LinkesAuge | 20.01.2014 19:41 | Ja ich konnte wieder ganz normal Windows starten.
Hier die Ergebnisse des Scans:
Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 04
Ran by Leinad at 2014-01-20 19:40:27
Running from C:\Users\Leinad\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
1.3M WebCam (x32 Version: 2.103.13.11 - ALi)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Digital Editions 2.0 (x32 Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 12 v.12.0.3 (x32 Version: 12.0.3 - Ashampoo GmbH & Co. KG)
Broadcom 802.11 Network Adapter (Version: 5.100.82.95 - Broadcom Corporation)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 15.4.13.1 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.03 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Crusader Kings II (x32 Version: - Paradox Development Studio)
DAEMON Tools Pro Advanced (x32 Version: - )
Driver Genius (x32 Version: 12.0 - )
Dropbox (HKCU Version: 1.6.16 - Dropbox, Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Ihr Firmenname) Hidden
Europa Universalis IV (x32 Version: - Paradox Development Studio)
Europa Universalis IV (x32 Version: - Paradox Interactive)
FTL version 1.03.3 (x32 Version: 1.03.3 - Subset Games)
Google Chrome (HKCU Version: 32.0.1700.76 - Google Inc.)
HD Tune Pro 5.00 (x32 Version: - EFD Software)
Hearts of Iron III (x32 Version: - Paradox Interactive)
HWiNFO64 Version 4.08 (Version: 4.08 - Martin Malík - REALiX)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (Version: 2.0 - AppWork GmbH)
JDownloader 2 (x32 Version: 2 - AppWork GmbH)
K-Lite Codec Pack 9.6.5 (64-bit) (Version: 9.6.5 - )
K-Lite Mega Codec Pack 9.6.5 (x32 Version: 9.6.5 - )
lightshot-4.4.2.10 (x32 Version: 4.4.2.10 - Skillbrains)
Macro Recorder 5.7.1 (x32 Version: 5.7.1 - Jitbit Software)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (x32 Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
NSU (x32 Version: 2.02.1030 - ZyXEL)
O&O Defrag Professional (Version: 16.0.139 - O&O Software GmbH)
OpenAL (x32 Version: - )
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime (x32 Version: 7.73.80.64 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
SABnzbd 0.7.11 (x32 Version: 0.7.11 - The SABnzbd Team)
Sins of a Solar Empire: Trinity (x32 Version: - )
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SopCast 3.5.0 (x32 Version: 3.5.0 - www.sopcast.com)
Spybot - Search & Destroy (x32 Version: 2.2.25 - Safer-Networking Ltd.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (Version: 16.0.2.0 - Synaptics Incorporated)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Tunngle beta (x32 Version: - Tunngle.net GmbH)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
31-12-2013 23:23:19 Windows Update
07-01-2014 17:05:33 Windows Update
14-01-2014 08:22:31 Windows Update
14-01-2014 12:47:04 Install Macro Express 3
14-01-2014 12:55:23 Recorder wird installiert
14-01-2014 15:48:30 Recorder wird entfernt
16-01-2014 02:00:13 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-01-20 18:46 - 00450671 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {100EAD7C-B020-4BA3-8A7C-B318D36B02FC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {6D12D26F-203E-4A32-8F72-EFBD17272670} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {75FF9CCB-97CE-437E-BFF9-A737EDEBA54E} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {7D96F7B9-248C-47C1-B498-16C8AEFB9413} - System32\Tasks\Windows Update Check - 0x1FE004EA => C:\ProgramData\Windows
Task: {7F977D1C-4214-44AE-92B6-A0099CDAD028} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {996A1C28-BC2C-4812-8C67-35CF2D24244B} - System32\Tasks\Google Updater and Installer => C:\Users\Leinad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {9B4D629E-0485-4355-AB7A-E3848ACAFE37} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {9DDF2013-45BF-4972-9D6B-78C704B5254D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-586411972-1826969491-2776955316-1001UA => C:\Users\Leinad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {BA4524C1-AC4E-412E-BEA6-34F68B6E22D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-586411972-1826969491-2776955316-1001Core => C:\Users\Leinad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {C1687034-753E-45EE-91E6-8FEDE7A97A21} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {F37A5E2E-A1BA-4845-8FC6-477D95844F2E} - System32\Tasks\update-S-1-5-21-586411972-1826969491-2776955316-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-586411972-1826969491-2776955316-1001Core.job => C:\Users\Leinad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-586411972-1826969491-2776955316-1001UA.job => C:\Users\Leinad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-586411972-1826969491-2776955316-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-14 16:33 - 2013-05-14 16:33 - 00002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro Advanced\MSIMG32.dll
2013-12-29 08:01 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-29 08:01 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-29 08:01 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-29 08:01 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-29 08:01 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-16 01:53 - 2014-01-11 11:28 - 00715544 _____ () C:\Users\Leinad\AppData\Local\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 01:53 - 2014-01-11 11:28 - 00100120 _____ () C:\Users\Leinad\AppData\Local\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 01:53 - 2014-01-11 11:29 - 04055320 _____ () C:\Users\Leinad\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 01:53 - 2014-01-11 11:29 - 00399640 _____ () C:\Users\Leinad\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 01:53 - 2014-01-11 11:28 - 01634584 _____ () C:\Users\Leinad\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/20/2014 05:25:11 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (01/20/2014 05:25:11 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/20/2014 05:25:11 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/20/2014 05:19:23 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (01/20/2014 03:49:56 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (01/20/2014 03:45:44 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (01/20/2014 03:29:41 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (01/20/2014 03:29:41 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/20/2014 03:29:41 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/20/2014 03:23:38 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
System errors:
=============
Error: (01/20/2014 06:53:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (01/20/2014 06:53:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (01/20/2014 06:53:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (01/20/2014 06:53:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (01/20/2014 06:53:19 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801
Error: (01/20/2014 06:53:19 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801
Error: (01/20/2014 05:19:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (01/20/2014 05:19:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (01/20/2014 05:19:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (01/20/2014 05:19:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Microsoft Office Sessions:
=========================
Error: (01/20/2014 05:25:11 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (01/20/2014 05:25:11 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/20/2014 05:25:11 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/20/2014 05:19:23 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2014 03:49:56 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2014 03:45:44 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2014 03:29:41 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (01/20/2014 03:29:41 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/20/2014 03:29:41 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/20/2014 03:23:38 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-12-30 11:05:22.132
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-30 11:05:22.131
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-30 11:05:22.129
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-30 11:05:22.112
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-30 11:05:22.110
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-30 11:05:22.109
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 19:00:32.823
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 19:00:32.821
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 19:00:32.820
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 18:35:55.769
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3958.71 MB
Available physical RAM: 2042.04 MB
Total Pagefile: 7915.6 MB
Available Pagefile: 5996.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:185.54 GB) NTFS
Drive f: (LEINADSTICK) (Removable) (Total:29.87 GB) (Free:29.86 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: A1350D26)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=699 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)
==================== End Of Log ============================ FRST.txt: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04
Ran by Leinad (administrator) on LEINLAP on 20-01-2014 19:39:40
Running from C:\Users\Leinad\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Users\Leinad\AppData\Local\Google\Chrome\Application\chrome.exe
(Skillbrains) C:\Users\Leinad\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShellHlp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Users\Leinad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leinad\AppData\Local\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Google Inc.) C:\Users\Leinad\AppData\Local\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Users\Leinad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leinad\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leinad\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-01] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13260944 2012-11-20] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe [3111456 2013-05-13] (Disc Soft Ltd)
HKCU\...\Run: [GoogleChromeAutoLaunch_7AD2AFED9D39E992AEB379F21168A69A] - C:\Users\Leinad\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)
HKCU\...\Run: [LightShot] - C:\Users\Leinad\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-09-27] ()
HKCU\...\Policies\Explorer: [NoViewContextMenu] 1
MountPoints2: {ebf7cddd-2aaf-11e3-9bb8-88ae1d985a3e} - F:\HTC_Sync_Manager_PC.exe
==================== Internet (Whitelisted) ====================
ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9A710BC4912ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1388288126&from=cor&uid=ST750LX003-1AC154_W200MS6CXXXXW200MS6C&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1388288126&from=cor&uid=ST750LX003-1AC154_W200MS6CXXXXW200MS6C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1388288126&from=cor&uid=ST750LX003-1AC154_W200MS6CXXXXW200MS6C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1388288126&from=cor&uid=ST750LX003-1AC154_W200MS6CXXXXW200MS6C&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1388288126&from=cor&uid=ST750LX003-1AC154_W200MS6CXXXXW200MS6C&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1388288126&from=cor&uid=ST750LX003-1AC154_W200MS6CXXXXW200MS6C&q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Leinad\AppData\Roaming\Mozilla\Firefox\Profiles\1vom9fni.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Leinad\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Leinad\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Leinad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR Extension: (Google Drive) - C:\Users\Leinad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-12]
CHR Extension: (Adblock Plus) - C:\Users\Leinad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-12]
CHR Extension: (JDownloader Integration for Google Chrome\u2122) - C:\Users\Leinad\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2013-12-12]
CHR Extension: (Two-Click JDownloader) - C:\Users\Leinad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljhooappahaeilmbekgcokgjjplambgo [2013-12-12]
CHR Extension: (Premiumize.me) - C:\Users\Leinad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm [2013-12-12]
CHR Extension: (Dark Horizon) - C:\Users\Leinad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjjeokpcnllmmbbipeaagmdpdpiadin [2013-12-12]
CHR Extension: (Google Wallet) - C:\Users\Leinad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [204288 2012-08-02] (Broadcom Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2552176 2012-09-14] (O&O Software GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH)
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-08-13] (DT Soft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32000 2013-07-12] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [190232 2010-08-05] (Windows (R) Win 7 DDK provider)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 athr; system32\DRIVERS\athrx.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-20 19:39 - 2014-01-20 19:40 - 00013809 _____ C:\Users\Leinad\Desktop\FRST.txt
2014-01-20 19:39 - 2014-01-20 16:33 - 02076672 _____ (Farbar) C:\Users\Leinad\Desktop\FRST64.exe
2014-01-20 18:46 - 2013-05-31 16:18 - 00000854 _____ C:\Windows\system32\Drivers\etc\hosts.20140120-184626.backup
2014-01-20 17:27 - 2014-01-20 17:30 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2014-01-20 16:46 - 2014-01-20 16:46 - 00000000 ____D C:\FRST
2014-01-15 22:58 - 2014-01-20 19:22 - 00000390 _____ C:\Windows\Tasks\update-sys.job
2014-01-15 22:58 - 2014-01-20 18:45 - 00000390 _____ C:\Windows\Tasks\update-S-1-5-21-586411972-1826969491-2776955316-1001.job
2014-01-15 22:58 - 2014-01-15 22:58 - 02727456 _____ (Skillbrains ) C:\Users\Leinad\Downloads\setup-lightshot.exe
2014-01-15 22:58 - 2014-01-15 22:58 - 00003286 _____ C:\Windows\System32\Tasks\update-sys
2014-01-15 22:58 - 2014-01-15 22:58 - 00003266 _____ C:\Windows\System32\Tasks\update-S-1-5-21-586411972-1826969491-2776955316-1001
2014-01-15 22:58 - 2014-01-15 22:58 - 00000443 _____ C:\Users\Leinad\AppData\Local\UserProducts.xml
2014-01-15 22:58 - 2014-01-15 22:58 - 00000003 _____ C:\Users\Leinad\AppData\Local\updater.log
2014-01-15 22:58 - 2014-01-15 22:58 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2014-01-15 22:58 - 2014-01-15 22:58 - 00000000 ____D C:\Users\Leinad\AppData\Local\Skillbrains
2014-01-15 22:58 - 2014-01-15 22:58 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2014-01-15 06:48 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 06:48 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 06:48 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 06:48 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 06:48 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 06:48 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 06:48 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 06:48 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 06:48 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 01:58 - 2014-01-18 17:19 - 00384013 _____ C:\Users\Leinad\Desktop\gge leinad und chef gold.mcr
2014-01-15 00:34 - 2014-01-15 00:43 - 00000039 _____ C:\Users\Leinad\Desktop\AP Übernahme.txt
2014-01-14 18:41 - 2014-01-14 18:43 - 00029452 _____ C:\Users\Leinad\Desktop\gge gold chrome.mcr
2014-01-14 16:43 - 2014-01-14 16:43 - 00029431 _____ C:\Users\Leinad\Desktop\gge gold.mcr
2014-01-14 14:14 - 2014-01-14 14:32 - 00000000 ____D C:\Program Files (x86)\MacroRecorder
2014-01-14 14:14 - 2014-01-14 14:14 - 00719360 _____ (Jitbit Software ) C:\Users\Leinad\Downloads\MacroRecorderSetup.exe
2014-01-14 14:14 - 2014-01-14 14:14 - 00001102 _____ C:\Users\Public\Desktop\Macro Recorder.lnk
2014-01-14 13:56 - 2014-01-14 14:03 - 00000000 ____D C:\Users\Leinad\Documents\Recorder
2014-01-14 13:56 - 2014-01-14 13:56 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Recorder
2014-01-14 13:54 - 2014-01-14 16:45 - 00000000 ____D C:\Users\Leinad\Downloads\mouseandkeyrec
2014-01-14 13:54 - 2014-01-14 13:54 - 03274843 _____ C:\Users\Leinad\Downloads\mouseandkeyrec.zip
2014-01-14 13:53 - 2014-01-14 13:52 - 00047438 _____ C:\Users\Leinad\Documents\macex_bak000.~mex
2014-01-14 13:48 - 2014-01-14 13:52 - 00047438 _____ C:\Users\Leinad\Documents\macex.mex
2014-01-14 13:47 - 2014-01-14 13:47 - 00000000 ____D C:\ProgramData\Insight Software Solutions
2014-01-14 13:46 - 2014-01-14 13:46 - 23310272 _____ C:\Users\Leinad\Downloads\macex3.exe
2014-01-14 13:44 - 2014-01-14 13:44 - 00000916 _____ C:\Users\Leinad\Desktop\GGE.lnk
2014-01-14 13:42 - 2014-01-14 13:46 - 00000000 ____D C:\Program Files (x86)\Ghost Control
2014-01-14 13:42 - 2014-01-14 13:44 - 00000000 ____D C:\Users\Leinad\Documents\Ghost Control
2014-01-14 13:42 - 2009-12-02 21:57 - 00000032 _____ C:\Windows\SysWOW64\comcnt.sys
2014-01-14 13:42 - 2008-04-14 05:41 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dx8vb.dll
2014-01-14 13:42 - 1998-06-26 00:00 - 00644400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-01-14 13:42 - 1998-06-24 00:00 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCT232.OCX
2014-01-14 13:42 - 1998-06-24 00:00 - 00115016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2014-01-14 13:41 - 2014-01-14 13:41 - 03373928 _____ (N.R.S. ) C:\Users\Leinad\Documents\ghostcontrol3.exe
2014-01-13 21:29 - 2014-01-14 22:30 - 00000019 _____ C:\Users\Leinad\Desktop\Samurai neue Nahrungs-AP.txt
2014-01-13 20:36 - 2014-01-14 22:58 - 00000058 _____ C:\Users\Leinad\Desktop\neue Samurai RSD.txt
2014-01-13 20:36 - 2014-01-13 21:31 - 00000039 _____ C:\Users\Leinad\Desktop\Neues Textdokument (2).txt
2014-01-13 00:20 - 2014-01-20 00:50 - 00001797 _____ C:\Users\Leinad\Desktop\Einheitenbericht.txt
2014-01-12 21:16 - 2014-01-12 23:21 - 00000107 _____ C:\Users\Leinad\Desktop\TS Samurai.txt
2014-01-12 18:18 - 2014-01-12 18:18 - 00002660 _____ C:\Users\Leinad\Desktop\146d2ab98747657b0aa1e08e46ad3786.rsdf
2014-01-11 23:02 - 2014-01-12 09:23 - 00001206 _____ C:\Users\Leinad\Desktop\sam.txt
2014-01-11 21:35 - 2014-01-11 22:19 - 00000017 _____ C:\Users\Leinad\Desktop\nahrungs aps.txt
2014-01-11 06:00 - 2014-01-11 06:30 - 00000175 _____ C:\Users\Leinad\Desktop\Leindörfer.txt
2014-01-09 20:34 - 2014-01-09 20:34 - 00000007 _____ C:\Users\Leinad\Desktop\neue AP.txt
2014-01-09 03:17 - 2014-01-09 03:17 - 00000807 _____ C:\Users\Leinad\Desktop\Tipp für RSD.txt
2014-01-09 02:25 - 2014-01-17 22:59 - 00000627 _____ C:\Users\Leinad\Desktop\winter ziele.txt
2014-01-04 22:49 - 2014-01-04 22:49 - 00000013 _____ C:\Users\Leinad\Desktop\alli kontakt.txt
2013-12-30 23:20 - 2013-12-30 23:22 - 00000000 ____D C:\Users\Leinad\Desktop\Uni
2013-12-30 22:10 - 2014-01-20 07:21 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Skype
2013-12-30 22:10 - 2013-12-30 22:10 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-30 22:10 - 2013-12-30 22:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-30 22:10 - 2013-12-30 22:10 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 16:30 - 2014-01-09 00:55 - 00001370 _____ C:\Users\Leinad\Desktop\ziele.txt
2013-12-30 07:47 - 2013-12-30 07:47 - 00000000 ____D C:\Users\Leinad\AppData\Local\Macromedia
2013-12-29 18:21 - 2013-12-29 18:21 - 00001127 _____ C:\Users\Leinad\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-29 18:20 - 2013-12-29 18:20 - 00001421 _____ C:\Users\Leinad\Desktop\Internet Explorer.lnk
2013-12-29 18:18 - 2013-12-29 18:19 - 00000000 ____D C:\Users\Leinad\AppData\Local\Mozilla
2013-12-29 18:18 - 2013-12-29 18:18 - 00283096 _____ (Mozilla) C:\Users\Leinad\Downloads\Firefox Setup Stub 26.0.exe
2013-12-29 18:18 - 2013-12-29 18:18 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-29 08:17 - 2013-12-29 08:17 - 01233962 _____ C:\Users\Leinad\Downloads\AdwCleaner (1).exe
2013-12-29 08:16 - 2013-12-29 08:16 - 01034531 _____ (Thisisu) C:\Users\Leinad\Downloads\JRT.exe
2013-12-29 08:07 - 2013-12-29 08:08 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Leinad\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-12-29 08:02 - 2013-12-29 08:02 - 00001442 _____ C:\Users\Leinad\Desktop\RootAlyzer.lnk
2013-12-29 08:01 - 2013-12-29 08:02 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-29 08:01 - 2013-12-29 08:01 - 01339719 _____ C:\Users\Leinad\Downloads\rootalyz-0.3.4.47.zip
2013-12-29 08:01 - 2013-12-29 08:01 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-29 08:01 - 2013-12-29 08:01 - 00000000 ____D C:\Users\Leinad\Downloads\rootalyz-0.3.4.47
2013-12-29 08:01 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-12-29 07:57 - 2013-12-29 08:00 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Leinad\Downloads\spybot-2.2.exe
2013-12-29 04:43 - 2013-12-29 05:01 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2013-12-29 04:43 - 2013-12-29 04:53 - 00000000 ____D C:\Program Files (x86)\JD Backup
2013-12-29 04:40 - 2013-12-29 04:40 - 00002086 _____ C:\Users\Leinad\Desktop\JDownloader 2.lnk
2013-12-29 04:40 - 2013-12-29 04:40 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2013-12-29 04:37 - 2014-01-20 04:42 - 00000000 ____D C:\Users\Leinad\AppData\Local\JDownloader v2.0
2013-12-29 04:35 - 2013-12-29 08:12 - 00000000 ____D C:\ProgramData\WPM
2013-12-29 04:34 - 2013-12-29 04:34 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\Leinad\Downloads\WebInstaller.exe
2013-12-29 04:34 - 2013-12-29 04:34 - 00077976 _____ (AppWork GmbH) C:\Users\Leinad\Downloads\WebInstallerJD2.exe
2013-12-29 03:51 - 2013-12-29 03:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-29 03:51 - 2013-12-29 03:50 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-29 03:51 - 2013-12-29 03:50 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-29 03:51 - 2013-12-29 03:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-28 16:13 - 2013-12-29 07:48 - 00000123 _____ C:\Users\Leinad\Desktop\Goodgame Empire Zeug.txt
2013-12-24 06:14 - 2013-12-24 06:14 - 00915368 _____ (Oracle Corporation) C:\Users\Leinad\Downloads\chromeinstall-7u45 (3).exe
2013-12-24 06:10 - 2013-12-24 06:10 - 00000000 ____D C:\2f1e1235fb3978355243e40a64e4da86
2013-12-24 06:09 - 2014-01-16 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-12-24 06:08 - 2013-12-24 06:08 - 00915368 _____ (Oracle Corporation) C:\Users\Leinad\Downloads\chromeinstall-7u45 (2).exe
2013-12-23 20:58 - 2013-12-23 20:58 - 00915368 _____ (Oracle Corporation) C:\Users\Leinad\Downloads\chromeinstall-7u45 (1).exe
==================== One Month Modified Files and Folders =======
2014-01-20 19:40 - 2014-01-20 19:39 - 00013809 _____ C:\Users\Leinad\Desktop\FRST.txt
2014-01-20 19:22 - 2014-01-15 22:58 - 00000390 _____ C:\Windows\Tasks\update-sys.job
2014-01-20 18:54 - 2012-12-28 23:36 - 01216072 _____ C:\Windows\WindowsUpdate.log
2014-01-20 18:49 - 2012-12-29 01:07 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-586411972-1826969491-2776955316-1001UA.job
2014-01-20 18:46 - 2012-12-29 02:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-20 18:45 - 2014-01-15 22:58 - 00000390 _____ C:\Windows\Tasks\update-S-1-5-21-586411972-1826969491-2776955316-1001.job
2014-01-20 18:24 - 2013-07-12 18:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-20 17:30 - 2014-01-20 17:27 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2014-01-20 17:25 - 2011-04-12 08:43 - 05315636 _____ C:\Windows\system32\perfh007.dat
2014-01-20 17:25 - 2011-04-12 08:43 - 01637634 _____ C:\Windows\system32\perfc007.dat
2014-01-20 17:25 - 2009-07-14 06:13 - 00007064 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 17:19 - 2013-07-13 11:01 - 00021052 _____ C:\Windows\setupact.log
2014-01-20 17:19 - 2012-12-29 01:55 - 00959370 _____ C:\Windows\system32\oodbs.lor
2014-01-20 17:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-20 17:10 - 2012-12-28 23:37 - 00000000 ___RD C:\Users\Leinad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-20 16:46 - 2014-01-20 16:46 - 00000000 ____D C:\FRST
2014-01-20 16:33 - 2014-01-20 19:39 - 02076672 _____ (Farbar) C:\Users\Leinad\Desktop\FRST64.exe
2014-01-20 15:45 - 2013-07-13 11:25 - 00286078 _____ C:\Windows\PFRO.log
2014-01-20 07:38 - 2012-12-29 01:09 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\vlc
2014-01-20 07:21 - 2013-12-30 22:10 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Skype
2014-01-20 04:42 - 2013-12-29 04:37 - 00000000 ____D C:\Users\Leinad\AppData\Local\JDownloader v2.0
2014-01-20 00:50 - 2014-01-13 00:20 - 00001797 _____ C:\Users\Leinad\Desktop\Einheitenbericht.txt
2014-01-19 21:49 - 2012-12-29 01:07 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-586411972-1826969491-2776955316-1001Core.job
2014-01-19 18:50 - 2013-06-19 10:12 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\TS3Client
2014-01-18 19:45 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-18 19:45 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-18 17:19 - 2014-01-15 01:58 - 00384013 _____ C:\Users\Leinad\Desktop\gge leinad und chef gold.mcr
2014-01-17 22:59 - 2014-01-09 02:25 - 00000627 _____ C:\Users\Leinad\Desktop\winter ziele.txt
2014-01-16 16:21 - 2009-07-14 05:45 - 02054608 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 03:04 - 2013-12-24 06:09 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 03:00 - 2012-12-13 09:31 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 22:58 - 2014-01-15 22:58 - 02727456 _____ (Skillbrains ) C:\Users\Leinad\Downloads\setup-lightshot.exe
2014-01-15 22:58 - 2014-01-15 22:58 - 00003286 _____ C:\Windows\System32\Tasks\update-sys
2014-01-15 22:58 - 2014-01-15 22:58 - 00003266 _____ C:\Windows\System32\Tasks\update-S-1-5-21-586411972-1826969491-2776955316-1001
2014-01-15 22:58 - 2014-01-15 22:58 - 00000443 _____ C:\Users\Leinad\AppData\Local\UserProducts.xml
2014-01-15 22:58 - 2014-01-15 22:58 - 00000003 _____ C:\Users\Leinad\AppData\Local\updater.log
2014-01-15 22:58 - 2014-01-15 22:58 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2014-01-15 22:58 - 2014-01-15 22:58 - 00000000 ____D C:\Users\Leinad\AppData\Local\Skillbrains
2014-01-15 22:58 - 2014-01-15 22:58 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2014-01-15 00:43 - 2014-01-15 00:34 - 00000039 _____ C:\Users\Leinad\Desktop\AP Übernahme.txt
2014-01-14 22:58 - 2014-01-13 20:36 - 00000058 _____ C:\Users\Leinad\Desktop\neue Samurai RSD.txt
2014-01-14 22:30 - 2014-01-13 21:29 - 00000019 _____ C:\Users\Leinad\Desktop\Samurai neue Nahrungs-AP.txt
2014-01-14 18:43 - 2014-01-14 18:41 - 00029452 _____ C:\Users\Leinad\Desktop\gge gold chrome.mcr
2014-01-14 16:45 - 2014-01-14 13:54 - 00000000 ____D C:\Users\Leinad\Downloads\mouseandkeyrec
2014-01-14 16:43 - 2014-01-14 16:43 - 00029431 _____ C:\Users\Leinad\Desktop\gge gold.mcr
2014-01-14 14:32 - 2014-01-14 14:14 - 00000000 ____D C:\Program Files (x86)\MacroRecorder
2014-01-14 14:14 - 2014-01-14 14:14 - 00719360 _____ (Jitbit Software ) C:\Users\Leinad\Downloads\MacroRecorderSetup.exe
2014-01-14 14:14 - 2014-01-14 14:14 - 00001102 _____ C:\Users\Public\Desktop\Macro Recorder.lnk
2014-01-14 14:03 - 2014-01-14 13:56 - 00000000 ____D C:\Users\Leinad\Documents\Recorder
2014-01-14 13:56 - 2014-01-14 13:56 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Recorder
2014-01-14 13:54 - 2014-01-14 13:54 - 03274843 _____ C:\Users\Leinad\Downloads\mouseandkeyrec.zip
2014-01-14 13:52 - 2014-01-14 13:53 - 00047438 _____ C:\Users\Leinad\Documents\macex_bak000.~mex
2014-01-14 13:52 - 2014-01-14 13:48 - 00047438 _____ C:\Users\Leinad\Documents\macex.mex
2014-01-14 13:47 - 2014-01-14 13:47 - 00000000 ____D C:\ProgramData\Insight Software Solutions
2014-01-14 13:46 - 2014-01-14 13:46 - 23310272 _____ C:\Users\Leinad\Downloads\macex3.exe
2014-01-14 13:46 - 2014-01-14 13:42 - 00000000 ____D C:\Program Files (x86)\Ghost Control
2014-01-14 13:44 - 2014-01-14 13:44 - 00000916 _____ C:\Users\Leinad\Desktop\GGE.lnk
2014-01-14 13:44 - 2014-01-14 13:42 - 00000000 ____D C:\Users\Leinad\Documents\Ghost Control
2014-01-14 13:41 - 2014-01-14 13:41 - 03373928 _____ (N.R.S. ) C:\Users\Leinad\Documents\ghostcontrol3.exe
2014-01-13 21:31 - 2014-01-13 20:36 - 00000039 _____ C:\Users\Leinad\Desktop\Neues Textdokument (2).txt
2014-01-12 23:21 - 2014-01-12 21:16 - 00000107 _____ C:\Users\Leinad\Desktop\TS Samurai.txt
2014-01-12 18:18 - 2014-01-12 18:18 - 00002660 _____ C:\Users\Leinad\Desktop\146d2ab98747657b0aa1e08e46ad3786.rsdf
2014-01-12 09:23 - 2014-01-11 23:02 - 00001206 _____ C:\Users\Leinad\Desktop\sam.txt
2014-01-11 22:19 - 2014-01-11 21:35 - 00000017 _____ C:\Users\Leinad\Desktop\nahrungs aps.txt
2014-01-11 06:30 - 2014-01-11 06:00 - 00000175 _____ C:\Users\Leinad\Desktop\Leindörfer.txt
2014-01-09 20:34 - 2014-01-09 20:34 - 00000007 _____ C:\Users\Leinad\Desktop\neue AP.txt
2014-01-09 03:32 - 2013-10-29 21:19 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-09 03:17 - 2014-01-09 03:17 - 00000807 _____ C:\Users\Leinad\Desktop\Tipp für RSD.txt
2014-01-09 00:55 - 2013-12-30 16:30 - 00001370 _____ C:\Users\Leinad\Desktop\ziele.txt
2014-01-05 01:06 - 2013-01-03 13:06 - 00000000 ____D C:\Users\Leinad\AppData\Local\Adobe
2014-01-04 22:49 - 2014-01-04 22:49 - 00000013 _____ C:\Users\Leinad\Desktop\alli kontakt.txt
2013-12-30 23:30 - 2013-11-13 16:53 - 00000000 ____D C:\Program Files (x86)\Space Rangers HD A War Apart
2013-12-30 23:29 - 2013-08-12 22:26 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\3909
2013-12-30 23:29 - 2013-01-01 21:59 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-30 23:25 - 2013-03-15 02:19 - 00000000 ____D C:\Users\Leinad\Documents\SimCity 4
2013-12-30 23:22 - 2013-12-30 23:20 - 00000000 ____D C:\Users\Leinad\Desktop\Uni
2013-12-30 22:28 - 2013-06-19 10:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-12-30 22:10 - 2013-12-30 22:10 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-30 22:10 - 2013-12-30 22:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-30 22:10 - 2013-12-30 22:10 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 07:51 - 2012-12-29 02:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-30 07:47 - 2013-12-30 07:47 - 00000000 ____D C:\Users\Leinad\AppData\Local\Macromedia
2013-12-29 18:21 - 2013-12-29 18:21 - 00001127 _____ C:\Users\Leinad\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-29 18:20 - 2013-12-29 18:20 - 00001421 _____ C:\Users\Leinad\Desktop\Internet Explorer.lnk
2013-12-29 18:19 - 2013-12-29 18:18 - 00000000 ____D C:\Users\Leinad\AppData\Local\Mozilla
2013-12-29 18:18 - 2013-12-29 18:18 - 00283096 _____ (Mozilla) C:\Users\Leinad\Downloads\Firefox Setup Stub 26.0.exe
2013-12-29 18:18 - 2013-12-29 18:18 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-29 18:18 - 2013-07-11 02:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 18:18 - 2012-12-29 02:33 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Mozilla
2013-12-29 12:16 - 2012-12-29 00:43 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-12-29 08:17 - 2013-12-29 08:17 - 01233962 _____ C:\Users\Leinad\Downloads\AdwCleaner (1).exe
2013-12-29 08:17 - 2013-07-13 11:32 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-29 08:17 - 2013-07-13 11:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-29 08:16 - 2013-12-29 08:16 - 01034531 _____ (Thisisu) C:\Users\Leinad\Downloads\JRT.exe
2013-12-29 08:12 - 2013-12-29 04:35 - 00000000 ____D C:\ProgramData\WPM
2013-12-29 08:11 - 2013-07-04 02:31 - 00001421 _____ C:\Users\Leinad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-29 08:08 - 2013-12-29 08:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Leinad\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-12-29 08:02 - 2013-12-29 08:02 - 00001442 _____ C:\Users\Leinad\Desktop\RootAlyzer.lnk
2013-12-29 08:02 - 2013-12-29 08:01 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-29 08:01 - 2013-12-29 08:01 - 01339719 _____ C:\Users\Leinad\Downloads\rootalyz-0.3.4.47.zip
2013-12-29 08:01 - 2013-12-29 08:01 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-29 08:01 - 2013-12-29 08:01 - 00000000 ____D C:\Users\Leinad\Downloads\rootalyz-0.3.4.47
2013-12-29 08:00 - 2013-12-29 07:57 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Leinad\Downloads\spybot-2.2.exe
2013-12-29 07:48 - 2013-12-28 16:13 - 00000123 _____ C:\Users\Leinad\Desktop\Goodgame Empire Zeug.txt
2013-12-29 05:01 - 2013-12-29 04:43 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2013-12-29 04:53 - 2013-12-29 04:43 - 00000000 ____D C:\Program Files (x86)\JD Backup
2013-12-29 04:40 - 2013-12-29 04:40 - 00002086 _____ C:\Users\Leinad\Desktop\JDownloader 2.lnk
2013-12-29 04:40 - 2013-12-29 04:40 - 00000000 ____D C:\Users\Leinad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2013-12-29 04:34 - 2013-12-29 04:34 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\Leinad\Downloads\WebInstaller.exe
2013-12-29 04:34 - 2013-12-29 04:34 - 00077976 _____ (AppWork GmbH) C:\Users\Leinad\Downloads\WebInstallerJD2.exe
2013-12-29 03:51 - 2013-10-29 21:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-29 03:50 - 2013-12-29 03:51 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-29 03:50 - 2013-12-29 03:51 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-29 03:50 - 2013-12-29 03:51 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-29 03:50 - 2013-12-29 03:51 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-29 03:48 - 2013-04-17 23:07 - 00000000 ____D C:\Games
2013-12-28 18:05 - 2012-12-29 00:42 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-24 06:14 - 2013-12-24 06:14 - 00915368 _____ (Oracle Corporation) C:\Users\Leinad\Downloads\chromeinstall-7u45 (3).exe
2013-12-24 06:10 - 2013-12-24 06:10 - 00000000 ____D C:\2f1e1235fb3978355243e40a64e4da86
2013-12-24 06:08 - 2013-12-24 06:08 - 00915368 _____ (Oracle Corporation) C:\Users\Leinad\Downloads\chromeinstall-7u45 (2).exe
2013-12-23 20:58 - 2013-12-23 20:58 - 00915368 _____ (Oracle Corporation) C:\Users\Leinad\Downloads\chromeinstall-7u45 (1).exe
2013-12-23 10:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 19:08
==================== End Of Log ============================ |