hey, sorry :)
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by Elisabeth (administrator) on 17-07-2013 18:34:19
Running from C:\Users\Elisabeth\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Dropbox, Inc.) C:\Users\Elisabeth\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10372368 2011-03-30] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2721576 2011-06-17] (ELAN Microelectronics Corp.)
HKCU\...\Run: [Google Update] - C:\Users\Elisabeth\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-05] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Elisabeth\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-03] (Facebook Inc.)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
MountPoints2: {8cf25002-3ba1-11e2-865a-dca97132a9c8} - G:\.\Autorun.exe AUTORUN=1
MountPoints2: {8cf25011-3ba1-11e2-865a-dca97132a9c8} - G:\.\Autorun.exe AUTORUN=1
HKLM-x32\...\Run: [RemoteControl10] - "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe" [87336 2010-09-20] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
Startup: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Elisabeth\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Elisabeth\AppData\Roaming\Mozilla\Firefox\Profiles\esk07l2n.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Elisabeth\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Elisabeth\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Elisabeth\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Elisabeth\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Extension: (Google Docs) - C:\Users\ELISAB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\ELISAB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\ELISAB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\ELISAB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\ELISAB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Gmail) - C:\Users\ELISAB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR StartMenuInternet: Google Chrome - "C:\Users\Elisabeth\AppData\Local\Google\Chrome\Application\chrome.exe"
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [329544 2012-03-26] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [330696 2010-11-18] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-29] (Avira Operations GmbH & Co. KG)
S3 MEMSWEEP2; C:\windows\system32\7C3C.tmp [6144 2009-06-18] (Sophos Plc)
S3 MEMSWEEP2; C:\windows\system32\7C3C.tmp [6144 2009-06-18] (Sophos Plc)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-21] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-21] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\FRST
2013-07-17 18:33 - 2013-07-17 18:33 - 01778209 _____ (Farbar) C:\Users\Elisabeth\Downloads\FRST64.exe
2013-07-17 18:06 - 2013-07-17 18:06 - 00029136 _____ C:\Users\Elisabeth\Downloads\AdwCleaner[S1].txt
2013-07-17 18:06 - 2013-07-17 18:06 - 00029136 _____ C:\Users\Elisabeth\Downloads\AdwCleaner[S1] (1).txt
2013-07-17 17:06 - 2013-07-17 17:06 - 00023651 _____ C:\Users\Elisabeth\Desktop\logfiles.odt
2013-07-17 17:00 - 2013-07-17 17:00 - 00011682 _____ C:\Users\Elisabeth\Desktop\JRT.txt
2013-07-17 16:51 - 2013-07-17 16:51 - 00000000 ____D C:\windows\ERUNT
2013-07-17 13:18 - 2013-07-17 13:20 - 00001080 _____ C:\AdwCleaner[S2].txt
2013-07-17 13:16 - 2013-07-17 13:16 - 00001019 _____ C:\AdwCleaner[R1].txt
2013-07-17 12:51 - 2013-07-17 12:53 - 00029136 _____ C:\AdwCleaner[S1].txt
2013-07-17 12:51 - 2013-07-17 12:53 - 00000300 _____ C:\windows\DeleteOnReboot.bat
2013-07-17 12:49 - 2013-07-17 17:02 - 00017551 _____ C:\Users\Elisabeth\Desktop\logdata.odt
2013-07-17 11:48 - 2013-07-17 12:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-17 11:47 - 2013-07-17 11:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 11:43 - 2013-07-17 11:43 - 00000000 ____D C:\Users\Elisabeth\Desktop\mbar-1.06.0.1004
2013-07-16 21:10 - 2013-07-16 21:10 - 00559035 _____ (Oleg N. Scherbakov) C:\Users\Elisabeth\Desktop\JRT.exe
2013-07-16 21:06 - 2013-07-16 21:06 - 00662345 _____ C:\Users\Elisabeth\Desktop\adwcleaner.exe
2013-07-16 21:01 - 2013-07-16 21:02 - 13399154 _____ C:\Users\Elisabeth\Desktop\mbar-1.06.0.1004.zip
2013-07-16 20:42 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\windows\system32\7C3C.tmp
2013-07-16 20:33 - 2013-07-16 20:33 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-07-16 20:33 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\windows\system32\2F90.tmp
2013-07-16 20:24 - 2013-07-16 20:25 - 01339288 _____ C:\Users\Elisabeth\Downloads\sar_15_sfx.exe
2013-07-16 20:24 - 2013-07-16 20:25 - 01339288 _____ C:\Users\Elisabeth\Downloads\sar_15_sfx (1).exe
2013-07-14 22:54 - 2013-07-16 13:16 - 00027499 _____ C:\Users\Elisabeth\Desktop\gedanken.odt
2013-07-13 00:18 - 2013-07-13 11:27 - 00015474 _____ C:\Users\Elisabeth\Desktop\letter.odt
2013-07-12 11:10 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-12 11:10 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-12 11:10 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-12 11:10 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-12 11:10 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-12 11:10 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-12 11:10 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-12 11:10 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-12 11:10 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-12 11:10 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-12 11:10 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-12 11:10 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-12 11:10 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-12 11:10 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-12 11:10 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-12 11:10 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-12 11:10 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-12 11:10 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-12 11:10 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-12 11:10 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-12 11:10 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-12 11:10 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-12 11:10 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-12 11:10 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 11:10 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-12 11:10 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-12 11:10 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-12 11:09 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-12 11:09 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-12 11:09 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-12 11:09 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-11 08:28 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-11 08:28 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-11 08:28 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-11 08:28 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-11 08:28 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-11 08:28 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-11 08:28 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 15:21 - 2013-07-10 15:21 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-07-09 22:28 - 2013-07-09 22:28 - 00015291 _____ C:\Users\Elisabeth\Desktop\Unbenannt 1.odt
2013-07-05 11:00 - 2013-07-05 11:00 - 00157696 _____ C:\Users\Elisabeth\Downloads\VIDEO_TS.VOB
2013-07-05 02:01 - 2013-07-05 02:01 - 00002245 _____ C:\Users\Elisabeth\Desktop\My Movie.wlmp
2013-07-05 00:11 - 2013-07-05 01:54 - 1638355166 _____ C:\Users\Elisabeth\Downloads\skydrive-2013-07-04.zip
2013-07-05 00:11 - 2013-07-05 00:55 - 564789248 _____ C:\Users\Elisabeth\Downloads\VTS_01_3.VOB
2013-07-04 22:23 - 2013-07-05 00:02 - 1073565696 _____ C:\Users\Elisabeth\Downloads\VTS_01_2.VOB
2013-07-04 19:53 - 2013-07-04 21:23 - 1073565696 _____ C:\Users\Elisabeth\Downloads\VTS_01_1.VOB
2013-07-04 17:59 - 2013-07-04 18:03 - 45166592 _____ C:\Users\Elisabeth\Downloads\VTS_01_0.VOB
2013-07-01 20:22 - 2013-07-01 20:22 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Macromedia
2013-06-30 23:42 - 2013-06-30 23:42 - 00069112 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-30 23:42 - 2013-06-30 23:42 - 00000620 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-06-30 23:42 - 2013-06-30 23:42 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Iminent
2013-06-30 23:39 - 2013-06-30 23:39 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Avira
2013-06-30 23:34 - 2013-06-30 23:34 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Apple Computer
2013-06-30 23:34 - 2013-06-30 23:34 - 00000000 ____D C:\Users\Guest\AppData\Local\Power2Go
2013-06-30 23:33 - 2013-06-30 23:33 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2013-06-30 23:33 - 2013-06-30 23:33 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2013-06-30 23:32 - 2013-06-30 23:33 - 00000000 ____D C:\Users\Guest
2013-06-30 23:32 - 2013-06-30 23:32 - 00000020 ___SH C:\Users\Guest\ntuser.ini
==================== One Month Modified Files and Folders =======
2013-07-17 18:34 - 2013-07-17 18:34 - 00000000 ____D C:\FRST
2013-07-17 18:33 - 2013-07-17 18:33 - 01778209 _____ (Farbar) C:\Users\Elisabeth\Downloads\FRST64.exe
2013-07-17 18:31 - 2012-06-26 21:09 - 00001116 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-17 18:14 - 2012-06-05 09:54 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001UA.job
2013-07-17 18:06 - 2013-07-17 18:06 - 00029136 _____ C:\Users\Elisabeth\Downloads\AdwCleaner[S1].txt
2013-07-17 18:06 - 2013-07-17 18:06 - 00029136 _____ C:\Users\Elisabeth\Downloads\AdwCleaner[S1] (1).txt
2013-07-17 18:03 - 2012-12-01 14:07 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-07-17 17:06 - 2013-07-17 17:06 - 00023651 _____ C:\Users\Elisabeth\Desktop\logfiles.odt
2013-07-17 17:02 - 2013-07-17 12:49 - 00017551 _____ C:\Users\Elisabeth\Desktop\logdata.odt
2013-07-17 17:00 - 2013-07-17 17:00 - 00011682 _____ C:\Users\Elisabeth\Desktop\JRT.txt
2013-07-17 16:51 - 2013-07-17 16:51 - 00000000 ____D C:\windows\ERUNT
2013-07-17 16:50 - 2012-08-03 18:45 - 00000944 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001UA.job
2013-07-17 16:49 - 2009-07-14 06:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-17 16:49 - 2009-07-14 06:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-17 16:47 - 2009-07-14 07:13 - 00726444 _____ C:\windows\system32\PerfStringBackup.INI
2013-07-17 16:43 - 2012-06-05 09:49 - 00000000 ____D C:\Users\ELISAB~1\AppData\Local\CrashDumps
2013-07-17 16:41 - 2012-10-02 20:37 - 00000000 ___RD C:\Users\Elisabeth\Dropbox
2013-07-17 16:41 - 2012-10-02 19:59 - 00000000 ____D C:\Users\Elisabeth\AppData\Roaming\Dropbox
2013-07-17 16:40 - 2013-01-22 14:18 - 00030038 _____ C:\windows\setupact.log
2013-07-17 16:40 - 2012-06-26 21:09 - 00001112 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-17 16:40 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-07-17 13:24 - 2011-09-13 22:06 - 01513052 _____ C:\windows\WindowsUpdate.log
2013-07-17 13:20 - 2013-07-17 13:18 - 00001080 _____ C:\AdwCleaner[S2].txt
2013-07-17 13:16 - 2013-07-17 13:16 - 00001019 _____ C:\AdwCleaner[R1].txt
2013-07-17 12:53 - 2013-07-17 12:51 - 00029136 _____ C:\AdwCleaner[S1].txt
2013-07-17 12:53 - 2013-07-17 12:51 - 00000300 _____ C:\windows\DeleteOnReboot.bat
2013-07-17 12:48 - 2013-07-17 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-17 11:47 - 2013-07-17 11:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 11:43 - 2013-07-17 11:43 - 00000000 ____D C:\Users\Elisabeth\Desktop\mbar-1.06.0.1004
2013-07-16 22:14 - 2012-06-05 09:54 - 00001084 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001Core.job
2013-07-16 21:10 - 2013-07-16 21:10 - 00559035 _____ (Oleg N. Scherbakov) C:\Users\Elisabeth\Desktop\JRT.exe
2013-07-16 21:06 - 2013-07-16 21:06 - 00662345 _____ C:\Users\Elisabeth\Desktop\adwcleaner.exe
2013-07-16 21:02 - 2013-07-16 21:01 - 13399154 _____ C:\Users\Elisabeth\Desktop\mbar-1.06.0.1004.zip
2013-07-16 20:33 - 2013-07-16 20:33 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-07-16 20:25 - 2013-07-16 20:24 - 01339288 _____ C:\Users\Elisabeth\Downloads\sar_15_sfx.exe
2013-07-16 20:25 - 2013-07-16 20:24 - 01339288 _____ C:\Users\Elisabeth\Downloads\sar_15_sfx (1).exe
2013-07-16 19:50 - 2012-08-03 18:45 - 00000922 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001Core.job
2013-07-16 13:16 - 2013-07-14 22:54 - 00027499 _____ C:\Users\Elisabeth\Desktop\gedanken.odt
2013-07-15 12:14 - 2013-02-04 17:35 - 00002024 _____ C:\windows\PFRO.log
2013-07-13 11:27 - 2013-07-13 00:18 - 00015474 _____ C:\Users\Elisabeth\Desktop\letter.odt
2013-07-13 10:26 - 2012-06-26 21:09 - 00004112 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 10:26 - 2012-06-26 21:09 - 00003860 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 22:09 - 2012-06-05 09:54 - 00004114 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001UA
2013-07-12 22:09 - 2012-06-05 09:54 - 00003718 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001Core
2013-07-12 11:27 - 2009-07-14 06:45 - 00304768 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-12 11:25 - 2013-03-15 14:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 11:25 - 2013-03-15 14:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 11:25 - 2011-09-13 21:48 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 11:25 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 11:25 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 15:21 - 2013-07-10 15:21 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-07-09 22:28 - 2013-07-09 22:28 - 00015291 _____ C:\Users\Elisabeth\Desktop\Unbenannt 1.odt
2013-07-09 14:15 - 2012-06-05 12:26 - 00000000 ____D C:\Users\Elisabeth\AppData\Roaming\Skype
2013-07-05 12:19 - 2013-01-19 02:39 - 00032768 ___SH C:\Users\Elisabeth\Thumbs.db
2013-07-05 11:00 - 2013-07-05 11:00 - 00157696 _____ C:\Users\Elisabeth\Downloads\VIDEO_TS.VOB
2013-07-05 02:01 - 2013-07-05 02:01 - 00002245 _____ C:\Users\Elisabeth\Desktop\My Movie.wlmp
2013-07-05 01:54 - 2013-07-05 00:11 - 1638355166 _____ C:\Users\Elisabeth\Downloads\skydrive-2013-07-04.zip
2013-07-05 00:55 - 2013-07-05 00:11 - 564789248 _____ C:\Users\Elisabeth\Downloads\VTS_01_3.VOB
2013-07-05 00:02 - 2013-07-04 22:23 - 1073565696 _____ C:\Users\Elisabeth\Downloads\VTS_01_2.VOB
2013-07-04 21:23 - 2013-07-04 19:53 - 1073565696 _____ C:\Users\Elisabeth\Downloads\VTS_01_1.VOB
2013-07-04 18:03 - 2013-07-04 17:59 - 45166592 _____ C:\Users\Elisabeth\Downloads\VTS_01_0.VOB
2013-07-04 15:45 - 2012-06-07 18:53 - 00000000 ____D C:\Users\Elisabeth\Documents\Wi e.V
2013-07-01 23:13 - 2013-05-07 14:51 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-07-01 21:29 - 2013-02-06 16:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 20:22 - 2013-07-01 20:22 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Macromedia
2013-06-30 23:42 - 2013-06-30 23:42 - 00069112 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-30 23:42 - 2013-06-30 23:42 - 00000620 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-06-30 23:42 - 2013-06-30 23:42 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Iminent
2013-06-30 23:39 - 2013-06-30 23:39 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Avira
2013-06-30 23:34 - 2013-06-30 23:34 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Apple Computer
2013-06-30 23:34 - 2013-06-30 23:34 - 00000000 ____D C:\Users\Guest\AppData\Local\Power2Go
2013-06-30 23:33 - 2013-06-30 23:33 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2013-06-30 23:33 - 2013-06-30 23:33 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2013-06-30 23:33 - 2013-06-30 23:32 - 00000000 ____D C:\Users\Guest
2013-06-30 23:32 - 2013-06-30 23:32 - 00000020 ___SH C:\Users\Guest\ntuser.ini
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-15 13:09
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2013 02
Ran by Elisabeth at 2013-07-17 18:36:15
Running from C:\Users\Elisabeth\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922)
„Windows Live Mail“ (x32 Version: 15.4.3502.0922)
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922)
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922)
µTorrent (x32 Version: 3.2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
Apple Application Support (x32 Version: 2.3)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 13.0.0.3882)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Build-a-lot (x32 Version: 2.2.0.82)
Chuzzle Deluxe (x32 Version: 2.2.0.82)
CyberLink Media Suite (x32 Version: 8.0.2227)
CyberLink Media+ Player10 (x32 Version: 10.0.1110.00)
CyberLink MediaShow (x32 Version: 5.0.1130a)
CyberLink Power2Go (x32 Version: 6.1.3802)
CyberLink PowerDirector (x32 Version: 8.0.3306)
CyberLink YouCam (x32 Version: 3.1.4417)
D3DX10 (x32 Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)
Dropbox (HKCU Version: 2.0.22)
eaner (Version: 3.19)
Easy File Share (x32 Version: 1.1.1699)
Easy Migration (x32 Version: 1.0)
Easy Settings (x32 Version: 1.1)
Easy Software Manager (x32 Version: 1.1.16.14)
Easy Support Center 1.0 (x32 Version: 1.1.36)
ETDWare PS/2-X64 10.0.7.2_WHQL (Version: 10.0.7.2)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Farm Frenzy (x32 Version: 2.2.0.82)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (HKCU Version: 28.0.1500.72)
Google Earth Plug-in (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.153)
Hotspot Shield 2.52 (x32 Version: 2.52)
Iminent (x32 Version: 6.25.21.0)
Insaniquarium Deluxe (x32 Version: 2.2.0.82)
Intel PROSet Wireless (x32)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2266)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (Version: 1.1.0.0157)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.1.0.0537)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.5.1001)
iTunes (Version: 10.6.3.25)
John Deere Drive Green (x32 Version: 2.2.0.82)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 18.0.1 (x86 en-US) (x32 Version: 18.0.1)
Mozilla Maintenance Service (x32 Version: 18.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
NVIDIA Display Control Panel (Version: 6.14.12.6883)
NVIDIA Graphics Driver 268.83 (Version: 268.83)
NVIDIA Install Application (Version: 2.265.42.0)
NVIDIA Optimus 1.0.23 (Version: 1.0.23)
NVIDIA Update Components (Version: 1.0.23)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
PDFCreator (x32 Version: 1.4.3)
Peggle (x32 Version: 2.2.0.82)
Penguins! (x32 Version: 2.2.0.82)
Plants vs. Zombies (x32 Version: 2.2.0.82)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Golfer (x32 Version: 2.2.0.82)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
QuickTime (x32 Version: 7.73.80.64)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.44.421.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6413)
Samsung Kies (x32 Version: 2.5.0.12114_1)
Samsung Recovery Solution 5 (x32 Version: 5.0.1.5)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Screenshot Captor 3.08.01 (x32)
Skype Click to Call (x32 Version: 6.9.12585)
Skype™ 6.3 (x32 Version: 6.3.107)
Software Launcher (x32 Version: 1.0.2)
Sophos Anti-Rootkit 1.5.0 (x32 Version: 1.5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
User Guide (x32 Version: 1.2)
Verbindungsassistent (x32 Version: 3.1)
WildTangent Games (x32 Version: 1.0.1.5)
WildTangent ORB Game Console (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Pošta (x32 Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 메일 (x32 Version: 15.4.3502.0922)
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922)
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 照片库 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3508.1109)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
==================== Restore Points =========================
09-07-2013 07:25:47 Windows Update
11-07-2013 21:38:10 Windows Update
12-07-2013 23:25:27 Windows Update
16-07-2013 11:28:11 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {040003E2-29D6-4436-8564-CF68F78DF48D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001UA => C:\Users\Elisabeth\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {0882678A-EFD8-4085-9534-91D8121F23E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {0D71A6F9-F64E-4457-BC94-2A3842D66752} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001Core => C:\Users\Elisabeth\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {1477CE17-E402-4DE3-9C80-2C8233CE7A97} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2011-08-08] (Samsung Electronics Co., Ltd.)
Task: {1DB57520-03A7-4D3F-8B05-4D511EB93E43} - System32\Tasks\SmartSetting => %programfiles(x86)%\Samsung\Easy Settings\SmartSetting.exe No File
Task: {2B0EDA0E-C6E1-457C-82A5-8D463E4D595B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001UA => C:\Users\Elisabeth\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-03] (Facebook Inc.)
Task: {37943192-86C8-4A0A-9E92-54F40D92B4E7} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)
Task: {679FB943-C8A0-4F74-9BD4-FEB09AEF5554} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001Core => C:\Users\Elisabeth\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-03] (Facebook Inc.)
Task: {68E24269-470E-4A72-BDAA-938A41BCA65E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {74335213-D215-4A4B-AE40-E3E03776AE3B} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-06-24] (SEC)
Task: {74A29C83-A49A-42FE-9593-0FDB9F4F5E1D} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe No File
Task: {85B40303-BD4A-4C74-A7F4-1ED3E2B32D31} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {877E2608-CA61-4223-8E87-CB6F29FE24D6} - System32\Tasks\MovieColorEnhancer => %programfiles(x86)%\Samsung\Easy Settings\MovieColorEnhancer.exe No File
Task: {9655EAFC-5E44-424F-80BE-E4C86198E3AF} - System32\Tasks\EasySpeedUpManager => %programfiles(x86)%\Samsung\Easy Settings\EasySpeedUpManager.exe No File
Task: {A62B4788-6403-4A65-9C25-22D21F00BD26} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {B0243A75-DFF8-4813-BA2A-0854E85EE37D} - System32\Tasks\SCCSpeedBoot => %programfiles(x86)%\Samsung\Easy Settings\SCCSpeedBoot.exe No File
Task: {C20D8AA3-1291-418E-87A0-510F99E2D263} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {C60F5381-CF58-4990-987A-A9CE879A4439} - System32\Tasks\EasyBatteryManager => %ProgramFiles(x86)%\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe No File
Task: {CD693684-FD1D-4823-9115-CE6AFD388F23} - System32\Tasks\Easy Software Manager Agent => %ProgramFiles(x86)%\Samsung\Easy Software Manager\SWMAgent.exe No File
Task: {FDFB215D-D035-435F-891D-78BF23F000F8} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe No File
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001Core.job => C:\Users\Elisabeth\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001UA.job => C:\Users\Elisabeth\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001Core.job => C:\Users\Elisabeth\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-172548596-2727891301-2952503750-1001UA.job => C:\Users\Elisabeth\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-07-16 22:06:15.075
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\7C3C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 22:06:14.935
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\7C3C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 21:57:17.592
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\7C3C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 21:57:17.436
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\7C3C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 20:42:21.809
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\7C3C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 20:42:21.672
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\7C3C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 20:37:08.186
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\2F90.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 20:37:08.042
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\2F90.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 20:34:04.334
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\2F90.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-16 20:34:04.188
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\2F90.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 77%
Total physical RAM: 1961.55 MB
Available physical RAM: 449.65 MB
Total Pagefile: 3923.09 MB
Available Pagefile: 1515.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:101 GB) (Free:38.41 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:176.25 GB) (Free:115.9 GB) NTFS (Disk=0 Partition=4)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4BE5CEE5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=101 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=176 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21 GB) - (Type=27)
==================== End Of Log ============================
LG, e.kay |
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
