Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: laufwerk öffnet sich selbständig - virus / trojaner?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 15.07.2013, 11:58   #1
hoexi5000
 
laufwerk öffnet sich selbständig - virus / trojaner? - Standard

laufwerk öffnet sich selbständig - virus / trojaner?



hallo! seit geraumer zeit habe ich bei meinem laptop festgestellt, dass sich in relativ unregelmäßigen abständen das cd laufwerk selbständig öffnet. konnte allerdings wirklich noch keine regelmäßigkeit erkennen, wie z.b. wenn ein bestimmtes programm geöffnet wird. nur: es passiert hauptsächlich vormittags / am frühen nachmittag. jemand hat bereits schon vermutet, dass es sich um einen virus oder ähnliches handelt, und so habe ich erst mal ordenltichen virenscan durchlaufen lassen - nix gefunden, von malewarebytes bis spybot auch schon probiert, nix gefunden. autostart und brower cleane ich auch regelmäßig. jetzt habe ich mal eine HijackThis file erstellt, aber da hört mein computerverständnis (leider) auf - kann mir jemand helfen bzw. einen tipp geben ob sich oben beschriebenes problem vielleicht hierin wiederfinden (kann)? ach ja, habe windows 8...



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:40, on 15.07.2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jane\Downloads\HiJackThis204.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\sysWow64\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem32.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage-Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 15857 bytes

Alt 15.07.2013, 12:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

laufwerk öffnet sich selbständig - virus / trojaner? - Standard

laufwerk öffnet sich selbständig - virus / trojaner?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 15.07.2013, 12:50   #3
hoexi5000
 
laufwerk öffnet sich selbständig - virus / trojaner? - Standard

laufwerk öffnet sich selbständig - virus / trojaner?



danke für die schnelle antwort!

hier die files wie gewünscht:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Jane (administrator) on 15-07-2013 13:47:44
Running from C:\Users\Jane\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Hewlett-Packard Company) C:\WINDOWS\system32\Hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(ArcSoft, Inc.) C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
(Validity Sensors, Inc.) C:\windows\system32\vcsFPService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ICQ, LLC.) C:\Program Files (x86)\ICQ7M\ICQ.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-29] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-04] (IDT, Inc.)
HKLM\...\Run: [BtTray] - "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" [764544 2012-09-14] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [127616 2012-09-14] (Atheros Communications)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [1511792 2013-03-28] (Samsung)
HKCU\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] - "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-08-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [285832 2013-06-04] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740888 2013-04-24] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
Startup: C:\Users\Jane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Jane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jane\AppData\Roaming\Mozilla\Firefox\Profiles\51owqh0t.default
FF Homepage: hxxp://zynga.com/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Jane\AppData\Roaming\Mozilla\Firefox\Profiles\51owqh0t.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Jane\AppData\Roaming\Mozilla\Firefox\Profiles\51owqh0t.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Springpad) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\6_0
CHR Extension: (AdBlock) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (avast! Online Security) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Coloring Pages) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhphoobahjckipglphjghghlgodanfj\1.1_0
CHR Extension: (Blogger) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc\1_0
CHR Extension: (Google Maps) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Cath Kidston) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndlpkmaeinmnbiadacenijnhlolneopm\3_0
CHR Extension: (Zynga.com) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohciekkiniipmnhpgbdihdpddggjifgp\1.1_0
CHR Extension: (ScriptSafe) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.16_0
CHR Extension: (Picasa) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0
CHR Extension: (Instagram for Chrome) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\4.6.3_0
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp\5.0.94.1_1
CHR Extension: (Gmail) - C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-14] (Adobe Systems)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
U3 idsvc; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 13:47 - 2013-07-15 13:47 - 00000000 ____D C:\FRST
2013-07-15 13:46 - 2013-07-15 13:46 - 01777839 _____ (Farbar) C:\Users\Jane\Downloads\FRST64.exe
2013-07-15 12:42 - 2013-07-15 12:42 - 00015859 _____ C:\Users\Jane\Downloads\hijackthis.log
2013-07-15 12:42 - 2013-07-15 12:42 - 00015859 _____ C:\Users\Jane\Desktop\hijackthis.log
2013-07-15 12:33 - 2013-07-15 12:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jane\Downloads\HiJackThis204.exe
2013-07-15 11:48 - 2013-07-15 12:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-15 11:48 - 2013-07-15 11:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2013-07-15 11:47 - 2013-07-15 11:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-15 11:47 - 2013-07-15 11:47 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-07-15 11:47 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2013-07-15 11:44 - 2013-07-15 11:44 - 36271144 _____ (Safer-Networking Ltd.                                       ) C:\Users\Jane\Downloads\spybot-2.1.exe
2013-07-15 10:11 - 2013-07-15 10:12 - 24542269 _____ C:\Users\Jane\Downloads\Unsere schönsten Urlaubsmomente.zip
2013-07-15 09:38 - 2013-07-15 09:38 - 00001130 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk
2013-07-15 09:31 - 2013-07-15 09:31 - 00000000 ____D C:\Program Files (x86)\dm
2013-07-15 09:27 - 2013-07-15 09:53 - 00129485 _____ C:\Users\Jane\Desktop\run.log
2013-07-15 09:11 - 2013-07-15 09:37 - 00000000 ____D C:\Program Files (x86)\CEWE COLOR
2013-07-15 09:10 - 2013-07-15 09:10 - 01600720 _____ C:\Users\Jane\Downloads\setup_Mein_CEWE_FOTOBUCH.exe
2013-07-12 09:36 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-07-12 08:59 - 2013-07-15 08:17 - 00020752 _____ C:\WINDOWS\setupact.log
2013-07-12 08:59 - 2013-07-12 08:59 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-07-12 08:58 - 2013-07-12 08:58 - 00003512 ____N C:\bootsqm.dat
2013-07-12 08:46 - 2013-07-15 09:40 - 00114636 _____ C:\WINDOWS\WindowsUpdate.log
2013-07-12 08:33 - 2013-07-12 08:33 - 04396440 _____ (Piriform Ltd) C:\Users\Jane\Downloads\ccsetup403 (1).exe
2013-07-12 08:32 - 2013-07-12 08:33 - 04396440 _____ (Piriform Ltd) C:\Users\Jane\Downloads\ccsetup403.exe
2013-07-12 05:38 - 2013-07-12 05:38 - 00000000 __SHD C:\found.000
2013-07-11 20:35 - 2013-07-11 20:35 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-11 20:35 - 2013-07-11 20:35 - 00000000 ____D C:\Users\Jane\AppData\Roaming\Malwarebytes
2013-07-11 20:35 - 2013-07-11 20:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-11 20:35 - 2013-07-11 20:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-11 20:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-07-11 20:34 - 2013-07-12 05:34 - 00000646 _____ C:\Users\Jane\Downloads\Stinger_11072013_203453.html
2013-07-11 20:34 - 2013-07-11 20:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Jane\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-11 20:32 - 2013-07-12 06:52 - 00000112 ___RH C:\Users\Jane\Downloads\Stinger.opt
2013-07-11 20:32 - 2013-07-12 06:52 - 00000000 ____D C:\Program Files (x86)\stinger
2013-07-11 20:32 - 2013-07-11 20:33 - 00000651 _____ C:\Users\Jane\Downloads\Stinger_11072013_203240.html
2013-07-11 20:32 - 2013-07-11 20:32 - 00490268 _____ C:\Users\Jane\Downloads\runtime.dat
2013-07-11 20:32 - 2013-07-11 20:32 - 00000000 ____D C:\Stinger_Quarantine
2013-07-11 20:31 - 2013-07-11 20:31 - 11366944 _____ (McAfee Inc) C:\Users\Jane\Downloads\stinger32.exe
2013-07-11 12:25 - 2013-07-15 12:23 - 00000000 ____D C:\Users\Jane\AppData\Local\C923915E-6E85-4AE3-B431-D79EA8172FC5.aplzod
2013-07-11 12:24 - 2013-07-11 12:25 - 00000000 ____D C:\Users\Jane\AppData\Local\Apple Computer
2013-07-11 12:24 - 2013-07-11 12:24 - 00000000 ____D C:\Users\Jane\Downloads\Fotostream-ipad
2013-07-11 12:23 - 2013-07-11 12:25 - 00000000 ____D C:\Users\Jane\AppData\Roaming\Apple Computer
2013-07-11 12:22 - 2013-07-11 12:22 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\Users\Jane\AppData\Local\Apple
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\Program Files\Bonjour
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-07-11 12:20 - 2013-07-11 12:20 - 46604616 _____ (Apple Inc.) C:\Users\Jane\Downloads\iCloudSetup.exe
2013-07-11 12:20 - 2013-07-11 12:20 - 00000000 ____D C:\ProgramData\Apple
2013-07-11 12:11 - 2013-07-11 12:11 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-07-11 06:38 - 2013-07-11 06:38 - 00000000 ____D C:\Users\Jane\Downloads\autoruns
2013-07-11 06:37 - 2013-07-11 06:37 - 00000000 ____D C:\Users\Jane\Downloads\process-explorer
2013-07-11 06:35 - 2013-07-11 06:35 - 01176629 _____ C:\Users\Jane\Downloads\ProcessExplorer_15.31.zip
2013-07-11 06:35 - 2013-07-11 06:35 - 00550151 _____ C:\Users\Jane\Downloads\Autoruns11.62.zip
2013-07-11 06:33 - 2013-07-11 06:34 - 21703480 _____ (Mozilla) C:\Users\Jane\Downloads\Firefox Setup 22.0.exe
2013-07-10 13:19 - 2013-07-12 08:58 - 00419160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-10 10:05 - 2013-07-10 10:05 - 00903080 _____ (Oracle Corporation) C:\Users\Jane\Downloads\chromeinstall-7u25.exe
2013-07-10 10:04 - 2013-07-10 10:03 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-07-10 10:04 - 2013-07-10 10:03 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-07-10 10:04 - 2013-07-10 10:03 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-07-10 10:04 - 2013-07-10 10:03 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-07-10 10:03 - 2013-07-10 10:03 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-10 10:02 - 2013-07-10 10:03 - 31714216 _____ (Oracle Corporation) C:\Users\Jane\Downloads\jre-7u25-windows-i586.exe
2013-07-10 10:00 - 2013-07-10 10:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-10 10:00 - 2013-07-10 10:00 - 00586952 _____ C:\Users\Jane\Downloads\AntiBundestrojaner_Globell_V_1_3_3.zip
2013-07-10 10:00 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-07-10 09:59 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-07-10 09:59 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2013-07-10 09:59 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2013-07-10 09:59 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-07-10 09:59 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-07-10 09:59 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-07-10 09:59 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-07-10 09:59 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2013-07-10 09:59 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-07-10 09:59 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2013-07-10 09:59 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2013-07-10 09:59 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2013-07-10 09:59 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-07-10 09:59 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2013-07-10 09:59 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-07-10 09:59 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2013-07-10 09:59 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2013-07-10 09:59 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2013-07-10 09:59 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2013-07-10 09:59 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2013-07-10 09:59 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-07-10 09:59 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2013-07-10 09:59 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-07-10 09:59 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2013-07-10 09:59 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-07-10 09:59 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2013-07-10 09:59 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2013-07-10 09:59 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2013-07-10 09:59 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2013-07-10 09:59 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-07-10 09:59 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-07-10 09:59 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-07-10 09:59 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-07-10 09:59 - 2013-05-20 02:08 - 00386642 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-07-10 08:55 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-07-10 08:55 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-07-10 08:55 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-07-10 08:55 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-07-10 08:55 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-07-10 08:55 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-07-10 08:55 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-07-10 08:55 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-07-10 08:55 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-07-10 08:55 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-07-10 08:55 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-07-10 08:55 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-07-10 08:55 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-07-10 08:55 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-07-10 08:55 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-07-10 08:55 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-07-10 08:55 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-07-10 08:54 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2013-07-10 08:54 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2013-07-10 08:54 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-07-10 08:53 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2013-07-10 08:53 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2013-07-10 08:49 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2013-07-10 08:49 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2013-07-05 15:29 - 2013-07-05 15:30 - 00004608 _____ C:\Users\Jane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-04 14:42 - 2013-07-04 14:45 - 03361280 _____ C:\Users\Jane\Downloads\PStory.msi
2013-07-02 22:32 - 2013-07-02 22:32 - 00000000 ____D C:\Users\Jane\AppData\Local\Windows Live
2013-06-29 17:11 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Jane\Documents\WebCam Media
2013-06-27 21:29 - 2013-06-27 21:29 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum
2013-06-27 11:41 - 2013-06-27 21:29 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2013-06-27 11:41 - 2013-06-27 21:29 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum
2013-06-26 12:20 - 2013-06-26 12:20 - 00002177 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk
2013-06-26 12:04 - 2013-06-26 12:04 - 00000442 _____ C:\Users\Jane\Downloads\user-2632783.kml
2013-06-26 07:29 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2013-06-26 07:29 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-06-26 07:29 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-06-26 07:29 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-06-26 07:29 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-06-26 07:29 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-06-26 07:29 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-06-26 07:29 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2013-06-26 07:29 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2013-06-26 07:29 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2013-06-26 07:29 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2013-06-26 07:29 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2013-06-26 07:29 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll
2013-06-26 07:29 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-06-26 07:29 - 2013-05-04 06:56 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2013-06-26 07:29 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2013-06-26 07:29 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2013-06-26 07:29 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2013-06-26 07:29 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2013-06-26 07:29 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2013-06-26 07:29 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2013-06-26 07:19 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-06-26 07:19 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-06-26 07:18 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2013-06-26 07:18 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-06-26 07:18 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-06-26 07:18 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-06-26 07:18 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2013-06-26 07:18 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2013-06-26 07:18 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-06-26 07:18 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-06-26 07:18 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-06-26 07:18 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-06-26 07:18 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-06-26 07:18 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-06-26 07:18 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2013-06-26 07:18 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2013-06-26 07:18 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2013-06-26 07:18 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2013-06-26 07:18 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-06-26 07:18 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2013-06-26 07:18 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2013-06-26 07:18 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-06-26 07:18 - 2013-05-04 08:57 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2013-06-26 07:18 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2013-06-26 07:18 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\muifontsetup.dll
2013-06-26 07:18 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2013-06-26 07:18 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2013-06-26 07:18 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2013-06-26 07:17 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-06-26 07:17 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-06-26 07:17 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2013-06-26 07:17 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2013-06-26 07:17 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2013-06-26 07:17 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2013-06-26 07:17 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-06-26 07:17 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-06-26 07:17 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-06-26 07:17 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-06-26 07:17 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2013-06-26 07:17 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2013-06-26 07:17 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2013-06-26 07:17 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2013-06-26 07:16 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-06-26 07:16 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-06-25 22:05 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2013-06-25 21:58 - 2013-06-25 21:59 - 22937227 _____ C:\Users\Jane\Downloads\vlc-2.0.7-win32.exe
2013-06-25 21:55 - 2013-06-25 21:55 - 00000902 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog

==================== One Month Modified Files and Folders =======

2013-07-15 13:48 - 2013-02-19 10:14 - 00238080 ___SH C:\Users\Jane\Downloads\Thumbs.db
2013-07-15 13:47 - 2013-07-15 13:47 - 00000000 ____D C:\FRST
2013-07-15 13:46 - 2013-07-15 13:46 - 01777839 _____ (Farbar) C:\Users\Jane\Downloads\FRST64.exe
2013-07-15 13:42 - 2012-10-18 14:05 - 00000000 ____D C:\Users\Jane\Documents\Outlook-Dateien
2013-07-15 13:40 - 2012-10-17 18:10 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 13:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-07-15 12:42 - 2013-07-15 12:42 - 00015859 _____ C:\Users\Jane\Downloads\hijackthis.log
2013-07-15 12:42 - 2013-07-15 12:42 - 00015859 _____ C:\Users\Jane\Desktop\hijackthis.log
2013-07-15 12:33 - 2013-07-15 12:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jane\Downloads\HiJackThis204.exe
2013-07-15 12:23 - 2013-07-11 12:25 - 00000000 ____D C:\Users\Jane\AppData\Local\C923915E-6E85-4AE3-B431-D79EA8172FC5.aplzod
2013-07-15 12:15 - 2013-07-15 11:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-15 11:49 - 2013-07-15 11:47 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-15 11:48 - 2013-07-15 11:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2013-07-15 11:47 - 2013-07-15 11:47 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-07-15 11:44 - 2013-07-15 11:44 - 36271144 _____ (Safer-Networking Ltd.                                       ) C:\Users\Jane\Downloads\spybot-2.1.exe
2013-07-15 11:41 - 2012-10-18 09:15 - 00000000 ____D C:\ProgramData\tmp
2013-07-15 11:09 - 2012-10-30 21:33 - 00000000 ____D C:\ProgramData\hps
2013-07-15 10:12 - 2013-07-15 10:11 - 24542269 _____ C:\Users\Jane\Downloads\Unsere schönsten Urlaubsmomente.zip
2013-07-15 09:53 - 2013-07-15 09:27 - 00129485 _____ C:\Users\Jane\Desktop\run.log
2013-07-15 09:40 - 2013-07-12 08:46 - 00114636 _____ C:\WINDOWS\WindowsUpdate.log
2013-07-15 09:38 - 2013-07-15 09:38 - 00001130 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk
2013-07-15 09:37 - 2013-07-15 09:11 - 00000000 ____D C:\Program Files (x86)\CEWE COLOR
2013-07-15 09:31 - 2013-07-15 09:31 - 00000000 ____D C:\Program Files (x86)\dm
2013-07-15 09:10 - 2013-07-15 09:10 - 01600720 _____ C:\Users\Jane\Downloads\setup_Mein_CEWE_FOTOBUCH.exe
2013-07-15 08:43 - 2012-10-17 18:12 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-15 08:40 - 2012-10-17 18:10 - 00001102 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 08:36 - 2012-10-17 18:10 - 00004078 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-15 08:35 - 2012-10-17 18:10 - 00003842 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-15 08:24 - 2012-07-26 12:27 - 00870166 _____ C:\WINDOWS\system32\perfh007.dat
2013-07-15 08:24 - 2012-07-26 12:27 - 00199126 _____ C:\WINDOWS\system32\perfc007.dat
2013-07-15 08:24 - 2012-07-26 09:28 - 02044504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-15 08:22 - 2012-10-18 09:03 - 00000000 ____D C:\Users\Jane\AppData\Roaming\ICQ
2013-07-15 08:19 - 2012-11-13 14:09 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-07-15 08:18 - 2011-12-23 02:04 - 00000000 ____D C:\ProgramData\PDFC
2013-07-15 08:17 - 2013-07-12 08:59 - 00020752 _____ C:\WINDOWS\setupact.log
2013-07-15 08:17 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-07-15 08:17 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-07-15 07:51 - 2012-10-17 18:08 - 00003902 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2043BDAB-FF34-411D-8621-D5A0914A988A}
2013-07-15 07:50 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-07-12 10:38 - 2012-12-10 12:09 - 00000000 ____D C:\Users\Jane\AppData\Local\CrashDumps
2013-07-12 09:36 - 2012-10-17 18:11 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-07-12 08:59 - 2013-07-12 08:59 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-07-12 08:58 - 2013-07-12 08:58 - 00003512 ____N C:\bootsqm.dat
2013-07-12 08:58 - 2013-07-10 13:19 - 00419160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-12 08:35 - 2013-01-10 15:13 - 00000000 ____D C:\WINDOWS\Panther
2013-07-12 08:35 - 2012-11-01 10:53 - 00000000 ____D C:\Users\Jane\AppData\Roaming\BitTorrent
2013-07-12 08:35 - 2012-11-01 10:52 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-07-12 08:33 - 2013-07-12 08:33 - 04396440 _____ (Piriform Ltd) C:\Users\Jane\Downloads\ccsetup403 (1).exe
2013-07-12 08:33 - 2013-07-12 08:32 - 04396440 _____ (Piriform Ltd) C:\Users\Jane\Downloads\ccsetup403.exe
2013-07-12 08:33 - 2012-10-30 10:20 - 00000000 ____D C:\Program Files\CCleaner
2013-07-12 06:52 - 2013-07-11 20:32 - 00000112 ___RH C:\Users\Jane\Downloads\Stinger.opt
2013-07-12 06:52 - 2013-07-11 20:32 - 00000000 ____D C:\Program Files (x86)\stinger
2013-07-12 05:38 - 2013-07-12 05:38 - 00000000 __SHD C:\found.000
2013-07-12 05:34 - 2013-07-11 20:34 - 00000646 _____ C:\Users\Jane\Downloads\Stinger_11072013_203453.html
2013-07-11 20:35 - 2013-07-11 20:35 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-11 20:35 - 2013-07-11 20:35 - 00000000 ____D C:\Users\Jane\AppData\Roaming\Malwarebytes
2013-07-11 20:35 - 2013-07-11 20:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-11 20:35 - 2013-07-11 20:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-11 20:34 - 2013-07-11 20:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Jane\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-11 20:33 - 2013-07-11 20:32 - 00000651 _____ C:\Users\Jane\Downloads\Stinger_11072013_203240.html
2013-07-11 20:32 - 2013-07-11 20:32 - 00490268 _____ C:\Users\Jane\Downloads\runtime.dat
2013-07-11 20:32 - 2013-07-11 20:32 - 00000000 ____D C:\Stinger_Quarantine
2013-07-11 20:31 - 2013-07-11 20:31 - 11366944 _____ (McAfee Inc) C:\Users\Jane\Downloads\stinger32.exe
2013-07-11 12:25 - 2013-07-11 12:24 - 00000000 ____D C:\Users\Jane\AppData\Local\Apple Computer
2013-07-11 12:25 - 2013-07-11 12:23 - 00000000 ____D C:\Users\Jane\AppData\Roaming\Apple Computer
2013-07-11 12:24 - 2013-07-11 12:24 - 00000000 ____D C:\Users\Jane\Downloads\Fotostream-ipad
2013-07-11 12:24 - 2013-01-10 16:18 - 00000000 ____D C:\Users\Jane
2013-07-11 12:22 - 2013-07-11 12:22 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\Users\Jane\AppData\Local\Apple
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\Program Files\Bonjour
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-07-11 12:21 - 2013-07-11 12:21 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-07-11 12:20 - 2013-07-11 12:20 - 46604616 _____ (Apple Inc.) C:\Users\Jane\Downloads\iCloudSetup.exe
2013-07-11 12:20 - 2013-07-11 12:20 - 00000000 ____D C:\ProgramData\Apple
2013-07-11 12:11 - 2013-07-11 12:11 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-07-11 08:29 - 2012-10-21 20:23 - 00000000 ____D C:\Users\Jane\AppData\Local\Adobe
2013-07-11 08:20 - 2012-10-30 10:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-11 06:42 - 2012-11-02 20:36 - 00000000 ____D C:\Users\Jane\Downloads\_zum einordnen
2013-07-11 06:38 - 2013-07-11 06:38 - 00000000 ____D C:\Users\Jane\Downloads\autoruns
2013-07-11 06:37 - 2013-07-11 06:37 - 00000000 ____D C:\Users\Jane\Downloads\process-explorer
2013-07-11 06:35 - 2013-07-11 06:35 - 01176629 _____ C:\Users\Jane\Downloads\ProcessExplorer_15.31.zip
2013-07-11 06:35 - 2013-07-11 06:35 - 00550151 _____ C:\Users\Jane\Downloads\Autoruns11.62.zip
2013-07-11 06:34 - 2013-07-11 06:33 - 21703480 _____ (Mozilla) C:\Users\Jane\Downloads\Firefox Setup 22.0.exe
2013-07-11 06:34 - 2012-10-30 10:28 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-11 06:34 - 2012-10-30 10:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-10 13:34 - 2013-01-10 16:51 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2024713215-2386822400-2235799040-1001
2013-07-10 10:05 - 2013-07-10 10:05 - 00903080 _____ (Oracle Corporation) C:\Users\Jane\Downloads\chromeinstall-7u25.exe
2013-07-10 10:03 - 2013-07-10 10:04 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-07-10 10:03 - 2013-07-10 10:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-07-10 10:03 - 2013-07-10 10:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-07-10 10:03 - 2013-07-10 10:04 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-07-10 10:03 - 2013-07-10 10:03 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-10 10:03 - 2013-07-10 10:02 - 31714216 _____ (Oracle Corporation) C:\Users\Jane\Downloads\jre-7u25-windows-i586.exe
2013-07-10 10:03 - 2012-11-14 11:26 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npDeployJava1.dll
2013-07-10 10:03 - 2012-11-14 11:26 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2013-07-10 10:02 - 2013-07-10 10:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-10 10:02 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-07-10 10:00 - 2013-07-10 10:00 - 00586952 _____ C:\Users\Jane\Downloads\AntiBundestrojaner_Globell_V_1_3_3.zip
2013-07-10 09:46 - 2013-03-13 09:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 09:46 - 2013-03-13 09:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 09:45 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 09:41 - 2013-01-18 19:38 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-10 09:41 - 2012-10-18 11:30 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2013-07-10 09:34 - 2012-05-16 12:31 - 00000000 ____D C:\Program Files (x86)\Atheros
2013-07-10 09:33 - 2011-07-26 19:05 - 00000000 ____D C:\swsetup
2013-07-10 09:32 - 2012-10-18 13:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 09:13 - 2013-01-10 16:43 - 00000000 ____D C:\ProgramData\PRICache
2013-07-05 15:30 - 2013-07-05 15:29 - 00004608 _____ C:\Users\Jane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-04 14:45 - 2013-07-04 14:42 - 03361280 _____ C:\Users\Jane\Downloads\PStory.msi
2013-07-04 08:51 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-07-02 22:32 - 2013-07-02 22:32 - 00000000 ____D C:\Users\Jane\AppData\Local\Windows Live
2013-06-29 17:19 - 2012-10-18 09:02 - 00000000 ____D C:\Users\Jane\AppData\Roaming\Skype
2013-06-29 17:11 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Jane\Documents\WebCam Media
2013-06-29 17:06 - 2012-10-18 09:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-29 17:06 - 2012-05-16 12:48 - 00000000 ____D C:\ProgramData\Skype
2013-06-28 18:16 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-06-28 18:16 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-06-28 18:16 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-28 18:16 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-28 18:16 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-06-28 18:16 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-06-28 18:15 - 2012-10-17 17:46 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForHP$.job
2013-06-28 10:03 - 2013-01-10 16:43 - 00000000 ____D C:\Users\Jane\AppData\Local\Packages
2013-06-28 00:04 - 2012-07-26 10:14 - 00693112 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2012-07-26 10:14 - 00078200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-27 21:29 - 2013-06-27 21:29 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum
2013-06-27 21:29 - 2013-06-27 11:41 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2013-06-27 21:29 - 2013-06-27 11:41 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum
2013-06-27 21:29 - 2013-03-16 13:07 - 00189936 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-06-27 21:29 - 2012-10-18 09:45 - 01030952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-06-27 21:29 - 2012-10-18 09:45 - 00378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-06-26 13:52 - 2012-12-04 14:49 - 00000000 ____D C:\Users\Jane\Documents\Sony PMB
2013-06-26 12:23 - 2012-12-04 14:48 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-06-26 12:20 - 2013-06-26 12:20 - 00002177 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk
2013-06-26 12:04 - 2013-06-26 12:04 - 00000442 _____ C:\Users\Jane\Downloads\user-2632783.kml
2013-06-26 11:51 - 2012-10-17 17:46 - 00003180 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForHP$
2013-06-25 22:14 - 2012-07-26 07:37 - 00000000 ____D C:\WINDOWS\servicing
2013-06-25 21:59 - 2013-06-25 21:58 - 22937227 _____ C:\Users\Jane\Downloads\vlc-2.0.7-win32.exe
2013-06-25 21:55 - 2013-06-25 21:55 - 00000902 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2013-06-25 21:54 - 2012-11-02 18:13 - 00000334 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJane.job
2013-06-25 21:30 - 2012-11-02 18:13 - 00003146 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForJane
2013-06-24 00:57 - 2012-10-18 07:43 - 78277128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-06-17 00:41 - 2013-07-10 09:59 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-07-10 09:59] - [2013-06-01 13:34] - 2391280 ____A (Microsoft Corporation) 0E8E6463F81C80AFBED533E0F1F8895D

C:\Windows\SysWOW64\explorer.exe
[2013-07-10 09:59] - [2013-06-01 12:24] - 2106176 ____A (Microsoft Corporation) EAFE46B0292D2BD2467835E2ACF717CC

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2013-07-10 09:59] - [2013-06-01 13:26] - 0327936 ____A (Microsoft Corporation) 78A5BBA3819FFFC62FFEC3E2220D102D



LastRegBack: 2013-07-15 12:05

==================== End Of Log ============================
         
--- --- ---



[/CODE]

und

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2013
Ran by Jane at 2013-07-15 13:48:22
Running from C:\Users\Jane\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.20 (x32)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Adobe SVG Viewer 3.0 (x32 Version:  3.0)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 8.0.891.0)
AMD Media Foundation Decoders (Version: 1.0.61013.1636)
Apple Application Support (x32 Version: 2.3.3)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft TotalMedia (x32 Version: 1.0.48.25)
ArcSoft TotalMedia (x32 Version: 2.0.39.12)
ArcSoft Webcam Sharing Manager (x32 Version: 2.0.0.30)
Audiograbber 1.83 SE  (x32 Version: 1.83 SE)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Blasterball 3 (x32 Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (x32 Version: 2.2.0.95)
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95)
Cake Mania (x32 Version: 2.2.0.95)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0815.2143.37180)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0815.2143.37180)
Catalyst Control Center InstallProxy (x32 Version: 2012.0815.2143.37180)
Catalyst Control Center Localization All (x32 Version: 2012.0815.2143.37180)
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0815.2143.37180)
CCC Help Chinese Standard (x32 Version: 2012.0815.2142.37180)
CCC Help Chinese Traditional (x32 Version: 2012.0815.2142.37180)
CCC Help Czech (x32 Version: 2012.0815.2142.37180)
CCC Help Danish (x32 Version: 2012.0815.2142.37180)
CCC Help Dutch (x32 Version: 2012.0815.2142.37180)
CCC Help English (x32 Version: 2012.0815.2142.37180)
CCC Help Finnish (x32 Version: 2012.0815.2142.37180)
CCC Help French (x32 Version: 2012.0815.2142.37180)
CCC Help German (x32 Version: 2012.0815.2142.37180)
CCC Help Greek (x32 Version: 2012.0815.2142.37180)
CCC Help Hungarian (x32 Version: 2012.0815.2142.37180)
CCC Help Italian (x32 Version: 2012.0815.2142.37180)
CCC Help Japanese (x32 Version: 2012.0815.2142.37180)
CCC Help Korean (x32 Version: 2012.0815.2142.37180)
CCC Help Norwegian (x32 Version: 2012.0815.2142.37180)
CCC Help Polish (x32 Version: 2012.0815.2142.37180)
CCC Help Portuguese (x32 Version: 2012.0815.2142.37180)
CCC Help Russian (x32 Version: 2012.0815.2142.37180)
CCC Help Spanish (x32 Version: 2012.0815.2142.37180)
CCC Help Swedish (x32 Version: 2012.0815.2142.37180)
CCC Help Thai (x32 Version: 2012.0815.2142.37180)
CCC Help Turkish (x32 Version: 2012.0815.2142.37180)
ccc-utility64 (Version: 2012.0815.2143.37180)
CDBurnerXP (x32 Version: 4.5.0.3717)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
dm-Fotowelt (x32 Version: 5.0.4)
eaner (Version: 4.03)
ElsterFormular (x32 Version: 14.1.20130301)
Energy Star Digital Logo (x32 Version: 1.0.1)
Evernote v. 4.2.2 (x32 Version: 4.2.2.3979)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.95)
Fotostory 3 für Windows (x32 Version: 3.0.1115.15)
framily Gestaltungs-Software 4.80 (x32)
Free Audio Converter version 5.0.20.1031 (x32 Version: 5.0.20.1031)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
GIMP 2.8.2 (Version: 2.8.2)
GO Contact Sync Mod (x32 Version: 3.5.19)
Google Chrome (x32 Version: 28.0.1500.72)
Google Drive (x32 Version: 1.10.4769.632)
Google Earth (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.153)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.14.1)
HP Auto (Version: 1.0.12494.3472)
HP Connection Manager (x32 Version: 4.1.10.1)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP DayStarter (Version: 2.0.0.12)
HP Documentation (x32 Version: 1.3.0.0)
HP ESU for Microsoft Windows 7 (x32 Version: 2.0.6.1)
HP Game Console (x32)
HP Games (x32 Version: 1.0.1.5)
HP Hotkey Support (x32 Version: 4.6.4.1)
HP Power Assistant (Version: 2.0.2.0)
HP QuickWeb (x32 Version: 3.1.2.10229)
HP Setup (x32 Version: 8.5.4526.3645)
HP SoftPaq Download Manager (x32 Version: 3.4.10.0)
HP Software Framework (x32 Version: 4.6.10.1)
HP Software Setup (x32 Version: 8.2.1.1)
HP Support Assistant (x32 Version: 7.0.39.15)
HP System Default Settings (x32 Version: 2.2.3)
HP Wallpaper (x32 Version: 2.00)
HP Webcam Driver (x32 Version: 5.8.50058.0)
iCloud (Version: 2.1.2.8)
ICQ7M (x32 Version: 7.8)
IDT Audio (x32 Version: 1.0.6428.0)
Insaniquarium Deluxe (x32 Version: 2.2.0.95)
Intel(R) Display Audio Driver (x32 Version: 6.14.00.3097)
Intel(R) Identity Protection Technology 1.0.71.0 (x32 Version: 1.0.71.0)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.5.1006)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Quest II (x32 Version: 2.2.0.95)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
JMicron Flash Media Controller Driver (x32 Version: 1.0.72.4)
John Deere Drive Green (x32 Version: 2.2.0.95)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft_VC90_CRT_x86 (x32 Version: 1.0.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MyFreeCodec (HKCU)
PDF Complete Special Edition (x32 Version: 4.0.33)
PDFCreator (x32 Version: 1.5.1)
Penguins! (x32 Version: 2.2.0.95)
Perfect Effects 3 Free (x32 Version: 3.0.2)
Picasa 3 (x32 Version: 3.9)
Plants vs. Zombies (x32 Version: 2.2.0.95)
PlayMemories Home (x32 Version: 7.0.03.04240)
Polar Bowler (x32 Version: 2.2.0.95)
PX Profile Update (x32 Version: 1.00.1.)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.209)
Qualcomm Atheros Driver Installation Program (x32 Version: 10.0)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller All-In-One Windows Driver (x32 Version: 8.2.612.2012)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)
Rossmann Fotowelt Software 4.12.1 (x32 Version: 4.12.1)
Samsung Kies (x32 Version: 2.5.2.13021_10)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.22.0)
SDK (x32 Version: 2.24.025)
Skype™ 6.5 (x32 Version: 6.5.158)
Slingo Deluxe (x32 Version: 2.2.0.95)
Snapfish Fotobuch (x32 Version: 4.8.7)
Spybot - Search & Destroy (x32 Version: 2.1.19)
Synaptics Pointing Device Driver (Version: 16.3.9.0)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Validity Fingerprint Sensor Driver (Version: 4.3.117.0)
VIP Access SDK x64(1.0.0.50)  (x32 Version: 1.0.0.50)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
VLC media player 2.0.7 (x32 Version: 2.0.7)
Wedding Dash (x32 Version: 2.2.0.95)
Windows Live (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
WinZip 14.5 (x32 Version: 14.5.9095)
Xobni (x32 Version: 1.9.5.13282)
Xobni Core (x32 Version: 1.0.0)
Zuma Deluxe (x32 Version: 2.2.0.95)

==================== Restore Points  =========================

29-06-2013 07:10:17 Geplanter Prüfpunkt
04-07-2013 12:54:46 Fotostory 3 für Windows wird installiert
10-07-2013 07:19:55 Windows Update
11-07-2013 10:21:14 Installed iCloud

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03B93899-E8A7-4861-A529-F40B305FBE35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {0AC5153D-E517-45F9-ADA1-4B026CDAA581} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe No File
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17452107-0796-4505-8EF1-13E963433758} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2901BFA9-BC0F-474E-9ADB-9E8AA5FE690A} - System32\Tasks\HPCeeScheduleForHP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {2A3DCAD1-9F7F-4BC9-8DCC-3D547E0585BD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {2B9C5B04-F225-4628-9F3B-2635192D4744} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {2E39B1B6-C989-496F-87A2-F34595FEED7D} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [2011-09-26] (Hewlett-Packard)
Task: {2FC7058C-7532-4384-9057-7508AB6C6C35} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe No File
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {3385A033-8729-4F59-8A9D-07B05D71310F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {35C0B635-02A6-455F-8898-1407DBCAB7A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {38C6602F-45FD-41F8-9FB6-2D8A4716DA2E} - System32\Tasks\User_Feed_Synchronization-{2043BDAB-FF34-411D-8621-D5A0914A988A} => C:\windows\system32\msfeedssync.exe [2012-07-26] (Microsoft Corporation)
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {451B61E4-0E4A-49BD-B02C-A3C7EB831963} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe No File
Task: {45A6AADF-82DF-406C-9E21-EC7EEAFB8B2E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe No File
Task: {467724F8-E40A-475A-903C-CBD1C3F87936} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {4732C2DA-3F29-48EA-8D18-D01074B21C62} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe No File
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B4FB836-492D-4E79-A1BD-D1F0D4BC2FBC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5A181781-558D-4F03-9981-37C3C437156B} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {5BFFB0CE-551E-44D9-AF67-D7378AF59CB5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {6115D7A7-88DD-4817-8CCA-C2599A3C8579} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {643CB8FC-F293-4B08-B207-0D49152A8D83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {689800E1-F2F9-4BB7-AAD2-BC6C21F97DD4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe No File
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6F4D9FAF-2140-4C06-BFAA-B1C2BFCFE9B5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {726D2735-90CA-43C0-A75C-10E42666B530} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe No File
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {753A7A96-0E9F-4C41-8587-9F26F3D0F448} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-07-09] (Microsoft)
Task: {77090E36-8E23-4FE4-8166-3DC3887E04C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C77BE9C-A529-466E-8333-01997FBD7F4B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2013-01-29] (Microsoft Corporation)
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {8190E1FF-5D4C-45D9-824F-3D7D5DD94423} - System32\Tasks\HPCeeScheduleForJane => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {833EF692-C650-4D0E-9EAB-3DE17FC3ADDE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {85CAD1EB-BB86-4FE5-B23A-E5FA4DF7EC3C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe No File
Task: {871203E2-62BE-4B2E-A6CB-17037D0CC887} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe No File
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {89E5C968-8B21-4BEF-9FBB-0AE64D2EEC4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A8A6945F-362D-4EE3-BD94-1E7E692338A3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe No File
Task: {AA02805B-E75F-43A2-9D76-B2780F6B65EA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe No File
Task: {AA29809E-F62B-4149-98E4-4BDFD86F07C6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe No File
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B28F403F-0B43-4AF9-846F-B869CBA0AD14} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {B46E3AE3-ACBA-4566-BDA8-7A361025C23F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe No File
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C9C36498-F5F4-4CB4-AEA9-2B905CD3D221} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe No File
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D5D50B98-8D1C-422F-93D3-B444AEF6D86A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe No File
Task: {D854A203-9A7C-4B15-8F03-4DABF4CD4103} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E642EC1C-8C69-418C-AD9E-59FE3C3743EA} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2024713215-2386822400-2235799040-1001
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EB8E1CEB-8660-4B94-838E-24DD6A14B79C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe No File
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {EE6079E1-0FEC-4126-A175-1C73A2E5AD7E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe No File
Task: {EF3EE166-F055-4F58-9475-0837AEFF70BF} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {EFC131D0-7740-4372-9F25-F703C2ED0BDF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe No File
Task: {FA471950-40B5-4D03-97C5-FF299082634B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe No File
Task: {FA767438-C734-47BB-929A-58272392A63A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe No File
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForHP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJane.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2013 11:50:37 AM) (Source: Application Hang) (User: )
Description: Programm SDLogReport.exe, Version 2.1.18.107 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bec

Startzeit: 01ce8140a4d3f11f

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe

Berichts-ID: ed53a8bb-ed33-11e2-be8d-e4115b5bd905

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/15/2013 11:46:29 AM) (Source: Application Hang) (User: )
Description: Programm dm-Fotowelt.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 93c

Startzeit: 01ce813f4b68f4e5

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe

Berichts-ID: 695bf736-ed33-11e2-be8d-e4115b5bd905

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/15/2013 11:24:07 AM) (Source: Application Hang) (User: )
Description: Programm dm-Fotowelt.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c74

Startzeit: 01ce813aff2e3296

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe

Berichts-ID: 462abdf9-ed30-11e2-be8d-e4115b5bd905

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/15/2013 11:07:45 AM) (Source: Application Hang) (User: )
Description: Programm dm-Fotowelt.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17d0

Startzeit: 01ce81306b23844d

Endzeit: 17

Anwendungspfad: C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe

Berichts-ID: f6ceba05-ed2d-11e2-be8d-e4115b5bd905

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/15/2013 09:53:33 AM) (Source: Application Hang) (User: )
Description: Programm dm-Fotowelt.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4f0

Startzeit: 01ce812e44ff892f

Endzeit: 3

Anwendungspfad: C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe

Berichts-ID: a06af632-ed23-11e2-be8d-e4115b5bd905

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/15/2013 08:54:40 AM) (Source: Application Hang) (User: )
Description: Programm dm-Fotowelt.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ac

Startzeit: 01ce8125510eef37

Endzeit: 7

Anwendungspfad: C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe

Berichts-ID: 6694fd5a-ed1b-11e2-be8d-e4115b5bd905

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/15/2013 07:51:54 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (07/15/2013 07:47:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: HP)
Description: Bei der Aktivierung der App „Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/15/2013 07:47:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 248894453

Error: (07/15/2013 07:47:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 248894453


System errors:
=============
Error: (07/15/2013 08:20:54 AM) (Source: Service Control Manager) (User: )
Description: Dienst "HP Power Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/15/2013 08:17:23 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (07/15/2013 08:11:11 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/15/2013 07:48:01 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/12/2013 10:38:52 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/12/2013 09:27:12 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/12/2013 09:01:56 AM) (Source: Service Control Manager) (User: )
Description: Dienst "HP Power Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/12/2013 08:58:19 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (07/12/2013 08:10:06 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/12/2013 07:54:38 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.


Microsoft Office Sessions:
=========================
Error: (07/15/2013 11:50:37 AM) (Source: Application Hang)(User: )
Description: SDLogReport.exe2.1.18.1071bec01ce8140a4d3f11f5C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exeed53a8bb-ed33-11e2-be8d-e4115b5bd905

Error: (07/15/2013 11:46:29 AM) (Source: Application Hang)(User: )
Description: dm-Fotowelt.exe0.0.0.093c01ce813f4b68f4e54C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe695bf736-ed33-11e2-be8d-e4115b5bd905

Error: (07/15/2013 11:24:07 AM) (Source: Application Hang)(User: )
Description: dm-Fotowelt.exe0.0.0.0c7401ce813aff2e32968C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe462abdf9-ed30-11e2-be8d-e4115b5bd905

Error: (07/15/2013 11:07:45 AM) (Source: Application Hang)(User: )
Description: dm-Fotowelt.exe0.0.0.017d001ce81306b23844d17C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exef6ceba05-ed2d-11e2-be8d-e4115b5bd905

Error: (07/15/2013 09:53:33 AM) (Source: Application Hang)(User: )
Description: dm-Fotowelt.exe0.0.0.04f001ce812e44ff892f3C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exea06af632-ed23-11e2-be8d-e4115b5bd905

Error: (07/15/2013 08:54:40 AM) (Source: Application Hang)(User: )
Description: dm-Fotowelt.exe0.0.0.0ac01ce8125510eef377C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe6694fd5a-ed1b-11e2-be8d-e4115b5bd905

Error: (07/15/2013 07:51:54 AM) (Source: ATIeRecord)(User: )
Description: 

Error: (07/15/2013 07:47:49 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: HP)
Description: Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim-2147009284

Error: (07/15/2013 07:47:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 248894453

Error: (07/15/2013 07:47:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 248894453


CodeIntegrity Errors:
===================================
  Date: 2013-07-15 13:47:26.941
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 13:47:24.657
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 13:46:59.501
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 13:46:42.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 13:42:42.778
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 13:27:56.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 13:23:13.292
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 12:57:13.508
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 12:54:58.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-15 12:51:11.147
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 8126.35 MB
Available physical RAM: 4155.83 MB
Total Pagefile: 16318.35 MB
Available Pagefile: 12245.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:571.86 GB) (Free:209.86 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:19.02 GB) (Free:2.86 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.1 GB) FAT32 (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 12DEB3A0)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=572 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End Of Log ============================
         
__________________

Geändert von hoexi5000 (15.07.2013 um 12:56 Uhr)

Alt 15.07.2013, 12:59   #4
schrauber
/// the machine
/// TB-Ausbilder
 

laufwerk öffnet sich selbständig - virus / trojaner? - Standard

laufwerk öffnet sich selbständig - virus / trojaner?



Sieht alles gut aus
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 13:07   #5
hoexi5000
 
laufwerk öffnet sich selbständig - virus / trojaner? - Standard

laufwerk öffnet sich selbständig - virus / trojaner?



Und woran könnte das sonst liegen mit dem Laufwerk? Der Laptop ist echt noch net so alt, kei. Jahr...


Alt 15.07.2013, 13:24   #6
schrauber
/// the machine
/// TB-Ausbilder
 

laufwerk öffnet sich selbständig - virus / trojaner? - Standard

laufwerk öffnet sich selbständig - virus / trojaner?



Keine Ahnung auf Anhieb, gibt es tausend optionen. Deinstalliere mal alles an Software, was mit Brennen, Image und Co zu tun hat.
__________________
--> laufwerk öffnet sich selbständig - virus / trojaner?

Alt 15.07.2013, 14:23   #7
hoexi5000
 
laufwerk öffnet sich selbständig - virus / trojaner? - Standard

laufwerk öffnet sich selbständig - virus / trojaner?



ein tipp - danke! habe ich probiert, mit allen mir bekannten programmen, die etwas mit brennen etc. zutun haben - leider nicht erfolgreich.

für jede weitere idee wäre ich dankbar...

Alt 15.07.2013, 18:53   #8
schrauber
/// the machine
/// TB-Ausbilder
 

laufwerk öffnet sich selbständig - virus / trojaner? - Standard

laufwerk öffnet sich selbständig - virus / trojaner?



Besorg dir Process Monitor von Microsoft aus dem Internet, öffnen und immer mitlaufen lassen. Dann kannste sehen was für ein Prozess in dem Moment Auslastung hat oder neu ist, wenn das Teil aufgeht.

ein versuch....
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu laufwerk öffnet sich selbständig - virus / trojaner?
acrobat update, adobe, antivirus, bho, bonjour, defender, google, helper, hijack, hijackthis, home, internet, internet explorer, mozilla, plug-in, problem, programm, scan, security, senden, software, trojaner, trojaner?, usb, virus, windows, wlan



Ähnliche Themen: laufwerk öffnet sich selbständig - virus / trojaner?


  1. webpageclick.net öffnet sich selbständig in Chrome OS
    Alles rund um Mac OSX & Linux - 05.01.2015 (4)
  2. Tab öffnet sich selbständig immer wieder
    Log-Analyse und Auswertung - 16.08.2014 (15)
  3. Windows 7 32-Bit: Virus? CD-Laufwerk öffnet sich sporadisch / Cmd-Fenster beim Start
    Log-Analyse und Auswertung - 09.03.2014 (4)
  4. Unbekannte Webseite öffnet sich selbständig in regelmäßigen Abständen
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (2)
  5. Firefox-Tab mit Sponsorship öffnet sich selbständig
    Log-Analyse und Auswertung - 04.08.2013 (11)
  6. Virus öffnet selbständig Tabs
    Plagegeister aller Art und deren Bekämpfung - 31.01.2013 (78)
  7. DVD Laufwerk öffnet sich von selbst und lässt sich nicht mehr schließen
    Plagegeister aller Art und deren Bekämpfung - 07.10.2012 (1)
  8. Browser öffnet sich selbständig
    Log-Analyse und Auswertung - 31.07.2011 (20)
  9. Internet Explorer macht sich selbständig und öffnet Werbefenster
    Log-Analyse und Auswertung - 16.07.2010 (7)
  10. Trojaner gehabt - System jetzt sauber? IE öffnet sich selbständig...
    Plagegeister aller Art und deren Bekämpfung - 01.05.2010 (24)
  11. Internet Explorer öffnet sich selbständig mit Werbung
    Log-Analyse und Auswertung - 18.01.2010 (3)
  12. Cdrom DVD Laufwerk öffnet sich zufällig
    Log-Analyse und Auswertung - 16.11.2008 (4)
  13. DVD Laufwerk öffnet sich Automatisch
    Mülltonne - 15.11.2008 (1)
  14. Laufwerk öffnet und schließt sich automatisch
    Log-Analyse und Auswertung - 16.01.2008 (1)
  15. Internet Explorer öffnet sich ständig selbständig
    Log-Analyse und Auswertung - 25.09.2007 (13)
  16. CD Laufwerk öffnet sich von selber
    Plagegeister aller Art und deren Bekämpfung - 06.09.2006 (5)
  17. Internet Explorer öffnet sich selbständig
    Log-Analyse und Auswertung - 22.04.2006 (3)

Zum Thema laufwerk öffnet sich selbständig - virus / trojaner? - hallo! seit geraumer zeit habe ich bei meinem laptop festgestellt, dass sich in relativ unregelmäßigen abständen das cd laufwerk selbständig öffnet. konnte allerdings wirklich noch keine regelmäßigkeit erkennen, wie z.b. - laufwerk öffnet sich selbständig - virus / trojaner?...
Archiv
Du betrachtest: laufwerk öffnet sich selbständig - virus / trojaner? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.