Danke für die schnelle Hilfe!
Soll ich die Inhalte komplett hier rein kopieren oder die Dateien als Anhang hinzufügen? ... ich probiers mal so ;)
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by kry (administrator) on KRYSSY-PC on 19-11-2013 10:49:25
Running from C:\Users\kry\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIFCE.EXE
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2108200 2010-04-01] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [776608 2009-12-19] (Lenovo)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4367808 2009-12-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [6988736 2009-12-17] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [EPSON SX410 Series] - C:\Windows\Temp\E_S48CB.tmp [126 2010-09-13] ()
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKCU\...\Run: [iTunesHelper] - C:\Users\kry\AppData\Local\Temp\iTunesHelper.vbe [69558261 2013-11-01] () <===== ATTENTION
HKCU\...\CurrentVersion\Windows: [Load] C:\Users\kry\LOCALS~1\Temp\ccaqgbqq.com <===== ATTENTION
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167008 2009-12-22] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] - C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe [333416 2012-09-05] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] - C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe [215656 2012-08-14] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\RunOnce: [WLStart] - C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [WLStart] - C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\Thesis\...\Run: [EPSON SX410 Series] - C:\Users\Thesis\AppData\Local\Temp\E_S8C09.tmp [120 2013-08-28] ()
Startup: C:\Users\kry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe ()
Startup: C:\Users\kry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hiergehtslos.de
URLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
SearchScopes: HKCU - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
SearchScopes: HKCU - {ADA953E5-008E-4A25-AA00-9985529799F0} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=0CEA6643-A971-4AE9-97FF-76312243E848&apn_sauid=6A422439-A33A-451B-95CB-0DAB69449931
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20130806174321.dll (McAfee, Inc.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130806174323.dll (McAfee, Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\kry\AppData\Roaming\Mozilla\Firefox\Profiles\whl4sty8.default
FF user.js: detected! => C:\Users\kry\AppData\Roaming\Mozilla\Firefox\Profiles\whl4sty8.default\user.js
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.hiergehtslos.de
FF NetworkProxy: "type", 0
FF SearchEngineOrder.1: Ask.com
FF DefaultSearchEngine: Google
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\kry\AppData\Roaming\Mozilla\Firefox\Profiles\whl4sty8.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\kry\AppData\Roaming\Mozilla\Firefox\Profiles\whl4sty8.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: BargainJoy - C:\Users\kry\AppData\Roaming\Mozilla\Firefox\Profiles\whl4sty8.default\Extensions\{74fa6b20-2ae6-4584-a4fd-4ac734f8d210}
FF Extension: Coupons Malibu - C:\Users\kry\AppData\Roaming\Mozilla\Firefox\Profiles\whl4sty8.default\Extensions\{8850f748-e69b-42ff-a449-7ad3cf153bcc}
FF Extension: Adblock Plus - C:\Users\kry\AppData\Roaming\Mozilla\Firefox\Profiles\whl4sty8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: DealPly - C:\Users\kry\AppData\Roaming\Mozilla\Firefox\Profiles\whl4sty8.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\kry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Adobe Contribute CS5 ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (hxxp://www.google.de/) - C:\Users\kry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmnpnigemplngipnaifonpimcjhjcpaj\2012.3.26.35353_0
CHR Extension: (Logitech SetPoint) - C:\Users\kry\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0
CHR Extension: (hxxp://translate.google.de/) - C:\Users\kry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekoegieboinnegkaeedfajabaobgfffl\2013.2.17.56252_0
CHR Extension: (BargainJoy) - C:\Users\kry\AppData\Local\Google\Chrome\User Data\Default\Extensions\khongjfjjmklggionajlpjcpmnppdace\3.3.3.0_0
CHR Extension: (Skype Click to Call) - C:\Users\kry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Google Wallet) - C:\Users\kry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [132712 2012-09-05] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [201864 2013-08-06] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [210056 2012-08-14] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [170440 2013-08-06] (McAfee, Inc.)
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-16] (Lenovo)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160952 2013-08-06] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [274880 2013-08-06] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [665768 2013-08-06] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [101200 2013-08-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [303464 2013-08-06] (McAfee, Inc.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [215168 2010-03-18] (Vimicro Corporation)
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
U3 BcmSqlStartupSvc;
U2 IviRegMgr;
U2 RichVideo;
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [x]
U3 SQLWriter;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-19 10:49 - 2013-11-19 10:51 - 00023755 _____ C:\Users\kry\Desktop\FRST.txt
2013-11-19 10:49 - 2013-11-19 10:49 - 00000000 ____D C:\FRST
2013-11-19 10:47 - 2013-11-19 10:47 - 01957964 _____ (Farbar) C:\Users\kry\Desktop\FRST64.exe
2013-11-19 01:27 - 2013-11-19 01:27 - 00000000 ____D C:\Users\kry\AppData\Roaming\Malwarebytes
2013-11-19 01:27 - 2013-11-19 01:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-19 01:27 - 2013-11-19 01:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-19 01:27 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-11-19 01:21 - 2013-11-19 01:21 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kry\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-14 20:12 - 2013-11-14 20:12 - 162101600 _____ C:\Users\kry\Desktop\silvester.psd
2013-11-14 10:39 - 2013-11-14 10:39 - 409497707 _____ C:\windows\MEMORY.DMP
2013-11-14 10:39 - 2013-11-14 10:39 - 00553072 _____ C:\windows\Minidump\111413-19297-01.dmp
2013-11-14 10:39 - 2013-11-14 10:39 - 00000000 ____D C:\windows\Minidump
2013-11-13 23:07 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-13 23:07 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-13 23:07 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-13 23:07 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-13 23:07 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-13 23:07 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-13 23:07 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-13 23:07 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-13 23:07 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-13 23:07 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-13 23:07 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-13 23:07 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 23:06 - 2013-11-13 23:07 - 00004767 _____ C:\windows\IE11_main.log
2013-11-13 21:01 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-13 21:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-13 21:01 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 21:01 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-13 21:01 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-13 21:01 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 21:01 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-13 21:01 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-13 21:01 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-13 21:01 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-13 21:01 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-13 21:01 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-13 21:01 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-13 21:01 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-13 21:01 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-13 21:01 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-13 21:01 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-13 21:01 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-13 21:01 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-13 21:01 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-13 21:01 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-13 21:01 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-13 21:01 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-13 21:01 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-13 21:01 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-13 21:00 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-13 21:00 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-13 21:00 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-13 21:00 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-13 21:00 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-05 10:49 - 2013-11-05 10:49 - 00000000 ____D C:\Users\kry\Documents\Add-in Express
2013-10-29 23:06 - 2013-10-29 23:06 - 00096872 _____ (Spotify Ltd) C:\Users\kry\Downloads\SpotifySetup (3).exe
2013-10-28 13:01 - 2013-10-28 13:01 - 00096872 _____ (Spotify Ltd) C:\Users\kry\Downloads\SpotifySetup (2).exe
2013-10-25 10:05 - 2013-10-25 10:06 - 00096872 _____ (Spotify Ltd) C:\Users\kry\Downloads\SpotifySetup (1).exe
==================== One Month Modified Files and Folders =======
2013-11-19 10:51 - 2013-11-19 10:49 - 00023755 _____ C:\Users\kry\Desktop\FRST.txt
2013-11-19 10:49 - 2013-11-19 10:49 - 00000000 ____D C:\FRST
2013-11-19 10:47 - 2013-11-19 10:47 - 01957964 _____ (Farbar) C:\Users\kry\Desktop\FRST64.exe
2013-11-19 10:16 - 2011-04-19 10:01 - 00001104 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-19 09:36 - 2009-07-14 05:45 - 00013632 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-19 09:36 - 2009-07-14 05:45 - 00013632 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-19 09:35 - 2012-06-01 21:46 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{0A499C9A-4089-4FF5-A8B0-217EE01C8B58}
2013-11-19 09:29 - 2011-04-19 10:01 - 00001100 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-19 09:28 - 2010-07-23 09:12 - 00541236 _____ C:\windows\PFRO.log
2013-11-19 09:28 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-19 09:28 - 2009-07-14 05:51 - 00148523 _____ C:\windows\setupact.log
2013-11-19 09:27 - 2010-07-23 08:53 - 01843237 _____ C:\windows\WindowsUpdate.log
2013-11-19 09:25 - 2013-02-17 10:59 - 00000000 ____D C:\ProgramData\VisualBee
2013-11-19 01:27 - 2013-11-19 01:27 - 00000000 ____D C:\Users\kry\AppData\Roaming\Malwarebytes
2013-11-19 01:27 - 2013-11-19 01:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-19 01:27 - 2013-11-19 01:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-19 01:21 - 2013-11-19 01:21 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kry\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-19 01:21 - 2010-08-28 15:47 - 00000000 ____D C:\Users\kry\AppData\Roaming\Skype
2013-11-19 00:21 - 2010-07-23 00:36 - 00653986 _____ C:\windows\system32\perfh007.dat
2013-11-19 00:21 - 2010-07-23 00:36 - 00131652 _____ C:\windows\system32\perfc007.dat
2013-11-19 00:21 - 2009-07-14 06:13 - 01501272 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-19 00:18 - 2010-08-26 19:44 - 00000000 ___RD C:\Users\kry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-19 00:01 - 2011-07-28 13:21 - 00000000 ____D C:\Users\kry\Desktop\haare
2013-11-17 22:37 - 2010-08-30 18:59 - 00000000 ____D C:\Users\kry\AppData\Local\Adobe
2013-11-15 00:15 - 2013-04-04 09:36 - 00000000 ____D C:\Users\kry\Documents\food and life
2013-11-14 20:12 - 2013-11-14 20:12 - 162101600 _____ C:\Users\kry\Desktop\silvester.psd
2013-11-14 11:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2013-11-14 10:39 - 2013-11-14 10:39 - 409497707 _____ C:\windows\MEMORY.DMP
2013-11-14 10:39 - 2013-11-14 10:39 - 00553072 _____ C:\windows\Minidump\111413-19297-01.dmp
2013-11-14 10:39 - 2013-11-14 10:39 - 00000000 ____D C:\windows\Minidump
2013-11-14 10:28 - 2010-09-05 21:26 - 00000000 ____D C:\Users\kry\Documents\1 Uni
2013-11-13 23:07 - 2013-11-13 23:06 - 00004767 _____ C:\windows\IE11_main.log
2013-11-13 23:04 - 2013-08-04 12:19 - 00000000 ____D C:\windows\system32\MRT
2013-11-13 23:02 - 2010-10-24 09:51 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-05 10:50 - 2013-01-11 00:34 - 00000000 ____D C:\ProgramData\WinZip
2013-11-05 10:50 - 2010-08-26 19:43 - 00000000 ____D C:\Users\kry
2013-11-05 10:49 - 2013-11-05 10:49 - 00000000 ____D C:\Users\kry\Documents\Add-in Express
2013-11-05 10:48 - 2010-07-23 09:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-05 10:47 - 2013-01-20 13:31 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-04 10:59 - 2013-10-16 20:42 - 00000000 ____D C:\Users\kry\AppData\Roaming\Spotify
2013-11-02 22:04 - 2013-08-06 16:05 - 00000112 _____ C:\Users\kry\AppData\Roaming\WB.CFG
2013-11-02 22:04 - 2013-08-06 16:05 - 00000006 _____ C:\Users\kry\AppData\Roaming\WBPU-TTL.DAT
2013-10-30 17:48 - 2013-10-16 20:43 - 00000000 ____D C:\Users\kry\AppData\Local\Spotify
2013-10-29 23:06 - 2013-10-29 23:06 - 00096872 _____ (Spotify Ltd) C:\Users\kry\Downloads\SpotifySetup (3).exe
2013-10-29 00:46 - 2010-08-28 15:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-29 00:46 - 2010-08-28 15:46 - 00000000 ____D C:\ProgramData\Skype
2013-10-28 13:01 - 2013-10-28 13:01 - 00096872 _____ (Spotify Ltd) C:\Users\kry\Downloads\SpotifySetup (2).exe
2013-10-26 18:41 - 2011-12-17 20:00 - 00000000 ____D C:\Users\kry\Documents\interessante bilder
2013-10-25 10:06 - 2013-10-25 10:05 - 00096872 _____ (Spotify Ltd) C:\Users\kry\Downloads\SpotifySetup (1).exe
Files to move or delete:
====================
C:\Users\kry\AppData\Local\Temp\iTunesHelper.vbe
Some content of TEMP:
====================
C:\Users\kry\AppData\Local\Temp\APNStub.exe
C:\Users\kry\AppData\Local\Temp\DeleteVF.exe
C:\Users\kry\AppData\Local\Temp\DivXSetup.exe
C:\Users\kry\AppData\Local\Temp\FlashLock_v2.30.exe
C:\Users\kry\AppData\Local\Temp\GLF67CE.tmp.ConduitEngineSetup.exe
C:\Users\kry\AppData\Local\Temp\IcqUpdater.exe
C:\Users\kry\AppData\Local\Temp\InstallAX.exe
C:\Users\kry\AppData\Local\Temp\InstallPlugin.exe
C:\Users\kry\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\kry\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\kry\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\kry\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\kry\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\kry\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\kry\AppData\Local\Temp\LMkRstPt.exe
C:\Users\kry\AppData\Local\Temp\SendMsg.dll
C:\Users\kry\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\kry\AppData\Local\Temp\SkypeSetup.exe
C:\Users\kry\AppData\Local\Temp\tbVuz1.dll
C:\Users\kry\AppData\Local\Temp\uninstall.exe
C:\Users\kry\AppData\Local\Temp\Yontoo-C2.exe
C:\Users\kry\AppData\Local\Temp\_is298F.exe
C:\Users\kry\AppData\Local\Temp\_is5A3F.exe
C:\Users\kry\AppData\Local\Temp\_isCF11.exe
C:\Users\Thesis\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-11 13:55
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by kry at 2013-11-19 10:53:28
Running from C:\Users\kry\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee VirusScan Enterprise (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee VirusScan Enterprise Antispyware Module (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1395.4512)
Adobe AIR (x32 Version: 3.4.0.2540)
Adobe Creative Suite 5.5 Master Collection (x32 Version: 5.5)
Adobe Download Assistant (x32 Version: 1.2.2)
Adobe Flash Player 10 ActiveX (x32 Version: 10.2.152.26)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Ashampoo Burning Studio 2010 Advanced (x32 Version: 9.2.4)
Bonjour (Version: 2.0.5.0)
Broadcom 802.11 Wireless Driver (x32 Version: 1.0.0.0)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.111.0.62)
CyberLink YouCam (x32 Version: 3.0.2421a)
DivX-Setup (x32 Version: 2.4.1.4)
Energy Management (x32 Version: 5.4.0.8)
Epson Easy Photo Print 2 (x32 Version: 2.1.0.0)
EPSON Scan (x32)
Epson Stylus SX210_SX410_TX210_TX410 Handbuch (x32)
EPSON SX410 Series Printer Uninstall
eReg (x32 Version: 1.20.138.34)
Google Chrome (x32 Version: 31.0.1650.57)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google SketchUp 8 (x32 Version: 3.0.11762)
Google Update Helper (x32 Version: 1.3.21.165)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.5.6.1001)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
Junk Mail filter update (x32 Version: 14.0.8089.726)
Lenovo DirectShare (x32 Version: 1.0.1.38)
Lenovo EasyCamera (x32 Version: 1.10.0415.1)
Lenovo OneKey Recovery (Version: 7.0.1230)
Lenovo OneKey Recovery (x32 Version: 7.0.1230)
Lenovo ReadyComm 5 (x32 Version: 5.1.1.20)
Lenovo ReadyComm 5.0 Service (x32 Version: 5.0.0.1)
Logitech SetPoint 6.52 (Version: 6.52.74)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Agent (x32 Version: 4.6.0.2988)
McAfee VirusScan Enterprise (x32 Version: 8.8.02004)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox (3.6.25) (x32 Version: 3.6.25 (de))
MSVCRT (x32 Version: 14.0.1468.721)
NVIDIA Drivers (Version: 1.10.61.39)
Onekey Theater (x32 Version: 2.0.1.7)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF Settings CS5 (x32 Version: 10.0)
PxMergeModule (x32 Version: 1.00.0000)
QuickTime (x32 Version: 7.69.80.9)
Samsung Kies (x32 Version: 2.5.3.13052_10)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.24.0)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 6.9 (x32 Version: 6.9.106)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
Synaptics Pointing Device Driver (Version: 15.0.15.0)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)
VisualBee for Microsoft PowerPoint (HKCU Version: V3.6)
VLC media player 1.1.11 (x32 Version: 1.1.11)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8064.0206)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Messenger (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Writer (x32 Version: 14.0.8089.0726)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (Version: 10/19/2009 5.4.0.1)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:34 - 2011-05-26 18:36 - 00001085 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
==================== Scheduled Tasks (whitelisted) =============
Task: {35C7BAAE-59C8-4484-9F85-EE02DED55C06} - \DealPlyUpdate No Task File
Task: {4518700D-4115-46E8-9B06-833C9F4D7BDB} - System32\Tasks\{B40F39AF-C9F6-4661-B834-B2362CC96E27} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02] (Skype Technologies S.A.)
Task: {4D03B994-CEF7-4AEA-95F7-82366C67B0AA} - System32\Tasks\{39B9A80C-7DA9-4D1A-A41A-61896BD683F2} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {59756C97-3EE0-4968-B295-D362DA878DA3} - System32\Tasks\DSite => C:\Users\kry\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: {5D64F279-33C5-41EE-9F62-303CE7694354} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-19] (Google Inc.)
Task: {5E37FD28-A237-433A-8DBF-C46A92909AAC} - System32\Tasks\AdobeAAMUpdater-1.0-KRYSSY-PC-kry => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {740D4A9B-1A00-4946-B285-49F44CDDF23C} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {8A8B8932-A440-4F54-926B-B425E85C212C} - System32\Tasks\{34DEAA16-CDA3-4191-86FF-E8DAB16E84D7} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02] (Skype Technologies S.A.)
Task: {DDFCC395-B00B-477A-89E4-38932ED6D4A0} - System32\Tasks\DealPly => C:\Users\kry\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE
Task: {E060BE07-86CE-4584-9FC5-D43A30FD92ED} - System32\Tasks\{9BC226FC-2D4D-4668-B0EC-D7D76390159B} => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-09-13] (Microsoft Corporation)
Task: {E3A338F0-F023-4426-9CB5-B04D5034CEBF} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EA179A83-DE1E-4EF4-A868-0E387731831D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-19] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-07-23 09:37 - 2009-12-19 03:52 - 00201120 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-07-23 09:37 - 2009-12-19 03:53 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-23 09:49 - 2009-07-15 16:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2010-07-23 09:49 - 2009-07-15 16:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2007-04-18 19:30 - 2007-04-18 19:30 - 00393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2007-04-18 19:30 - 2007-04-18 19:30 - 00471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
2012-08-14 19:08 - 2012-08-14 19:08 - 00150328 _____ () C:\Program Files (x86)\McAfee\VirusScan Enterprise\WscAv.dll
2010-07-23 09:37 - 2009-12-19 03:50 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-07-23 09:37 - 2009-12-19 03:51 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2013-05-23 14:11 - 2013-05-23 14:11 - 00036352 _____ () C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
2013-05-23 14:12 - 2013-05-23 14:12 - 17163776 _____ () C:\Program Files (x86)\Samsung\Kies\Theme\Kies.Theme.dll
2013-05-23 14:11 - 2013-05-23 14:11 - 00564736 _____ () C:\Program Files (x86)\Samsung\Kies\Common\Kies.UI.dll
2013-05-23 09:15 - 2013-05-23 09:15 - 00023040 _____ () C:\Program Files (x86)\Samsung\Kies\MVVM\Kies.MVVM.dll
2013-05-22 19:34 - 2013-05-22 19:34 - 00057856 _____ () C:\Program Files (x86)\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2011-03-21 22:10 - 2011-03-21 22:10 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2010-07-23 09:06 - 2009-12-23 18:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-15 11:17 - 2013-11-14 12:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-15 11:17 - 2013-11-14 12:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-15 11:17 - 2013-11-14 12:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 11:17 - 2013-11-14 12:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 11:17 - 2013-11-14 12:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-11-15 11:17 - 2013-11-14 12:29 - 13582800 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\kry\Lokale Einstellungen:sUftlFdkUBl7GdyZZqf8B9ma
AlternateDataStreams: C:\Users\kry\AppData\Local:sUftlFdkUBl7GdyZZqf8B9ma
AlternateDataStreams: C:\Users\kry\AppData\Local\2o6xLsT9CI:uesNgnaYLp4t4mdPnxrxGwQItI
AlternateDataStreams: C:\Users\kry\AppData\Local\Anwendungsdaten:sUftlFdkUBl7GdyZZqf8B9ma
AlternateDataStreams: C:\Users\kry\AppData\Local\Temp:AtOutXwBn9up0r8juu3sK
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/18/2013 06:49:54 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (11/18/2013 05:03:39 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (11/14/2013 09:58:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DivXUpdate.exe, Version: 1.0.5.2, Zeitstempel: 0x4d87bea5
Name des fehlerhaften Moduls: netprofm.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bda75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000026ca
ID des fehlerhaften Prozesses: 0x1318
Startzeit der fehlerhaften Anwendung: 0xDivXUpdate.exe0
Pfad der fehlerhaften Anwendung: DivXUpdate.exe1
Pfad des fehlerhaften Moduls: DivXUpdate.exe2
Berichtskennung: DivXUpdate.exe3
Error: (11/14/2013 09:25:18 PM) (Source: McLogEvent) (User: NT-AUTORITÄT)
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.
The process will be terminated.
Thread id : 2532 (0x9e4)
Thread address : 0x000000007719132A
Thread message :
Build VSCORE.15.0.0.466 / 5600.1067
Object being scanned = \Device\HarddiskVolume2\Users\kry\AppData\Roaming\Skype\kryssyg1\main.db-journal
by C:\Program Files (x86)\Skype\Phone\Skype.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)
Error: (11/14/2013 11:44:46 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (11/13/2013 01:40:55 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Error: (11/11/2013 02:55:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (11/07/2013 02:09:01 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (11/06/2013 10:42:49 PM) (Source: Application Hang) (User: )
Description: Programm Skype.exe, Version 6.9.0.106 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e94
Startzeit: 01ceda059f691ea0
Endzeit: 410
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID: 5a774e71-472c-11e3-88d5-b74db364315c
Error: (11/05/2013 03:41:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (11/19/2013 10:55:29 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:54:49 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:54:08 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:53:25 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:52:43 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:52:02 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:51:21 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:50:39 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:49:57 AM) (Source: DCOM) (User: )
Description: localBenjamin
Error: (11/19/2013 10:49:14 AM) (Source: DCOM) (User: )
Description: localBenjamin
Microsoft Office Sessions:
=========================
Error: (11/18/2013 06:49:54 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (11/18/2013 05:03:39 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (11/14/2013 09:58:02 PM) (Source: Application Error)(User: )
Description: DivXUpdate.exe1.0.5.24d87bea5netprofm.dll6.1.7600.163854a5bda75c0000005000026ca131801cee11dded261fbC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\windows\System32\netprofm.dll72b464f6-4d6f-11e3-b308-994426ab0439
Error: (11/14/2013 09:25:18 PM) (Source: McLogEvent)(User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900002532 (0x9e4)0x000000007719132A
Build VSCORE.15.0.0.466 / 5600.1067
Object being scanned = \Device\HarddiskVolume2\Users\kry\AppData\Roaming\Skype\kryssyg1\main.db-journal
by C:\Program Files (x86)\Skype\Phone\Skype.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)
Error: (11/14/2013 11:44:46 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (11/13/2013 01:40:55 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Error: (11/11/2013 02:55:44 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (11/07/2013 02:09:01 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (11/06/2013 10:42:49 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.9.0.106e9401ceda059f691ea0410C:\Program Files (x86)\Skype\Phone\Skype.exe5a774e71-472c-11e3-88d5-b74db364315c
Error: (11/05/2013 03:41:41 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
==================== Memory info ===========================
Percentage of memory in use: 58%
Total physical RAM: 2998.85 MB
Available physical RAM: 1233.63 MB
Total Pagefile: 5995.88 MB
Available Pagefile: 2954.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:300.31 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.1 GB) NTFS
Drive g: () (Removable) (Total:3.8 GB) (Free:3.74 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 29EF9C86)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=422 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: C81A0496)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)
==================== End Of Log ============================ |