10:00 - 2013-10-25 12:14 - 00029291 _____ C:\Users\ADMIN\Sti_Trace.log 2013-12-14 10:00 - 2013-10-19 14:51 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\.oit 2013-12-14 10:00 - 2013-01-05 16:32 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-13 18:46 - 2013-08-30 08:50 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner 2013-12-13 18:19 - 2013-10-31 13:58 - 00000000 ____D C:\Users\ADMIN\AppData\Local\PasswordSafe 2013-12-13 16:15 - 2013-12-13 16:11 - 00000000 ____D C:\Program Files (x86)\Online Armor 2013-12-13 16:12 - 2013-12-13 16:11 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\OnlineArmor 2013-12-13 16:12 - 2013-12-13 16:11 - 00000000 ____D C:\ProgramData\OnlineArmor 2013-12-13 16:10 - 2013-12-13 16:10 - 10696960 _____ (Emsisoft GmbH ) C:\Users\ADMIN\Downloads\OnlineArmorSetup.exe 2013-12-13 16:02 - 2013-12-13 16:02 - 00001109 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2013-12-13 16:01 - 2013-12-13 16:01 - 00000000 ____D C:\Users\ADMIN\Documents\Anti-Malware 2013-12-13 15:57 - 2013-12-13 15:51 - 231302192 _____ (Emsisoft GmbH ) C:\Users\ADMIN\Downloads\EmsisoftAntiMalwareSetup.exe 2013-12-13 15:43 - 2013-12-13 15:43 - 00000000 ____D C:\Users\ADMIN\AppData\Local\toolbarcleaner 2013-12-13 15:38 - 2013-11-16 08:35 - 00077982 _____ C:\WINDOWS\PFRO.log 2013-12-13 15:38 - 2013-08-30 08:50 - 00000000 ____D C:\ProgramData\Anti-phishing Domain Advisor 2013-12-13 15:38 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-12-13 15:38 - 2013-08-22 15:44 - 00430376 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-12-13 15:37 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2013-12-13 15:36 - 2013-11-11 19:30 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\DigitalSite 2013-12-13 15:36 - 2013-09-14 09:14 - 00000000 ____D C:\ProgramData\BitGuard 2013-12-13 15:36 - 2013-01-05 20:52 - 00000000 ____D C:\Program Files (x86)\SweetIM 2013-12-13 14:52 - 2013-11-13 16:41 - 00002273 _____ C:\Users\ADMIN\Desktop\Google Chrome.lnk 2013-12-13 13:39 - 2013-10-20 10:11 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{845F5C89-0D5B-4D13-82C1-9DB328CAFE6E} 2013-12-13 07:35 - 2013-12-13 07:35 - 01214896 _____ (Visicom Media Inc.) C:\Users\ADMIN\Downloads\toolbarcleaner_setup.exe 2013-12-13 07:35 - 2013-12-13 07:35 - 00001104 _____ C:\Users\ADMIN\Desktop\Toolbar Cleaner.lnk 2013-12-13 07:35 - 2013-12-13 07:35 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner 2013-12-12 19:44 - 2013-09-30 05:14 - 01980934 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-12-12 19:44 - 2013-09-30 04:56 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat 2013-12-12 19:44 - 2013-09-30 04:56 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat 2013-12-12 19:34 - 2013-12-12 19:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ADMIN\Downloads\mbam-setup-1.75.0.1300.exe 2013-12-12 19:34 - 2013-12-12 19:34 - 00001127 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-12 19:34 - 2013-12-12 19:34 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\Malwarebytes 2013-12-12 19:34 - 2013-12-12 19:34 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-12 19:34 - 2013-12-12 19:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-12 17:16 - 2013-12-12 15:56 - 00000000 ____D C:\Program Files (x86)\Re-markit 2013-12-12 17:16 - 2013-10-22 06:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-12 17:13 - 2013-12-12 17:13 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-12-12 17:13 - 2013-12-12 17:13 - 00000000 _____ C:\autoexec.bat 2013-12-12 16:28 - 2013-12-12 15:56 - 00000000 ____D C:\ProgramData\WPM 2013-12-12 16:25 - 2013-12-12 15:57 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro 2013-12-12 16:24 - 2013-11-11 19:32 - 00000000 ____D C:\Program Files (x86)\MyPC Backup 2013-12-12 16:24 - 2013-10-19 14:51 - 00000000 ___RD C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-12 15:56 - 2013-10-22 06:07 - 00001383 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-12-12 15:56 - 2013-10-19 14:51 - 00001686 _____ C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-11 19:46 - 2013-12-09 21:49 - 00012192 _____ C:\Users\ADMIN\Desktop\Busplan ab 16.12.2013.xlsx 2013-12-11 07:02 - 2013-10-22 06:11 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2013-12-09 21:49 - 2013-12-09 21:49 - 00011804 _____ C:\Users\ADMIN\Documents\Busplan ab 16.12.2013.xlsx 2013-12-06 22:21 - 2013-10-20 12:42 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\ClassicShell 2013-12-06 21:59 - 2013-10-22 14:34 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2824886842-1903998303-2860717336-1012 2013-12-06 21:49 - 2013-10-28 12:37 - 00005123 _____ C:\Users\Jonas\Sti_Trace.log 2013-12-06 21:49 - 2013-10-20 12:40 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\.oit 2013-12-06 21:48 - 2013-11-12 17:15 - 00006444 _____ C:\WINDOWS\setupact.log 2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-03 20:00 - 2013-12-03 20:00 - 00000000 ____D C:\Users\ADMIN\AppData\Local\Cyberlink 2013-12-03 19:58 - 2013-01-05 16:32 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-03 19:58 - 2013-01-05 16:32 - 00003844 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-03 17:35 - 2013-12-03 17:35 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\WebApp 2013-12-03 17:31 - 2013-12-03 17:31 - 00000000 ____D C:\Users\ADMIN\Documents\CyberLink 2013-12-03 17:31 - 2013-12-03 17:31 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\NVIDIA 2013-12-03 17:31 - 2013-12-03 17:31 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\CyberLink 2013-11-30 11:21 - 2013-11-30 11:21 - 00009728 ___SH C:\Users\Jonas\Downloads\Thumbs.db 2013-11-30 10:54 - 2013-11-30 10:43 - 429727279 _____ C:\Users\Jonas\Downloads\HAUPTFILM - Imagefilm der Freiwilligen Feuerwehr Stadt Jever 2012.mp4 2013-11-26 12:54 - 2013-12-12 21:39 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-11-26 11:11 - 2013-12-12 21:39 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-11-26 10:41 - 2013-12-12 21:39 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-11-26 09:57 - 2013-12-12 21:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-11-26 09:38 - 2013-12-12 21:39 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-11-26 09:35 - 2013-12-12 21:39 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-11-26 09:16 - 2013-12-12 21:39 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-11-26 09:02 - 2013-12-12 21:39 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-11-26 08:48 - 2013-12-12 21:39 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-11-26 08:32 - 2013-12-12 21:39 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-11-26 08:26 - 2013-12-12 21:39 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-11-26 08:07 - 2013-12-12 21:39 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-11-26 07:40 - 2013-12-12 21:39 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-11-26 07:34 - 2013-12-12 21:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2013-11-26 07:34 - 2013-12-12 21:39 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2013-11-26 07:33 - 2013-12-12 21:39 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-11-26 07:27 - 2013-12-12 21:39 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-11-25 20:15 - 2013-11-25 20:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-25 19:16 - 2013-11-25 18:55 - 00000000 ____D C:\Users\ADMIN\Desktop\SharePod_3.99 2013-11-25 18:55 - 2013-11-25 18:55 - 02140631 _____ C:\Users\ADMIN\Desktop\SharePod_3.99.zip 2013-11-24 12:04 - 2013-10-20 10:53 - 00000000 ____D C:\Users\ADMIN\Documents\JOHANNES 2013-11-23 05:34 - 2013-12-12 21:39 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2013-11-23 05:13 - 2013-12-12 21:39 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2013-11-23 04:32 - 2013-12-12 21:39 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-11-23 04:10 - 2013-12-12 21:39 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2013-11-22 20:35 - 2013-10-20 12:37 - 00000000 ____D C:\Users\Jonas 2013-11-22 20:10 - 2013-11-22 20:10 - 00000000 ____D C:\Users\Jonas\AppData\Local\Google 2013-11-22 20:10 - 2013-11-15 16:07 - 00002273 _____ C:\Users\Jonas\Desktop\Google Chrome.lnk 2013-11-22 20:02 - 2013-11-22 20:02 - 00005938 _____ C:\Users\Jonas\Desktop\Silena.odt 2013-11-22 19:31 - 2013-10-20 12:40 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Apple Computer 2013-11-22 19:23 - 2013-10-19 14:50 - 00000000 ____D C:\Users\ADMIN 2013-11-22 19:05 - 2013-11-22 19:05 - 00000000 ____D C:\Users\Jonas\AppData\Local\Apple 2013-11-22 19:03 - 2013-10-22 14:51 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{012F7537-F055-4139-AA14-E9571EDAD020} 2013-11-22 18:59 - 2013-11-22 18:59 - 1698913557 _____ C:\WINDOWS\MEMORY.DMP 2013-11-22 18:59 - 2013-11-22 18:59 - 00300440 _____ C:\WINDOWS\Minidump\112213-30171-01.dmp 2013-11-22 18:59 - 2013-11-22 18:59 - 00000000 ____D C:\WINDOWS\Minidump 2013-11-22 18:58 - 2012-11-01 22:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-22 18:52 - 2013-11-22 18:52 - 00000000 ____D C:\Users\Jonas\AppData\Local\Apple Computer 2013-11-19 20:25 - 2013-01-06 11:48 - 00000672 _____ C:\WINDOWS\wiso.ini 2013-11-19 20:24 - 2013-01-06 11:46 - 00000000 ____D C:\Program Files (x86)\WISO 2013-11-19 20:20 - 2013-11-19 20:05 - 562335264 _____ C:\Users\ADMIN\Downloads\WISOSteuersoftware2014.exe 2013-11-19 19:12 - 2013-10-22 06:59 - 00000000 ____D C:\Program Files\McAfee Security Scan 2013-11-19 19:12 - 2013-10-22 06:11 - 00001949 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2013-11-19 11:30 - 2013-01-06 21:52 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2013-11-18 18:00 - 2013-10-20 12:37 - 00000000 ___RD C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-11-18 17:59 - 2013-10-20 12:38 - 00000000 ___RD C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-18 17:59 - 2013-10-20 12:38 - 00000000 ___RD C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-11-17 20:29 - 2013-10-31 13:58 - 00000000 ____D C:\Users\ADMIN\Documents\My Safes 2013-11-17 14:38 - 2013-11-17 14:38 - 00001797 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____D C:\Program Files\iTunes 2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____D C:\Program Files\iPod 2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-11-17 14:02 - 2013-10-19 14:51 - 00000000 ___RD C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-11-17 14:00 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData 2013-11-17 14:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore 2013-11-17 14:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz 2013-11-17 14:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2013-11-16 08:42 - 2013-10-19 14:51 - 00000000 ____D C:\Users\ADMIN\AppData\Roaming\Apple Computer Some content of TEMP: ==================== C:\Users\ADMIN\AppData\Local\Temp\39736uninstall.exe C:\Users\ADMIN\AppData\Local\Temp\BackupSetup.exe C:\Users\ADMIN\AppData\Local\Temp\ose00000.exe C:\Users\ADMIN\AppData\Local\Temp\SHSetup.exe C:\Users\ADMIN\AppData\Local\Temp\Sqlite3.dll C:\Users\ADMIN\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-13 18:01 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2013 01 Ran by ADMIN at 2013-12-14 17:40:09 Running from C:\Users\ADMIN\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} ==================== Installed Programs ====================== 64 Bit HP CIO Components Installer (Version: 7.2. Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170) Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05) AIO_CDA_ProductContext (x32 Version: 140.0.425.000) AIO_CDA_Software (x32 Version: 140.0.428.000) AIO_Scan (x32 Version: 130.0.421.000) Anleitung für Epson Connect (x32) Anti-phishing Domain Advisor (x32 Version: 1.0.1.106) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) Belarc Advisor 8.3 (x32 Version: 8.3.2.0) Bing Bar (x32 Version: 7.2.241.0) Bonjour (Version: 3.0.0.10) BTUpdater 1.3 (x32) BufferChm (x32 Version: 140.0.298.000) C7100 (x32 Version: 140.0.425.000) c7100_Help (x32 Version: 82.0.256.000) CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.7.2.11) Canon Internet Library for ZoomBrowser EX (x32 Version: 1.6.3.9) Canon MOV Decoder (x32 Version: 1.5.0.7) Canon MOV Encoder (x32 Version: 1.3.1.3) Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.4.1.9) Canon Utilities Digital Photo Professional 3.8 (x32 Version: 3.8.0.0) Canon Utilities EOS Utility (x32 Version: 2.8.1.0) Canon Utilities PhotoStitch (x32 Version: 3.1.22.46) Canon Utilities Picture Style Editor (x32 Version: 1.7.0.0) Canon Utilities WFT Utility (x32 Version: 3.5.1.1) Canon Utilities ZoomBrowser EX (x32 Version: 6.5.1.15) Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.3.0.4) CCleaner (Version: 4.06) CDBurnerXP (x32 Version: 4.5.2.4214) Classic Shell (Version: 4.0.0) Connected Music powered by Universal Music Group version 1.0 (x32 Version: 1.0) Copy (x32 Version: 140.0.298.000) CyberLink LabelPrint (x32 Version: 2.5.1.5510) CyberLink Media Suite 10 (x32 Version: 10.0.1.1916) CyberLink PhotoDirector (x32 Version: 2.0.1.3109) CyberLink Power2Go 8 (x32 Version: 8.0.1.1902) CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925) CyberLink PowerDVD (x32 Version: 10.0.1.4319) D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Destinations (x32 Version: 140.0.253.000) DeviceDiscovery (x32 Version: 140.0.298.000) Die Siedler II - Die nächste Generation (x32) Diktattrainer plus 5-6 (x32) DocProc (x32 Version: 140.0.185.000) DomaIQ Uninstaller (x32) Download Navigator (x32 Version: 3.4.1) Druckerdeinstallation für EPSON WF-3540 Series Emsisoft Anti-Malware (x32 Version: 8.1) EnBW StromRadar (x32 Version: 2.2.4.1) Epson Benutzerhandbuch WF-3540 Series (x32) Epson Connect Printer Setup (x32 Version: 1.1.1) Epson Easy Photo Print 2 (x32 Version: 2.4.0.0) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000) Epson Event Manager (x32 Version: 3.01.0005) Epson E-Web Print (x32 Version: 1.17.0000) Epson FAX Utility (x32 Version: 1.30.00) Epson Netzwerkhandbuch WF-3540 Series (x32) EPSON Printer Finder (x32 Version: 1.0.0) EPSON Scan (x32) EpsonNet Print (x32 Version: 2.5.00) ExpressCache (Version: 1.0.86) Fax (x32 Version: 140.0.307.000) Fotogalerie (x32 Version: 16.4.3505.0912) Google Chrome (x32 Version: 31.0.1650.63) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320) Google Update Helper (x32 Version: 1.3.22.3) GPBaseService2 (x32 Version: 140.0.297.000) HP Connected Music (Meridian - installer) (x32 Version: v1.0) HP Connected Remote (x32 Version: 1.0.1206) HP Customer Experience Enhancements (x32 Version: 6.0.1.7) HP Customer Participation Program 14.0 (Version: 14.0) HP Imaging Device Functions 14.0 (Version: 14.0) HP Photosmart All-In-One Driver Software (Version: 14.0) HP Postscript Converter (Version: 3.1.3591) HP Registration Service (Version: 1.0.5976.4186) HP Solution Center 14.0 (Version: 14.0) HP Support Assistant (x32 Version: 7.0.39.15) HP Support Information (x32 Version: 12.00.0000) HP Update (x32 Version: 5.002.006.003) HPPhotoGadget (x32 Version: 140.0.524.000) HPProductAssistant (x32 Version: 140.0.298.000) HPSSupply (x32 Version: 140.0.297.000) iCloud (Version: 3.0.2.163) IDT Audio (x32 Version: 1.0.6418.0) Intel® Management Engine Components (x32 Version: 8.1.0.1252) Intel® Trusted Connect Service Client (Version: 1.24.388.1) Internet Explorer Toolbar 4.7 by SweetPacks (x32 Version: 4.7.0002) <==== ATTENTION iTunes (Version: 11.1.3. Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: 2.1.9. Junk Mail filter update (x32 Version: 16.4.3505.0912) Landwirtschafts Simulator 2011 (x32 Version: 1.0) Landwirtschafts Simulator 2013 (x32 Version: 1.0) Langenscheidt Vokabeltrainer 6.0 Englisch (x32 Version: 6.0.1) MailStore Home 8.0.2.8361 (x32 Version: 8.0.2.8361) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) MarketResearch (x32 Version: 140.0.299.000) McAfee Security Scan Plus (Version: 3.8.130.10) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office (x32 Version: 14.0.6120.5004) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Movie Maker (x32 Version: 16.4.3505.0912) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 25.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) MyTomTom 3.2.0.1116 (x32 Version: 3.2.0.1116) Network64 (Version: 140.0.306.000) NVIDIA 3D Vision Treiber 327.02 (Version: 327.02) NVIDIA Grafiktreiber 327.02 (Version: 327.02) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.889) NVIDIA PhysX (x32 Version: 9.12.0613) NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702) NVIDIA Systemsteuerung 327.02 (Version: 327.02) OCR Software by I.R.I.S. 14.0 (Version: 14.0) Online Armor 7.0 (x32 Version: 7.0) Password Safe (x32) Personal Backup 5.5 (Version: 5.3) phase-6 2.3.3 (x32 Version: 2.3.3) Photo Gallery (x32 Version: 16.4.3505.0912) Polar Daemon (x32 Version: 2.2.20000) Polar WebSync (x32 Version: 2.8.10006) Presto! PageManager 9.03 SE (x32 Version: 9.03.06) QuickTime (x32 Version: 7.74.80.86) Recovery Manager (x32 Version: 5.5.0.5530) RegUtility version 4.1 (x32 Version: 4.1) Scan (x32 Version: 140.0.253.000) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32) Shop for HP Supplies (Version: 14.0) Sigma Data Center 3.1 (x32 Version: 3.1) Sigma Data Center 3.2 (x32 Version: 3.2) Software Informer 1.2 Software Updater (x32 Version: 4.1.7) SolutionCenter (x32 Version: 140.0.299.000) Status (x32 Version: 140.0.342.000) SweetIM for Messenger 3.7 (x32 Version: 3.7.0007) <==== ATTENTION Sweetpacks Bundle Uninstaller (x32 Version: 1.0.0.0) <==== ATTENTION System Power Shortcuts (x32 Version: 1.3.8209) Tippmaster v3.5.0 (x32 Version: 3.5.0) TomTom HOME (x32 Version: 2.9.7) TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2) Toolbar Cleaner (x32) Toolbox (x32 Version: 140.0.596.000) Trackplanner 1.1.12 (x32) TrayApp (x32 Version: 140.0.297.000) Tyre (x32 Version: 6.3.1.3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32) Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008) <==== ATTENTION Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0) Vokabeltrainer-Update 6.0.18 (x32 Version: 6.0.18) WebReg (x32 Version: 140.0.297.017) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live Messenger (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912) Windows-Treiberpaket - SIGMA Elektro GmbH (usbser) Ports (04/27/2012 5.1.2600.5512) (Version: 04/27/2012 5.1.2600.5512) WISO Mein Geld 2014 Professional (x32 Version: 16.0.1.0) WISO Mein Geld 2014 Professional (x32) WISO Steuer-Sparbuch 2013 (x32 Version: 20.00.8137) WISO Steuer-Sparbuch 2014 (x32 Version: 21.00.8480) Zip Opener Packages (HKCU) <==== ATTENTION ==================== Restore Points ========================= 12-12-2013 16:12:31 Installed SpyHunter 14-12-2013 09:45:32 Installed SpyHunter ==================== Hosts content: ========================== 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {02797F86-78B4-4B09-987D-C80E2A1EC280} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B5168E2-CCB8-4007-B47F-B39B8700A6F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05] (Google Inc.) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {4559AA2A-3E4B-49F3-B8F6-6BCADD31DA0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05] (Google Inc.) Task: {487F7CF2-5302-4468-86DE-D2BD852E6CB5} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {72B10459-4590-4B08-9AC1-0D5EA9820A72} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-11-13] (Microsoft Corporation) Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {79D5B119-27D0-476B-9DA2-1D4FD0B11983} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {B1174188-13B8-48E9-B74E-1A850D5DE550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated) Task: {B6C86806-D2D5-4E97-AF6B-C7CFA4D8E278} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Thoosje Vista Sidebar\Thoosje Sidebar.exe Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {F7A07D5A-174A-40AD-AD19-A2971920551D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-08-06 22:50 - 2012-08-06 22:50 - 00607744 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\JobCapsA.dll 2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll 2013-10-19 14:53 - 2013-10-19 14:53 - 00120224 _____ () C:\Users\ADMIN\AppData\Local\assembly\dl3\P614JHN7.VQO\W1HP4Z1K.AEP\71599d0e\0017145d_cd85cd01\HPItunesModule.DLL 2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll 2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll 2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-12-12 14:20 - 2012-12-12 14:20 - 03483856 _____ () C:\Program Files (x86)\Polar\Daemon\libpolar.dll 2012-11-01 22:57 - 2012-07-18 09:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 2012-11-01 23:03 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2013-02-26 15:59 - 2013-02-26 15:59 - 00110648 _____ () C:\Program Files (x86)\Polar\WebSync\PTransform.dll 2013-02-26 15:59 - 2013-02-26 15:59 - 03722296 _____ () C:\Program Files (x86)\Polar\WebSync\libpolar.dll 2010-02-10 15:06 - 2010-02-10 15:06 - 00334848 _____ () C:\Program Files (x86)\Polar\WebSync\QtXml4.dll 2010-02-10 15:22 - 2010-02-10 15:22 - 07971840 _____ () C:\Program Files (x86)\Polar\WebSync\QtGui4.dll 2010-02-10 15:07 - 2010-02-10 15:07 - 00929280 _____ () C:\Program Files (x86)\Polar\WebSync\QtNetwork4.dll 2011-01-14 15:01 - 2011-01-14 15:01 - 02142720 _____ () C:\Program Files (x86)\Polar\WebSync\QtCore4.dll 2010-02-10 17:45 - 2010-02-10 17:45 - 00025600 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qgif4.dll 2010-02-10 17:45 - 2010-02-10 17:45 - 00119808 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qjpeg4.dll 2013-02-02 19:26 - 2008-11-17 14:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\nsSign.dll 2013-02-02 19:26 - 2010-05-07 11:46 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PerformOcr.dll 2013-02-02 19:26 - 2010-12-23 13:17 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMISM.dll 2013-02-02 19:26 - 2010-12-29 17:52 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMCommon.dll 2013-02-02 19:26 - 2008-08-25 17:19 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll 2013-02-02 19:26 - 2007-03-30 10:24 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Qem.dll 2013-02-02 19:26 - 2009-11-26 17:49 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NetFun2k.dll 2013-02-02 19:26 - 2011-03-11 10:47 - 00151040 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ScanModule.dll 2013-02-02 19:26 - 2009-09-09 14:44 - 00151552 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMANO.dll 2013-02-02 19:26 - 2007-03-30 09:49 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ComClass.dll 2013-02-02 19:26 - 2010-11-30 16:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMTree.dll 2013-02-02 19:26 - 2010-10-22 10:01 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSet.dll 2013-02-02 19:26 - 2010-12-29 18:32 - 00614400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDB_N.dll 2013-02-02 19:26 - 2010-07-13 10:48 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMProp.dll 2013-02-02 19:26 - 2010-09-09 18:00 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMINSO.dll 2013-02-02 19:26 - 2007-08-31 17:51 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMVoice.dll 2013-02-02 19:26 - 2010-09-08 17:10 - 00073728 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll 2013-02-02 19:26 - 2009-08-06 10:22 - 00421888 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\FT.dll 2013-02-02 19:26 - 2009-11-27 17:38 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAppBar.dll 2013-02-02 19:26 - 2010-11-26 10:33 - 04583424 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMView.dll 2013-02-02 19:26 - 2007-03-30 10:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll 2013-02-02 19:26 - 2010-10-22 10:22 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSave.dll 2013-02-02 19:26 - 2010-08-03 10:44 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMOffice.dll 2013-02-02 19:26 - 2010-09-26 11:13 - 00430080 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPageVW.dll 2013-02-02 19:26 - 2010-03-02 15:09 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDocVW.dll 2013-02-02 19:26 - 2010-08-03 10:51 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll 2013-02-02 19:26 - 2010-09-26 11:13 - 00184320 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImgVW.dll 2013-02-02 19:26 - 2008-08-25 16:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMIEVW.dll 2013-02-02 19:26 - 2010-09-08 10:52 - 00036864 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPDFView.dll 2013-02-02 19:26 - 2009-06-26 09:03 - 00086016 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMApSet.dll 2013-02-02 19:26 - 2009-12-04 17:20 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll 2013-02-02 19:26 - 2010-04-27 15:20 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMStatus.dll 2013-02-02 19:26 - 2011-01-21 15:05 - 00258048 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMScnSet.dll 2013-02-02 19:26 - 2007-03-30 09:57 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Import.dll 2013-02-02 19:26 - 2010-11-26 10:45 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/14/2013 02:59:59 PM) (Source: ESENT) (User: ) Description: svchost (2000) Instance: Bei Überprüfung der aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb" bei Offset 12943360 (0x0000000000c58000) (Datenbankseite svchost0) für 32768 (0x00008000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09], die berechnete Prüfsumme [0000018ab54317e6:0000000000000000:0000000000000000:0000000000000000]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (12/14/2013 00:02:14 PM) (Source: MsiInstaller) (User: PC) Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5 Error: (12/14/2013 11:55:51 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.16384, Zeitstempel: 0x52158c02 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d45fa Ausnahmecode: 0xc0000005 Fehleroffset: 0x000279a4 ID des fehlerhaften Prozesses: 0x1208 Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0 Pfad der fehlerhaften Anwendung: MsiExec.exe1 Pfad des fehlerhaften Moduls: MsiExec.exe2 Berichtskennung: MsiExec.exe3 Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5 Error: (12/13/2013 04:15:54 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: oasrv.exe, Version: 7.0.0.1866, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: oasrv.exe, Version: 7.0.0.1866, Zeitstempel: 0x2a425e19 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004a5f ID des fehlerhaften Prozesses: 0x1ecc Startzeit der fehlerhaften Anwendung: 0xoasrv.exe0 Pfad der fehlerhaften Anwendung: oasrv.exe1 Pfad des fehlerhaften Moduls: oasrv.exe2 Berichtskennung: oasrv.exe3 Vollständiger Name des fehlerhaften Pakets: oasrv.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: oasrv.exe5 Error: (12/13/2013 09:54:35 AM) (Source: ESENT) (User: ) Description: svchost (656) Instance: Bei Überprüfung der aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb" bei Offset 12943360 (0x0000000000c58000) (Datenbankseite svchost0) für 32768 (0x00008000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09], die berechnete Prüfsumme [0000018ab54317e6:0000000000000000:0000000000000000:0000000000000000]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (12/13/2013 07:29:56 AM) (Source: ESENT) (User: ) Description: svchost (9404) Instance: Bei Überprüfung der aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb" bei Offset 12943360 (0x0000000000c58000) (Datenbankseite svchost0) für 32768 (0x00008000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09], die berechnete Prüfsumme [0000018ab54317e6:0000000000000000:0000000000000000:0000000000000000]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (12/12/2013 09:48:08 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 25.0.1.5064, Zeitstempel: 0x5282f204 Name des fehlerhaften Moduls: xul.dll, Version: 25.0.1.5064, Zeitstempel: 0x5282f10e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00118f87 ID des fehlerhaften Prozesses: 0x14f4 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Vollständiger Name des fehlerhaften Pakets: firefox.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5 Error: (12/12/2013 03:09:41 PM) (Source: ESENT) (User: ) Description: svchost (2532) Instance: Bei Überprüfung der aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb" bei Offset 12943360 (0x0000000000c58000) (Datenbankseite svchost0) für 32768 (0x00008000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09], die berechnete Prüfsumme [0000018ab54317e6:0000000000000000:0000000000000000:0000000000000000]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (12/11/2013 07:47:12 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15218 Error: (12/11/2013 07:47:12 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15218 System errors: ============= Error: (12/14/2013 03:46:52 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (12/14/2013 11:42:22 AM) (Source: DCOM) (User: PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (12/14/2013 10:42:38 AM) (Source: Service Control Manager) (User: ) Description: Dienst "HP CUE DeviceDiscovery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/14/2013 10:42:38 AM) (Source: Service Control Manager) (User: ) Description: Dienst "hpqcxs08" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/14/2013 10:00:17 AM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (12/14/2013 09:56:56 AM) (Source: disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (12/14/2013 09:56:56 AM) (Source: disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden. Error: (12/14/2013 09:56:56 AM) (Source: disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error: (12/13/2013 07:15:20 PM) (Source: disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error: (12/13/2013 07:15:20 PM) (Source: disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Microsoft Office Sessions: ========================= Error: (12/14/2013 02:59:59 PM) (Source: ESENT)(User: ) Description: svchost2000Instance: C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb12943360 (0x0000000000c58000)32768 (0x00008000)-1018 (0xfffffc06)[3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09][0000018ab54317e6:0000000000000000:0000000000000000:0000000000000000]394 (0x18A) Error: (12/14/2013 00:02:14 PM) (Source: MsiInstaller)(User: PC) Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5 (NULL)(NULL)(NULL)(NULL)(NULL) Error: (12/14/2013 11:55:51 AM) (Source: Application Error)(User: ) Description: MsiExec.exe5.0.9600.1638452158c02ntdll.dll6.3.9600.16408523d45fac0000005000279a4120801cef8baf5e22221C:\Windows\syswow64\MsiExec.exeC:\WINDOWS\SYSTEM32\ntdll.dll4b5d47d6-64ae-11e3-bfd1-4c72b994d0f4 Error: (12/13/2013 04:15:54 PM) (Source: Application Error)(User: ) Description: oasrv.exe7.0.0.18662a425e19oasrv.exe7.0.0.18662a425e19c000000500004a5f1ecc01cef815a9f0c6beC:\Program Files (x86)\Online Armor\oasrv.exeC:\Program Files (x86)\Online Armor\oasrv.exe74f16b82-6409-11e3-bfd1-4c72b994d0f4 Error: (12/13/2013 09:54:35 AM) (Source: ESENT)(User: ) Description: svchost656Instance: C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb12943360 (0x0000000000c58000)32768 (0x00008000)-1018 (0xfffffc06)[3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09][0000018ab54317e6:0000000000000000:0000000000000000:0000000000000000]394 (0x18A) Error: (12/13/2013 07:29:56 AM) (Source: ESENT)(User: ) Description: svchost9404Instance: C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb12943360 (0x0000000000c58000)32768 (0x00008000)-1018 (0xfffffc06)[3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09][0000018ab54317e6:0000000000000000:0000000000000000:0000000000000000]394 (0x18A) Error: (12/12/2013 09:48:08 PM) (Source: Application Error)(User: ) Description: firefox.exe25.0.1.50645282f204xul.dll25.0.1.50645282f10ec000000500118f8714f401cef7690a839666C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllb481bcf9-636e-11e3-bfd0-4c72b994d0f4 Error: (12/12/2013 03:09:41 PM) (Source: ESENT)(User: ) Description: svchost2532Instance: C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb12943360 (0x0000000000c58000)32768 (0x00008000)-1018 (0xfffffc06)[3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09:3ce8da093ce8da09][0000018ab54317e6:0000000000000000:0000000000000000:0000000000000000]394 (0x18A) Error: (12/11/2013 07:47:12 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15218 Error: (12/11/2013 07:47:12 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15218 CodeIntegrity Errors: =================================== Date: 2013-12-13 16:11:21.549 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-13 16:11:21.518 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-12 17:10:25.312 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-12 17:10:25.296 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-12 16:20:46.473 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-12 16:20:46.454 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-12 15:56:21.018 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-12 15:56:20.995 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 33% Total physical RAM: 12227.55 MB Available physical RAM: 8100.66 MB Total Pagefile: 24515.55 MB Available Pagefile: 20155.32 MB Total Virtual: 131072 MB Available Virtual: 131071.78 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1849.95 GB) (Free:1610.85 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (Recovery Image) (Fixed) (Total:11.25 GB) (Free:1.32 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive j: (Elements) (Fixed) (Total:931.51 GB) (Free:488.71 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: D65FE7C9) Partition: GPT Partition Type ======================================================== Disk: 1 (MBR Code: Windows 7 or (Size: 15 GB) (Disk ID: ECA99B82) Partition 1: (Not Active) - (Size=15 GB) - (Type=73) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 00039E2E) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  14. Sabine73

    Nation Zoom

    Hallo zusammen, Habe mir diese Nation Zoom eingefangen. Es lässt sich nicht entfernen. Wer kann mir weiterhelfen. Bin total "unbegabt" in solchen Dingen. Bitte so erklären, dass ich es auch verstehen kann ;-) Danke Sabine