Hallo!
Ich sollte nochmal erwähnen, dass ich ein Computer-Vollidiot bin und nicht einmal mit Begriffen wie ,,Thread´´ etwas anfangen kann.... ,
.....geschweige denn, wie man´s posted....
FRST Logfile:
FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Gabi (administrator) on GABI-PC on 29-08-2014 12:01:14
Running from C:\Users\Gabi\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxctcoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoStrCmpLogical] 1
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe [247968 2012-02-26] (Adobe Systems, Inc.)
HKU\S-1-5-21-3220686304-206382180-1288161846-1000\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162408 2011-09-13] ()
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\Policies\Explorer: [NoDrives] 0xD3FFFF03
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\MountPoints2: {052d0b0b-b155-11e1-96ed-dc0ea19a135d} - E:\AutoRun.exe
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\MountPoints2: {052d0b1a-b155-11e1-96ed-dc0ea19a135d} - E:\AutoRun.exe
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\MountPoints2: {0a6675e4-b1a6-11e1-b9bd-9cb70da1746b} - E:\AutoRun.exe
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\MountPoints2: {87cd047d-6017-11e1-96d5-806e6f6e6963} - D:\EPSETUP.EXE
HKU\S-1-5-21-3220686304-206382180-1288161846-1001\...\MountPoints2: {ef7ce6f2-ba6c-11e1-9132-9cb70da1746b} - G:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
BootExecute: autocheck autochk /r \??\F:autocheck autochk /r \??\F:autocheck autochk *
GroupPolicyUsers\S-1-5-21-3220686304-206382180-1288161846-1000\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: http=127.0.0.1:49199;https=127.0.0.1:49199
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=706&systemid=406&apn_uid=0018759653534119&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá�*X(Ž2s��(ÛÎÀJºÔÓµ± �vË°!×—(ä¼48и�patm6êo�^Mp`�Ëõ÷_i£w˜¾!„Áû�†x¢8€ÙjÀÿþ*´Ñ;áa´�[¦†8*º~RÙxœòÜ8'£-)�x*ä* URL =
BHO-x32: Smart Suggestor -> {DB536AF2-E422-402d-B7FD-887297F1A198} -> C:\Program Files (x86)\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Gabi\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Gabi\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default\user.js
FF SearchPlugin: C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default\searchplugins\optitoolbar.xml
FF SearchPlugin: C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default\searchplugins\yahoo_ff.xml
FF Extension: Ghostery - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default\Extensions\firefox@ghostery.com [2013-03-08]
FF Extension: Whilokii - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default\Extensions\firefox@whilokii.net [2013-10-18]
FF Extension: FreeHDSport TV 3 - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default\Extensions\fhdp3@freehdsp.tv.xpi [2013-06-30]
FF Extension: PrivDog - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default\Extensions\PrivDog@AdTrustMedia.com.xpi [2013-10-19]
FF Extension: Smart Suggestor - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\mfdp2njx.default\Extensions\{3628D7BD-FD0D-47b8-8C8B-865CEB7DD779}.xpi [2013-02-06]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-08-29]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: Default -> "https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR DefaultSearchProvider: Default -> Search By ZoneAlarm
CHR DefaultSearchURL: Default -> hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=DE&q={searchTerms}&gu=3b87a481610547869bede2eff9b66e37&tu=11Jiy00FS1D13P0&sku=&tstsId=&ver=&
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Gabi\AppData\Local\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Gabi\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Gabi\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Gabi\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Profile: C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx []
CHR HKLM-x32\...\Chrome\Extension: [demmlacpnijjgliknaehpamnnbncnodb] - C:\Program Files (x86)\Smart Suggestor\SmartSuggestor.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [jbhadopkkbkjmnjmifbbofhnbmhacoae] - C:\Program Files (x86)\DDownTango6bToolbar\chrome\DDownTango6bToolbar.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-11-21]
CHR StartMenuInternet: Google Chrome - C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 lxct_device; C:\Windows\system32\lxctcoms.exe [566192 2007-03-19] ( )
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-10] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
S0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [122584 2014-08-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-11-12] (TuneUp Software)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S0 qmhgf; System32\drivers\ugevuev.sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys C8679A07267F030704168E45E27C3D43
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57xdbd.sys A424CB46A145E5AABF15621550976DF2
C:\Windows\System32\DRIVERS\b57xdmp.sys BE4E6FD5A898812B85D5817AD9754A9F
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bScsiMSa.sys 0970D8B7151E9113BF8D44CE2E954DF7
C:\Windows\System32\DRIVERS\bScsiSDa.sys 0C1EEE5AF32402D306874B110DE237EC
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\eamonm.sys FE96AA1A36E76588C80DF1040286DDE1
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\edevmon.sys FD4BC52A6978A50A81B01E2C74D8737E
C:\Windows\System32\DRIVERS\ehdrv.sys 807BA90D47F8885C09E1D6AFBB706E18
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfwwfpr.sys FEE856E92AFCC61DA146F186E291FFD7
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys 26CF4275034214ECEDD8EC17B0A18A99
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 9937600A1584FF00565D5379EB4C9EDB
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\k57nd60a.sys 455B75C19BF3F1F2EE3AC10E1169826C
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys F92B0E478C0FAA6D6661E6E977247E60
C:\Windows\System32\drivers\MBAMSwissArmy.sys 8A50D5304E6AE48664CF5838EC32F647
C:\Windows\system32\drivers\mwac.sys 15E8ABC06843672955CE26A009533BAD
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 9EB89625A82AC961F25E7C865947BF9A
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys C3E0696C3B42F694C5822776AA6FFFDF
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 9B93CC9C70EDE60A9C486E7719DB9E8D
C:\Windows\System32\DRIVERS\nvpciflt.sys F76296368BB813E0C6996501A3271C7C
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SmartDefragDriver.sys DD0443BC6CC78A19FD399817F8C51401
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\taphss6.sys 2A6F99C1E2D25C4C920A37E07BB26291
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys 45427C4B8CAC6B241478F149B935CD80
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 11:51 - 2014-08-29 11:55 - 00045218 _____ () C:\Users\Gabi\Desktop\Shortcut.txt
2014-08-29 11:49 - 2014-08-29 11:55 - 00030976 _____ () C:\Users\Gabi\Desktop\Addition.txt
2014-08-29 11:46 - 2014-08-29 12:01 - 00033166 _____ () C:\Users\Gabi\Desktop\FRST.txt
2014-08-29 11:46 - 2014-08-29 12:01 - 00000000 ____D () C:\FRST
2014-08-29 11:14 - 2014-08-29 11:14 - 00005602 _____ () C:\Users\Gabi\Desktop\exe-fix.bat
2014-08-29 09:41 - 2014-08-29 09:41 - 00000525 _____ () C:\Users\Gabi\Desktop\Vergleich.bat
2014-08-29 09:35 - 2014-08-29 09:36 - 00969845 _____ (ShadowExplorer.com ) C:\Users\Gabi\Desktop\ShadowExplorer-0.9-setup.exe
2014-08-29 08:08 - 2014-08-29 08:08 - 02103296 _____ (Farbar) C:\Users\Gabi\Desktop\FRST64.exe
2014-08-29 06:20 - 2014-08-29 06:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-29 06:20 - 2014-08-29 06:20 - 00000000 ____D () C:\ProgramData\ESET
2014-08-29 06:20 - 2014-08-29 06:20 - 00000000 ____D () C:\Program Files\ESET
2014-08-29 06:17 - 2014-08-29 06:17 - 01695680 _____ (ESET) C:\Users\Gabi\Desktop\eset_nod32_antivirus_live_installer_.exe
2014-08-29 04:25 - 2014-08-29 04:25 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Vorlagen
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Lokale Einstellungen
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Eigene Dateien
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Anwendungsdaten
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Anwendungsdaten
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 ____D () C:\Users\TEMP
2014-08-29 04:25 - 2014-07-23 14:14 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\GlarySoft
2014-08-29 04:25 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-29 04:25 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-29 04:16 - 2014-08-29 04:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-08-29 04:16 - 2014-08-29 04:16 - 00002298 _____ () C:\Users\Public\Desktop\Epson Stylus SX210_SX410_TX210_TX410 Handbuch.lnk
2014-08-29 03:47 - 2014-08-29 03:47 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\InstallShield
2014-08-28 15:36 - 2014-08-28 15:36 - 00001560 _____ () C:\Users\Gabi\Desktop\Windows -Antimalware.lnk
2014-08-28 15:09 - 2014-08-28 15:10 - 00000000 ____D () C:\Users\Gabi\Dokumente\Ereignisprotokoll & Diskreport
2014-08-28 13:20 - 2014-08-28 13:20 - 00000000 ___RD () C:\GABI-PC -SICHERUNGEN-
2014-08-28 13:09 - 2014-08-28 13:09 - 00001103 _____ () C:\Users\Gabi\Desktop\TRAILERPARK.lnk
2014-08-28 13:08 - 2014-08-28 13:08 - 00001056 _____ () C:\Users\Gabi\Desktop\257ERS.lnk
2014-08-28 09:31 - 2014-08-28 09:31 - 00001549 _____ () C:\Users\Gabi\Desktop\Malware -bytes.lnk
2014-08-28 08:46 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 08:46 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 08:46 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 08:43 - 2014-08-28 08:43 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-08-27 17:15 - 2014-08-28 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CardRecovery
2014-08-27 16:20 - 2014-08-29 04:23 - 00006753 _____ () C:\Windows\DtcInstall.log
2014-08-27 16:11 - 2014-08-28 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Suggestor
2014-08-27 16:11 - 2014-08-28 13:00 - 00000000 ____D () C:\Program Files (x86)\Smart Suggestor
2014-08-27 15:36 - 2014-08-27 15:36 - 00000656 _____ () C:\Users\Gabi\Desktop\pdf-editor_setup_full1155.exe.lnk
2014-08-27 14:16 - 2014-08-28 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2014-08-27 12:27 - 2014-08-27 12:27 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\SpeedMaxPc
2014-08-27 12:27 - 2014-08-27 12:27 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\DriverCure
2014-08-27 12:26 - 2014-08-27 15:01 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-08-27 12:21 - 2014-08-27 12:21 - 00002056 _____ () C:\Users\Gabi\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-08-27 12:21 - 2014-08-27 12:21 - 00002052 _____ () C:\Users\Gabi\Desktop\TuneUp Utilities 2014.lnk
2014-08-26 16:14 - 2014-08-26 16:14 - 00001362 _____ () C:\Users\Gabi\Desktop\BEST OF TRAILERPARK & 257ERS.lnk
2014-08-26 13:35 - 2014-08-26 13:35 - 00003544 ____N () C:\bootsqm.dat
2014-08-26 10:29 - 2014-08-26 10:29 - 00000000 ____D () C:\Users\Gabi\Dokumente\Epson Handbuch
2014-08-26 08:38 - 2013-12-10 09:51 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-08-26 08:38 - 2013-12-10 09:51 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-08-26 08:34 - 2014-08-28 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-08-26 08:34 - 2014-08-28 13:00 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-08-26 08:34 - 2014-08-26 08:34 - 00002173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-08-26 08:34 - 2013-12-10 09:51 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-08-26 08:34 - 2013-12-10 09:51 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-08-26 08:34 - 2013-12-10 09:51 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-08-25 16:56 - 2014-08-28 15:36 - 00000000 ____D () C:\Users\Gabi\Downloads\Windows Downlaods
2014-08-25 16:55 - 2014-08-28 13:00 - 00000000 ____D () C:\Users\Gabi\Downloads\Downloads nachschauen
2014-08-25 16:50 - 2014-08-25 16:50 - 00001472 _____ () C:\Windows\IE11_main.log
2014-08-25 10:01 - 2014-08-28 13:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-25 10:01 - 2014-08-28 12:59 - 00000000 ____D () C:\Windows\ShellNew
2014-08-25 10:01 - 2014-08-25 10:01 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2014-08-25 01:39 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-25 01:39 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-25 01:39 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-25 01:39 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-25 01:31 - 2014-08-25 01:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-25 01:09 - 2014-08-29 07:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 01:09 - 2014-08-25 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-25 01:09 - 2014-08-25 01:09 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-25 01:09 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-25 01:09 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-25 01:09 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-24 22:17 - 2014-08-28 13:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2014-08-24 22:17 - 2014-08-24 22:59 - 00002099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-08-24 20:15 - 2014-08-28 12:59 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-24 20:15 - 2014-08-28 12:59 - 00000000 ____D () C:\Windows\system32\NV
2014-08-24 20:03 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-08-24 20:03 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-08-24 20:03 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-08-24 20:03 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-08-24 20:03 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-08-24 20:03 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-24 20:03 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-08-24 20:03 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-08-24 20:03 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-08-24 20:03 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-08-24 20:03 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-08-24 20:03 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-08-24 20:03 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-08-24 20:03 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-08-24 20:03 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-08-24 20:03 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-08-24 20:02 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-08-24 20:02 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-08-24 20:02 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-08-24 20:02 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-08-24 20:02 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-08-24 19:54 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-08-24 19:54 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-08-24 19:54 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-08-24 19:54 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-08-22 15:59 - 2014-08-22 15:59 - 00002992 _____ () C:\Windows\System32\Tasks\{C48A051A-2315-41EF-9F4B-F0E795C9B490}
2014-08-22 14:19 - 2014-08-22 14:19 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\Macromedia
2014-08-22 13:39 - 2014-08-25 18:06 - 00002968 _____ () C:\Windows\System32\Tasks\{935254F1-69CA-4F8E-9052-9433F872F202}
2014-08-22 13:23 - 2014-08-29 04:23 - 00004922 _____ () C:\Windows\setupact.log
2014-08-22 13:23 - 2014-08-29 04:12 - 00006848 _____ () C:\Windows\PFRO.log
2014-08-22 13:23 - 2014-08-28 09:38 - 00293120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-22 09:06 - 2014-08-28 13:00 - 00000000 ___HD () C:\Windows\Icons
2014-08-21 17:03 - 2014-08-26 08:39 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-08-21 07:46 - 2014-08-21 07:48 - 00001197 _____ () C:\Users\Gabi\Desktop\Fotos.lnk
2014-08-21 07:21 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 07:21 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 07:21 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 07:21 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 07:21 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 07:21 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 07:21 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 07:21 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 07:21 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 07:21 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 07:21 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 07:21 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 07:21 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 07:21 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 14:57 - 2014-08-26 08:34 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\TuneUp Software
2014-08-20 14:46 - 2014-08-28 13:37 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\vlc
2014-08-20 11:32 - 2014-08-21 07:43 - 00001755 _____ () C:\Users\Gabi\Desktop\Suchvorgänge.lnk
2014-08-20 11:27 - 2014-08-20 15:10 - 00000000 ___RD () C:\Users\Gabi\Suchen
2014-08-17 02:29 - 2014-08-17 02:30 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-16 19:34 - 2014-08-16 19:34 - 00003028 _____ () C:\Windows\System32\Tasks\{14D869DD-E476-4211-9A2B-7DB47C22235C}
2014-08-16 11:54 - 2014-08-16 11:54 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-08-14 10:38 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 10:38 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 10:38 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 10:38 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 10:38 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 10:38 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 10:38 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 10:38 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 02:14 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 02:14 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 02:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 02:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 02:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 02:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 02:14 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 02:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 02:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 02:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 02:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 02:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 02:14 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 02:14 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 02:13 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 02:13 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 02:13 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 02:13 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 02:13 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 02:13 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 02:13 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 02:13 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 02:13 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 02:13 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 02:13 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 02:13 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 02:13 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 02:13 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 02:13 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 02:13 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 02:13 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 02:13 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 02:13 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 02:13 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 02:13 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 02:13 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 02:13 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 02:13 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 02:13 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 02:13 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 02:13 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 02:13 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 02:13 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 02:13 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 02:13 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 02:13 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 02:13 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 02:13 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 02:13 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 02:13 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 02:13 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 02:13 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 02:13 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 02:13 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 02:13 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 02:13 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 02:13 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 02:13 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 02:13 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 02:13 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 02:13 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 02:13 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 02:13 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 02:13 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 02:13 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 02:13 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 02:13 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 02:13 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 02:13 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 02:13 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 02:13 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 02:13 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 02:13 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 02:13 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 02:13 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 02:13 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 02:13 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 02:13 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 02:13 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 02:13 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 02:13 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 02:13 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 02:13 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 02:13 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 14:47 - 2014-08-16 14:49 - 00076329 _____ () C:\Windows\system32\ScanResults.xml
2014-08-13 14:43 - 2014-08-16 14:47 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-08-10 08:50 - 2014-08-10 19:50 - 00000163 _____ () C:\Windows\Reimage.ini
2014-08-09 01:18 - 2014-08-09 01:18 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-08-01 23:00 - 2014-08-22 13:22 - 00327680 _____ () C:\Windows\system32\Ikeext.etl
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 12:01 - 2014-08-29 11:46 - 00033166 _____ () C:\Users\Gabi\Desktop\FRST.txt
2014-08-29 12:01 - 2014-08-29 11:46 - 00000000 ____D () C:\FRST
2014-08-29 11:55 - 2014-08-29 11:51 - 00045218 _____ () C:\Users\Gabi\Desktop\Shortcut.txt
2014-08-29 11:55 - 2014-08-29 11:49 - 00030976 _____ () C:\Users\Gabi\Desktop\Addition.txt
2014-08-29 11:14 - 2014-08-29 11:14 - 00005602 _____ () C:\Users\Gabi\Desktop\exe-fix.bat
2014-08-29 10:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-08-29 09:41 - 2014-08-29 09:41 - 00000525 _____ () C:\Users\Gabi\Desktop\Vergleich.bat
2014-08-29 09:36 - 2014-08-29 09:35 - 00969845 _____ (ShadowExplorer.com ) C:\Users\Gabi\Desktop\ShadowExplorer-0.9-setup.exe
2014-08-29 09:34 - 2012-06-08 12:02 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3220686304-206382180-1288161846-1001Core.job
2014-08-29 08:08 - 2014-08-29 08:08 - 02103296 _____ (Farbar) C:\Users\Gabi\Desktop\FRST64.exe
2014-08-29 07:51 - 2012-02-26 03:19 - 01505820 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 07:45 - 2014-08-25 01:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-29 06:20 - 2014-08-29 06:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-29 06:20 - 2014-08-29 06:20 - 00000000 ____D () C:\ProgramData\ESET
2014-08-29 06:20 - 2014-08-29 06:20 - 00000000 ____D () C:\Program Files\ESET
2014-08-29 06:17 - 2014-08-29 06:17 - 01695680 _____ (ESET) C:\Users\Gabi\Desktop\eset_nod32_antivirus_live_installer_.exe
2014-08-29 05:29 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 05:29 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 04:45 - 2014-08-29 04:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-08-29 04:31 - 2011-10-11 13:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-29 04:25 - 2014-08-29 04:25 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Vorlagen
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Lokale Einstellungen
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Eigene Dateien
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Anwendungsdaten
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 _SHDL () C:\Users\TEMP\Anwendungsdaten
2014-08-29 04:25 - 2014-08-29 04:25 - 00000000 ____D () C:\Users\TEMP
2014-08-29 04:23 - 2014-08-27 16:20 - 00006753 _____ () C:\Windows\DtcInstall.log
2014-08-29 04:23 - 2014-08-22 13:23 - 00004922 _____ () C:\Windows\setupact.log
2014-08-29 04:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 04:21 - 2014-07-11 04:24 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-29 04:20 - 2014-07-09 15:23 - 00000000 ____D () C:\ProgramData\UDL
2014-08-29 04:18 - 2014-07-09 15:18 - 00000000 ____D () C:\Program Files (x86)\epson
2014-08-29 04:16 - 2014-08-29 04:16 - 00002298 _____ () C:\Users\Public\Desktop\Epson Stylus SX210_SX410_TX210_TX410 Handbuch.lnk
2014-08-29 04:15 - 2014-07-09 15:18 - 00000000 ____D () C:\ProgramData\EPSON
2014-08-29 04:12 - 2014-08-22 13:23 - 00006848 _____ () C:\Windows\PFRO.log
2014-08-29 04:03 - 2012-02-26 12:11 - 00773502 _____ () C:\Windows\system32\perfh007.dat
2014-08-29 04:03 - 2012-02-26 12:11 - 00176440 _____ () C:\Windows\system32\perfc007.dat
2014-08-29 04:03 - 2009-07-14 07:13 - 01807946 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-29 03:47 - 2014-08-29 03:47 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\InstallShield
2014-08-28 17:38 - 2014-02-16 09:52 - 00000680 __RSH () C:\Users\Gabi\ntuser.pol
2014-08-28 17:38 - 2012-06-08 12:14 - 00000000 ____D () C:\Users\Gabi
2014-08-28 16:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-28 16:32 - 2012-06-08 12:14 - 00000000 ___RD () C:\Users\Gabi\Dokumente
2014-08-28 15:36 - 2014-08-28 15:36 - 00001560 _____ () C:\Users\Gabi\Desktop\Windows -Antimalware.lnk
2014-08-28 15:36 - 2014-08-25 16:56 - 00000000 ____D () C:\Users\Gabi\Downloads\Windows Downlaods
2014-08-28 15:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-28 15:10 - 2014-08-28 15:09 - 00000000 ____D () C:\Users\Gabi\Dokumente\Ereignisprotokoll & Diskreport
2014-08-28 15:04 - 2014-02-03 07:59 - 00000000 ____D () C:\Users\Gabi\Dokumente\Wichtige Unterlagen ARBEIT
2014-08-28 15:03 - 2014-02-03 07:51 - 00000000 ____D () C:\Users\Gabi\Dokumente\Stadtwerke
2014-08-28 15:03 - 2013-07-08 00:06 - 00000000 ____D () C:\Users\Gabi\Dokumente\Schule Dario
2014-08-28 15:02 - 2014-02-03 08:04 - 00000000 ____D () C:\Users\Gabi\Dokumente\MUSTERBRIEFE VERBRAUCHERZENTRALE
2014-08-28 14:59 - 2014-03-04 11:52 - 00000000 ____D () C:\Users\Gabi\Dokumente\Kindergeld
2014-08-28 14:59 - 2014-01-12 14:40 - 00000000 ____D () C:\Users\Gabi\Dokumente\Marco
2014-08-28 14:58 - 2014-05-13 18:14 - 00000000 ____D () C:\Users\Gabi\Dokumente\HPG 14.05.2014
2014-08-28 14:58 - 2014-02-21 12:58 - 00000000 ____D () C:\Users\Gabi\Dokumente\Jobcenter
2014-08-28 14:58 - 2014-02-03 08:05 - 00000000 ____D () C:\Users\Gabi\Dokumente\Jugendamt
2014-08-28 14:57 - 2013-07-08 00:10 - 00000000 ____D () C:\Users\Gabi\Dokumente\Hammes
2014-08-28 14:56 - 2014-02-03 08:03 - 00000000 ____D () C:\Users\Gabi\Dokumente\HAMM HÜRRÜNGÜN
2014-08-28 14:56 - 2014-02-03 07:54 - 00000000 ____D () C:\Users\Gabi\Dokumente\Frau Laumann
2014-08-28 14:55 - 2013-07-08 00:08 - 00000000 ____D () C:\Users\Gabi\Dokumente\Base
2014-08-28 14:55 - 2013-07-06 06:29 - 00000000 ____D () C:\Users\Gabi\Fotos
2014-08-28 14:54 - 2014-05-10 18:59 - 00000000 ____D () C:\Users\Gabi\Dokumente\CALLA
2014-08-28 14:54 - 2013-07-08 00:16 - 00000000 ____D () C:\Users\Gabi\Dokumente\A-Amt
2014-08-28 14:53 - 2013-07-08 00:03 - 00000000 ____D () C:\Users\Gabi\Dokumente\Dario
2014-08-28 13:47 - 2014-05-01 19:52 - 00000000 ____D () C:\Users\Gabi\Dokumente\Alle Frequenzen im BOS und Polizeifunk im 8m, 4m, 2m und 70cm Band_files
2014-08-28 13:46 - 2014-05-03 21:47 - 00000000 ____D () C:\Users\Gabi\Dokumente\mt
2014-08-28 13:37 - 2014-08-20 14:46 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\vlc
2014-08-28 13:20 - 2014-08-28 13:20 - 00000000 ___RD () C:\GABI-PC -SICHERUNGEN-
2014-08-28 13:09 - 2014-08-28 13:09 - 00001103 _____ () C:\Users\Gabi\Desktop\TRAILERPARK.lnk
2014-08-28 13:08 - 2014-08-28 13:08 - 00001056 _____ () C:\Users\Gabi\Desktop\257ERS.lnk
2014-08-28 13:00 - 2014-08-27 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Suggestor
2014-08-28 13:00 - 2014-08-27 16:11 - 00000000 ____D () C:\Program Files (x86)\Smart Suggestor
2014-08-28 13:00 - 2014-08-26 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-08-28 13:00 - 2014-08-26 08:34 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-08-28 13:00 - 2014-08-25 16:55 - 00000000 ____D () C:\Users\Gabi\Downloads\Downloads nachschauen
2014-08-28 13:00 - 2014-08-25 10:01 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-28 13:00 - 2014-08-24 22:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2014-08-28 13:00 - 2014-08-22 09:06 - 00000000 ___HD () C:\Windows\Icons
2014-08-28 13:00 - 2012-02-26 03:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-28 13:00 - 2012-02-26 03:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-28 13:00 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-28 13:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-28 13:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-28 13:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-08-28 12:59 - 2014-08-25 10:01 - 00000000 ____D () C:\Windows\ShellNew
2014-08-28 12:59 - 2014-08-24 20:15 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-28 12:59 - 2014-08-24 20:15 - 00000000 ____D () C:\Windows\system32\NV
2014-08-28 12:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2014-08-28 12:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-28 10:09 - 2014-08-27 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CardRecovery
2014-08-28 09:54 - 2014-08-27 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2014-08-28 09:38 - 2014-08-22 13:23 - 00293120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 09:31 - 2014-08-28 09:31 - 00001549 _____ () C:\Users\Gabi\Desktop\Malware -bytes.lnk
2014-08-28 08:43 - 2014-08-28 08:43 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-08-27 15:36 - 2014-08-27 15:36 - 00000656 _____ () C:\Users\Gabi\Desktop\pdf-editor_setup_full1155.exe.lnk
2014-08-27 15:01 - 2014-08-27 12:26 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-08-27 12:27 - 2014-08-27 12:27 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\SpeedMaxPc
2014-08-27 12:27 - 2014-08-27 12:27 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\DriverCure
2014-08-27 12:21 - 2014-08-27 12:21 - 00002056 _____ () C:\Users\Gabi\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-08-27 12:21 - 2014-08-27 12:21 - 00002052 _____ () C:\Users\Gabi\Desktop\TuneUp Utilities 2014.lnk
2014-08-27 10:41 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther
2014-08-26 16:14 - 2014-08-26 16:14 - 00001362 _____ () C:\Users\Gabi\Desktop\BEST OF TRAILERPARK & 257ERS.lnk
2014-08-26 14:22 - 2012-08-06 19:00 - 01782226 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-26 13:35 - 2014-08-26 13:35 - 00003544 ____N () C:\bootsqm.dat
2014-08-26 10:47 - 2014-04-11 13:27 - 00000000 ____D () C:\Users\Gabi\Dokumente\Gespräch Fr. Starp 11.04.2014
2014-08-26 10:44 - 2014-04-27 18:31 - 00000000 ____D () C:\Users\Gabi\Dokumente\WINDOWS REPAIR
2014-08-26 10:29 - 2014-08-26 10:29 - 00000000 ____D () C:\Users\Gabi\Dokumente\Epson Handbuch
2014-08-26 10:16 - 2014-06-26 20:44 - 00000000 ____D () C:\Fotos von Marco´s Handy; versuvh
2014-08-26 10:16 - 2014-03-04 11:34 - 00000000 ____D () C:\Users\Gabi\Dokumente\Mietvertrag Hohe Strasse
2014-08-26 10:15 - 2014-03-04 14:14 - 00000000 ____D () C:\Users\Gabi\Dokumente\SCHMITZ NK 2013
2014-08-26 10:15 - 2014-03-04 11:55 - 00000000 ____D () C:\Users\Gabi\Dokumente\UVG
2014-08-26 10:13 - 2014-03-04 11:25 - 00000000 ____D () C:\Users\Gabi\Dokumente\SCHEIDUNGSURTEIL
2014-08-26 10:12 - 2014-03-04 18:22 - 00000000 ____D () C:\Users\Gabi\Dokumente\STADTWERKE JAHRESRECCHNUNG GAS - 2013
2014-08-26 10:12 - 2014-03-04 11:30 - 00000000 ____D () C:\Users\Gabi\Dokumente\Ablauf ALG-I-Bezug
2014-08-26 08:55 - 2012-02-26 03:39 - 00000000 ____D () C:\ProgramData\install_clap
2014-08-26 08:39 - 2014-08-21 17:03 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-08-26 08:34 - 2014-08-26 08:34 - 00002173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-08-26 08:34 - 2014-08-20 14:57 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\TuneUp Software
2014-08-25 18:10 - 2013-02-09 08:41 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\NCH Software
2014-08-25 18:06 - 2014-08-22 13:39 - 00002968 _____ () C:\Windows\System32\Tasks\{935254F1-69CA-4F8E-9052-9433F872F202}
2014-08-25 16:50 - 2014-08-25 16:50 - 00001472 _____ () C:\Windows\IE11_main.log
2014-08-25 10:01 - 2014-08-25 10:01 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2014-08-25 01:31 - 2014-08-25 01:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-25 01:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-08-25 01:09 - 2014-08-25 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-25 01:09 - 2014-08-25 01:09 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-24 22:59 - 2014-08-24 22:17 - 00002099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-08-24 20:15 - 2012-02-26 03:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-23 04:07 - 2014-08-28 08:46 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 08:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 08:46 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 15:59 - 2014-08-22 15:59 - 00002992 _____ () C:\Windows\System32\Tasks\{C48A051A-2315-41EF-9F4B-F0E795C9B490}
2014-08-22 14:19 - 2014-08-22 14:19 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\Macromedia
2014-08-22 13:29 - 2012-09-08 17:45 - 00002057 _____ () C:\Windows\epplauncher.mif
2014-08-22 13:22 - 2014-08-01 23:00 - 00327680 _____ () C:\Windows\system32\Ikeext.etl
2014-08-22 12:13 - 2012-06-08 12:17 - 00001433 _____ () C:\Users\Gabi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 19:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-21 17:26 - 2013-10-05 18:52 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-08-21 17:26 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-21 16:46 - 2013-12-31 01:19 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-08-21 16:46 - 2013-11-10 13:18 - 00003500 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Gabi-PC-Gabi
2014-08-21 16:46 - 2012-09-08 21:02 - 00003786 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-08-21 08:35 - 2013-10-22 09:12 - 00001148 _____ () C:\Users\Gabi\Desktop\Uninstall Manager Start.lnk
2014-08-21 08:35 - 2013-01-26 17:38 - 00000000 ___RD () C:\Users\Gabi\Desktop\Uninstall Manager Setup-Datei
2014-08-21 07:48 - 2014-08-21 07:46 - 00001197 _____ () C:\Users\Gabi\Desktop\Fotos.lnk
2014-08-21 07:43 - 2014-08-20 11:32 - 00001755 _____ () C:\Users\Gabi\Desktop\Suchvorgänge.lnk
2014-08-21 07:42 - 2014-03-12 13:31 - 00001766 _____ () C:\Users\Gabi\Desktop\Eigene Dokumente.lnk
2014-08-21 07:42 - 2013-07-06 09:21 - 00001042 _____ () C:\Users\Gabi\Desktop\Gabi.lnk
2014-08-21 07:35 - 2014-02-22 19:58 - 00001796 _____ () C:\Users\Gabi\Desktop\MP3 MINIMAL Techno.lnk
2014-08-21 07:34 - 2014-02-22 19:58 - 00001775 _____ () C:\Users\Gabi\Desktop\MP3 ACID Techno.lnk
2014-08-20 17:47 - 2014-07-11 05:11 - 00000000 ____D () C:\inetpub
2014-08-20 15:10 - 2014-08-20 11:27 - 00000000 ___RD () C:\Users\Gabi\Suchen
2014-08-20 14:54 - 2012-09-26 15:16 - 00000000 ____D () C:\Users\SYSTEM
2014-08-20 13:35 - 2014-05-28 07:02 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-20 13:35 - 2014-05-28 06:56 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\GlarySoft
2014-08-20 10:10 - 2011-10-11 14:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-17 02:31 - 2011-10-11 14:00 - 00000000 ____D () C:\ProgramData\WildTangent
2014-08-17 02:31 - 2011-10-11 14:00 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-08-17 02:30 - 2014-08-17 02:29 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-16 19:34 - 2014-08-16 19:34 - 00003028 _____ () C:\Windows\System32\Tasks\{14D869DD-E476-4211-9A2B-7DB47C22235C}
2014-08-16 14:49 - 2014-08-13 14:47 - 00076329 _____ () C:\Windows\system32\ScanResults.xml
2014-08-16 14:47 - 2014-08-13 14:43 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-08-16 11:54 - 2014-08-16 11:54 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-08-14 10:48 - 2013-09-01 13:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 10:37 - 2014-05-09 12:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-10 19:50 - 2014-08-10 08:50 - 00000163 _____ () C:\Windows\Reimage.ini
2014-08-09 04:13 - 2014-05-28 06:56 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\DiskDefrag
2014-08-09 01:18 - 2014-08-09 01:18 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-08-07 04:06 - 2014-08-14 02:13 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 02:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 00:22 - 2014-05-31 23:54 - 00000000 ____D () C:\Users\Gabi\Dokumente\DVDVideoSoft
2014-08-01 22:32 - 2014-03-14 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-01 21:37 - 2014-07-29 12:16 - 00000000 ____D () C:\Users\Gabi\Dokumente\Treibersicherung
2014-08-01 01:41 - 2014-08-14 02:13 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 02:13 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 23:41 - 2012-09-08 01:14 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Gabi\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Gabi\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Gabi\AppData\Local\Temp\InstHelper.exe
C:\Users\Gabi\AppData\Local\Temp\Player_Setup.exe
C:\Users\Gabi\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Gabi\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Gabi\AppData\Local\Temp\Setup.exe
C:\Users\Gabi\AppData\Local\Temp\_is14F6.exe
C:\Users\Gabi\AppData\Local\Temp\_is3919.exe
C:\Users\Gabi\AppData\Local\Temp\_is46A0.exe
C:\Users\Gabi\AppData\Local\Temp\_is4A67.exe
C:\Users\Gabi\AppData\Local\Temp\_is710A.exe
C:\Users\Gabi\AppData\Local\Temp\_is88CE.exe
C:\Users\Gabi\AppData\Local\Temp\_isC9B4.exe
C:\Users\Gabi\AppData\Local\Temp\_isD7C8.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {current}
resumeobject {59be5274-6060-11e1-a589-81634de44ff0}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {59be5276-6060-11e1-a589-81634de44ff0}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {59be5274-6060-11e1-a589-81634de44ff0}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {59be5276-6060-11e1-a589-81634de44ff0}
device ramdisk=[C:]\Recovery\59be5276-6060-11e1-a589-81634de44ff0\Winre.wim,{59be5277-6060-11e1-a589-81634de44ff0}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\59be5276-6060-11e1-a589-81634de44ff0\Winre.wim,{59be5277-6060-11e1-a589-81634de44ff0}
systemroot \windows
nx OptIn
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {59be5274-6060-11e1-a589-81634de44ff0}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {59be5277-6060-11e1-a589-81634de44ff0}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\59be5276-6060-11e1-a589-81634de44ff0\boot.sdi
LastRegBack: 2014-08-17 09:04
==================== End Of Log ============================
--- --- ---
--- --- ---
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by Gabi at 2014-08-29 12:02:23
Running from C:\Users\Gabi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1784.41616 - ABBYY Software House)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Epson Stylus SX210_SX410_TX210_TX410 Handbuch (HKLM-x32\...\Epson Stylus SX210_SX410_TX210_TX410 Benutzerhandbuch) (Version: - )
ESET NOD32 Antivirus (HKLM\...\{EDD78A07-776B-417C-817B-35BB00F12EBF}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Malwarebytes
Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaHuman Audio Converter Version 1.9 (HKLM-x32\...\MediaHuman Audio Converter_is1) (Version: 1.9 - MediaHuman)
MediaHuman YouTube to MP3 Converter Version 3.5.3 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.5.3 - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{CFF19D4A-F26D-4C6C-8535-A7C9107C9027}) (Version: 15.0.07100 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.23200 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 15.0.12032 - Nero AG) Hidden
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.12000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.22.3600 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.25000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.23000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3504 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Smart Suggestor (HKLM-x32\...\Smart Suggestor) (Version: 1.2.13.0 - Think Tank Labs, LLC)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.216 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.216 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.216 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
Uninstall Manager 5.3 (HKLM\...\{45BFB5F0-19B7-4564-B787-A3BAAA0E5AA1}_is1) (Version: 5.3 - Martin Fuchs)
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3504 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3220686304-206382180-1288161846-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Gabi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3220686304-206382180-1288161846-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gabi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
25-08-2014 03:20:03 Windows Update
25-08-2014 08:01:09 Windows Modules Installer
25-08-2014 14:14:07 Windows Modules Installer
25-08-2014 16:06:33 TuneUp Utilities 2014 wird entfernt
25-08-2014 16:08:13 TuneUp Utilities 2014 (de-DE) wird entfernt
26-08-2014 06:28:13 TuneUp Utilities 2014 wird installiert
28-08-2014 07:34:17 Windows Update
28-08-2014 10:51:54 Wiederherstellungsvorgang
29-08-2014 02:01:01 Installiert InstallShield Wiederherstellungspunkt
29-08-2014 02:17:02 Installiert InstallShield Wiederherstellungspunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {18A439AB-78C9-4EE6-B6F8-4521D6B0C053} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {20C6C438-10E3-4766-99F8-1B13B8AF4FF0} - System32\Tasks\{935254F1-69CA-4F8E-9052-9433F872F202} => C:\Program Files (x86)\NCH Software\Switch\switch.exe
Task: {2F2CE611-F235-422A-AED6-168C2AD516BB} - \PC Performer No Task File <==== ATTENTION
Task: {6C021162-AB55-4260-87C6-562AB6B1984B} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {76C64681-7712-4D01-B978-59621C6FF4A3} - System32\Tasks\{C48A051A-2315-41EF-9F4B-F0E795C9B490} => C:\Program Files (x86)\TuneUp Utilities 2014\StartupOptimizer.exe [2013-12-10] (TuneUp Software)
Task: {8E45A426-73B1-4CC7-A9D5-CBE5ED671E77} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
Task: {A25BFC0C-0EC1-42F5-9DB3-BF9F7B10CA4D} - \EPUpdater No Task File <==== ATTENTION
Task: {A813132B-4E48-4E37-89BD-B2445E187C0F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3220686304-206382180-1288161846-1001Core => C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {C617A6F7-EBFF-42BA-A891-34D66C0B1AC6} - System32\Tasks\Google Updater and Installer => C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {CD5AE839-7FE6-4EA4-9320-1B02D276B61E} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {DE849EFF-F5DB-4830-B944-B70F485A4B89} - System32\Tasks\AdobeAAMUpdater-1.0-Gabi-PC-Gabi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {E7C75A9D-6285-431D-AC1D-C50845E86D56} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-10] (TuneUp Software)
Task: {E88E9EFB-C3C2-405C-B1D7-4BD2A1D05CFC} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {F2C5D482-18FD-4A57-9C70-0ECA2316437B} - \DealPly No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3220686304-206382180-1288161846-1001Core.job => C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-02-26 03:26 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-06 09:14 - 2007-01-18 03:32 - 00146432 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxctdrpp.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-10 09:51 - 2013-12-10 09:51 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-08-14 11:06 - 2014-08-14 11:06 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7598189e5bf031ab690da3f2ae3b30ef\IsdiInterop.ni.dll
2011-10-11 13:50 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-08-15 18:27 - 2014-08-07 05:20 - 00718152 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 18:27 - 2014-08-07 05:20 - 00126280 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 18:27 - 2014-08-07 05:20 - 08537928 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 18:27 - 2014-08-07 05:20 - 00353096 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 18:27 - 2014-08-07 05:20 - 01732936 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/29/2014 05:11:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 474
Startzeit: 01cfc336aef67c7b
Endzeit: 0
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: 16d51970-2f2a-11e4-a2a3-dc0ea19a135d
Error: (08/29/2014 04:25:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Gabi-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (08/29/2014 04:25:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Gabi-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (08/29/2014 04:24:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/29/2014 04:17:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-3220686304-206382180-1288161846-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {d758659b-9bab-4b6c-9332-426e3262ecaf}
Error: (08/29/2014 04:15:58 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Gabi-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (08/29/2014 04:15:58 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Gabi-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (08/29/2014 04:14:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/29/2014 04:11:34 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Gabi-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (08/29/2014 04:11:34 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Gabi-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
System errors:
=============
Error: (08/29/2014 06:20:25 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "ESET Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/29/2014 04:53:08 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E151C35F-D4CF-4E7D-A7CF-D4380577DC42}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (08/29/2014 04:23:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
qmhgf
Error: (08/29/2014 04:13:47 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
qmhgf
Error: (08/29/2014 04:12:18 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst TuneUp Utilities Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (08/29/2014 04:09:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
qmhgf
Error: (08/29/2014 03:51:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
qmhgf
Error: (08/29/2014 03:31:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
qmhgf
Error: (08/28/2014 06:31:10 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E151C35F-D4CF-4E7D-A7CF-D4380577DC42}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (08/28/2014 05:38:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
qmhgf
Microsoft Office Sessions:
=========================
Error: (08/29/2014 05:11:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.1756747401cfc336aef67c7b0C:\Windows\explorer.exe16d51970-2f2a-11e4-a2a3-dc0ea19a135d
Error: (08/29/2014 04:25:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Gabi-PC)
Description:
Error: (08/29/2014 04:25:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Gabi-PC)
Description:
Error: (08/29/2014 04:24:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/29/2014 04:17:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-3220686304-206382180-1288161846-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {d758659b-9bab-4b6c-9332-426e3262ecaf}
Error: (08/29/2014 04:15:58 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Gabi-PC)
Description:
Error: (08/29/2014 04:15:58 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Gabi-PC)
Description:
Error: (08/29/2014 04:14:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/29/2014 04:11:34 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Gabi-PC)
Description:
Error: (08/29/2014 04:11:34 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Gabi-PC)
Description:
CodeIntegrity Errors:
===================================
Date: 2012-09-08 17:32:41.048
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Gabi\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-09-08 17:32:41.017
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Gabi\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-09-08 17:32:40.876
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-09-08 17:32:40.861
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 69%
Total physical RAM: 3947.86 MB
Available physical RAM: 1185.48 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 4694.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:277.99 GB) (Free:201.69 GB) NTFS
Drive d: (EPSON) (CDROM) (Total:0.22 GB) (Free:0 GB) CDFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:464.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 42F397A7)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=278 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 531C9FCC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
29.08.2014, 04:49
FRST 32-Bit | FRST 64-Bit
WARNUNG an die MITLESER: 
Linear-Darstellung
