Klar, war gerade dabei sie zu erstellen, Haken bei Addition hatte ich nicht gefunden.
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014
Ran by Zuhause (administrator) on JOSEF on 07-03-2014 00:13:15
Running from C:\Users\Zuhause\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\CxUtilSvc.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio3.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2898832 2012-10-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [5752480 2012-07-11] (Dell Inc.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-07-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [76912 2012-07-14] (cyberlink)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-2678785204-953685295-3651896319-1001\...\Run: [CAHeadless] - C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [835224 2011-09-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-2678785204-953685295-3651896319-1001\...\Run: [GoogleChromeAutoLaunch_ED3BB8BE190C073BCD8586521950B956] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464 2014-03-02] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\Zuhause\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {E74EB43D-3CE9-4310-879A-D304ADC15C10} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {E74EB43D-3CE9-4310-879A-D304ADC15C10} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - {E74EB43D-3CE9-4310-879A-D304ADC15C10} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: awesomehp
CHR DefaultSearchProvider: awesomehp
CHR DefaultSearchURL: hxxp://www.awesomehp.com/web/?type=ds&ts=1393328635&from=tugs&uid=WDCXWD10JPVT-75A1YT0_WXA1E42SXY16E42SXY16&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
CHR Extension: (Google Drive) - C:\Users\Zuhause\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-04]
CHR Extension: (YouTube) - C:\Users\Zuhause\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-04]
CHR Extension: (Google-Suche) - C:\Users\Zuhause\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-04]
CHR Extension: (Plus-HD-8.9) - C:\Users\Zuhause\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdhfjlpbianbchmhaiaekeceonnchalc [2014-02-28]
CHR Extension: (SavingsBull) - C:\Users\Zuhause\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\Zuhause\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Zuhause\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-04]
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx [2013-01-04]
CHR HKLM-x32\...\Chrome\Extension: [aaokmnpaoippoclepikifeegeknpopea] - C:\Program Files (x86)\ResultsAlpha\aaokmnpaoippoclepikifeegeknpopea.crx [2013-01-04]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Zuhause\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-25]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [236144 2012-07-14] (CyberLink)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2012-07-04] (Conexant Systems, Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-08-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [210432 2014-02-12] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S3 akshhl; C:\Windows\system32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
S3 aksusb; C:\Windows\system32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-10] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-08-01] (Intel Corporation)
S3 iscFlash; C:\Users\Zuhause\AppData\Local\Temp\7zSB4D9.tmp\iscflashx64.sys [58464 2012-07-12] (Insyde Software)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-03-05] (Malwarebytes Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46232 2013-12-17] (NetFilterSDK.com)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-07 00:07 - 2014-03-07 00:13 - 00018591 _____ () C:\Users\Zuhause\Desktop\FRST.txt
2014-03-07 00:01 - 2014-03-07 00:00 - 02156544 _____ (Farbar) C:\Users\Zuhause\Desktop\FRST64.exe
2014-03-07 00:00 - 2014-03-07 00:00 - 02156544 _____ (Farbar) C:\Users\Zuhause\Downloads\FRST64.exe
2014-03-06 23:40 - 2014-03-06 23:40 - 00001216 _____ () C:\Users\Zuhause\Desktop\JRT.txt
2014-03-06 23:35 - 2014-03-06 23:35 - 01037734 _____ (Thisisu) C:\Users\Zuhause\Downloads\JRT.exe
2014-03-06 23:35 - 2014-03-06 23:35 - 01037734 _____ (Thisisu) C:\Users\Zuhause\Desktop\JRT.exe
2014-03-06 23:35 - 2014-03-06 23:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-06 18:12 - 2014-03-06 18:13 - 00019295 _____ () C:\Users\Zuhause\Desktop\AdwCleaner[S0].txt
2014-03-06 18:10 - 2014-03-06 18:24 - 00000000 ____D () C:\AdwCleaner
2014-03-06 18:09 - 2014-03-06 18:08 - 01244192 _____ () C:\Users\Zuhause\Desktop\adwcleaner.exe
2014-03-06 18:08 - 2014-03-06 18:08 - 01244192 _____ () C:\Users\Zuhause\Downloads\adwcleaner.exe
2014-03-05 21:55 - 2014-03-05 21:55 - 00000000 ____D () C:\Users\Zuhause\AppData\Roaming\WinRAR
2014-03-05 21:54 - 2014-03-05 21:54 - 00000981 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-03-05 21:54 - 2014-03-05 21:54 - 00000000 ____D () C:\Users\Zuhause\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-05 21:53 - 2014-03-05 21:54 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-05 21:53 - 2014-03-05 21:53 - 02087616 _____ () C:\Users\Zuhause\Downloads\winrar-x64-501d.exe
2014-03-05 21:37 - 2014-03-05 21:37 - 00401744 _____ (Softonic ) C:\Users\Zuhause\Downloads\SoftonicDownloader_fuer_winzip.exe
2014-03-05 21:23 - 2014-03-05 21:23 - 01945892 _____ () C:\Users\Zuhause\Downloads\pl532en.rar
2014-03-05 19:55 - 2014-03-05 19:55 - 00001458 _____ () C:\Users\Zuhause\Desktop\mbar - Verknüpfung.lnk
2014-03-05 18:45 - 2014-03-05 19:24 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-05 18:45 - 2014-03-05 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 18:12 - 2014-03-05 19:56 - 00000000 ____D () C:\Users\Zuhause\Desktop\mbar
2014-03-05 18:12 - 2014-03-05 18:12 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 18:07 - 2014-03-05 18:06 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Zuhause\Desktop\mbar-1.07.0.1009.exe
2014-03-05 18:06 - 2014-03-05 18:06 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Zuhause\Downloads\mbar-1.07.0.1009.exe
2014-03-04 01:02 - 2014-03-04 01:02 - 00000000 ____D () C:\Program Files\SavingsBull
2014-03-02 14:46 - 2014-03-02 14:46 - 00003091 _____ () C:\Users\Zuhause\Desktop\Gmer.txt
2014-03-02 13:53 - 2014-03-02 13:52 - 00380416 _____ () C:\Users\Zuhause\Desktop\Gmer-19357.exe
2014-03-02 13:52 - 2014-03-02 13:52 - 00380416 _____ () C:\Users\Zuhause\Downloads\Gmer-19357.exe
2014-03-02 13:48 - 2014-03-07 00:13 - 00000000 ____D () C:\FRST
2014-03-02 13:41 - 2014-03-02 13:41 - 00000476 _____ () C:\Users\Zuhause\Desktop\defogger_disable.log
2014-03-02 13:41 - 2014-03-02 13:41 - 00000000 _____ () C:\Users\Zuhause\defogger_reenable
2014-03-01 12:01 - 2014-03-01 12:01 - 00050477 _____ () C:\Users\Zuhause\Desktop\Defogger.exe
2014-02-28 21:35 - 2014-03-04 16:58 - 00000000 ____D () C:\Program Files (x86)\SavingsBull
2014-02-28 15:04 - 2014-02-28 15:04 - 00000000 ____D () C:\Users\Zuhause\AppData\Local\Tuguu_SL
2014-02-28 15:03 - 2014-02-28 15:03 - 00000000 ____D () C:\Users\Zuhause\AppData\Local\cache
2014-02-28 15:03 - 2014-02-28 15:03 - 00000000 ____D () C:\Users\Zuhause\.android
2014-02-28 15:03 - 2014-02-28 15:03 - 00000000 _____ () C:\Users\Zuhause\daemonprocess.txt
2014-02-28 14:14 - 2014-03-07 00:13 - 56886643 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-02-28 14:14 - 2014-02-28 14:14 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-28 14:14 - 2014-02-28 14:14 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-28 14:14 - 2014-02-28 14:14 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-25 10:49 - 2014-02-25 10:49 - 00761664 _____ () C:\Windows\Minidump\022514-23265-01.dmp
2014-02-15 10:41 - 2014-02-15 10:41 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-15 10:41 - 2014-02-15 10:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-15 10:41 - 2014-02-15 10:41 - 00000000 ____D () C:\Program Files\iTunes
2014-02-15 10:41 - 2014-02-15 10:41 - 00000000 ____D () C:\Program Files\iPod
2014-02-15 10:41 - 2014-02-15 10:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-14 16:25 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 16:25 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 07:08 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 07:08 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 07:08 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 07:08 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-14 07:08 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 07:08 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 07:08 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 07:08 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 07:08 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 07:08 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 07:08 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 07:08 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 07:08 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-14 07:08 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 07:08 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 07:08 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 07:08 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 07:08 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-14 07:08 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-14 07:08 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-14 07:07 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 07:07 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 07:07 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-14 07:07 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-08 12:21 - 2014-02-08 12:21 - 00921224 _____ () C:\Windows\Minidump\020814-32140-01.dmp
==================== One Month Modified Files and Folders =======
2014-03-07 00:13 - 2014-03-07 00:07 - 00018591 _____ () C:\Users\Zuhause\Desktop\FRST.txt
2014-03-07 00:13 - 2014-03-02 13:48 - 00000000 ____D () C:\FRST
2014-03-07 00:13 - 2014-02-28 14:14 - 56886643 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-03-07 00:05 - 2012-12-14 14:56 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-03-07 00:00 - 2014-03-07 00:01 - 02156544 _____ (Farbar) C:\Users\Zuhause\Desktop\FRST64.exe
2014-03-07 00:00 - 2014-03-07 00:00 - 02156544 _____ (Farbar) C:\Users\Zuhause\Downloads\FRST64.exe
2014-03-07 00:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-06 23:58 - 2013-01-04 18:04 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-06 23:58 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-06 23:47 - 2013-01-04 18:04 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 23:40 - 2014-03-06 23:40 - 00001216 _____ () C:\Users\Zuhause\Desktop\JRT.txt
2014-03-06 23:35 - 2014-03-06 23:35 - 01037734 _____ (Thisisu) C:\Users\Zuhause\Downloads\JRT.exe
2014-03-06 23:35 - 2014-03-06 23:35 - 01037734 _____ (Thisisu) C:\Users\Zuhause\Desktop\JRT.exe
2014-03-06 23:35 - 2014-03-06 23:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-06 19:10 - 2013-01-04 17:07 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2678785204-953685295-3651896319-1001
2014-03-06 18:24 - 2014-03-06 18:10 - 00000000 ____D () C:\AdwCleaner
2014-03-06 18:14 - 2013-01-04 17:00 - 01876523 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 18:13 - 2014-03-06 18:12 - 00019295 _____ () C:\Users\Zuhause\Desktop\AdwCleaner[S0].txt
2014-03-06 18:08 - 2014-03-06 18:09 - 01244192 _____ () C:\Users\Zuhause\Desktop\adwcleaner.exe
2014-03-06 18:08 - 2014-03-06 18:08 - 01244192 _____ () C:\Users\Zuhause\Downloads\adwcleaner.exe
2014-03-06 18:04 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-05 22:41 - 2012-07-26 11:27 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-03-05 22:41 - 2012-07-26 11:27 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-03-05 22:41 - 2012-07-26 08:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-05 21:57 - 2013-01-04 20:33 - 00000000 ____D () C:\Users\Zuhause\Eigene Datei
2014-03-05 21:55 - 2014-03-05 21:55 - 00000000 ____D () C:\Users\Zuhause\AppData\Roaming\WinRAR
2014-03-05 21:54 - 2014-03-05 21:54 - 00000981 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-03-05 21:54 - 2014-03-05 21:54 - 00000000 ____D () C:\Users\Zuhause\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-05 21:54 - 2014-03-05 21:53 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-05 21:53 - 2014-03-05 21:53 - 02087616 _____ () C:\Users\Zuhause\Downloads\winrar-x64-501d.exe
2014-03-05 21:37 - 2014-03-05 21:37 - 00401744 _____ (Softonic ) C:\Users\Zuhause\Downloads\SoftonicDownloader_fuer_winzip.exe
2014-03-05 21:23 - 2014-03-05 21:23 - 01945892 _____ () C:\Users\Zuhause\Downloads\pl532en.rar
2014-03-05 19:56 - 2014-03-05 18:12 - 00000000 ____D () C:\Users\Zuhause\Desktop\mbar
2014-03-05 19:55 - 2014-03-05 19:55 - 00001458 _____ () C:\Users\Zuhause\Desktop\mbar - Verknüpfung.lnk
2014-03-05 19:24 - 2014-03-05 18:45 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-05 19:17 - 2012-12-14 07:34 - 00088918 _____ () C:\Windows\PFRO.log
2014-03-05 19:17 - 2012-07-26 09:18 - 00000000 ____D () C:\Windows\DigitalLocker
2014-03-05 19:17 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-05 18:45 - 2014-03-05 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 18:39 - 2012-12-14 14:53 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-05 18:22 - 2013-01-04 17:00 - 00000000 ____D () C:\Users\Zuhause
2014-03-05 18:12 - 2014-03-05 18:12 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 18:06 - 2014-03-05 18:07 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Zuhause\Desktop\mbar-1.07.0.1009.exe
2014-03-05 18:06 - 2014-03-05 18:06 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Zuhause\Downloads\mbar-1.07.0.1009.exe
2014-03-04 16:58 - 2014-02-28 21:35 - 00000000 ____D () C:\Program Files (x86)\SavingsBull
2014-03-04 01:02 - 2014-03-04 01:02 - 00000000 ____D () C:\Program Files\SavingsBull
2014-03-03 08:43 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-02 14:47 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-02 14:46 - 2014-03-02 14:46 - 00003091 _____ () C:\Users\Zuhause\Desktop\Gmer.txt
2014-03-02 13:52 - 2014-03-02 13:53 - 00380416 _____ () C:\Users\Zuhause\Desktop\Gmer-19357.exe
2014-03-02 13:52 - 2014-03-02 13:52 - 00380416 _____ () C:\Users\Zuhause\Downloads\Gmer-19357.exe
2014-03-02 13:41 - 2014-03-02 13:41 - 00000476 _____ () C:\Users\Zuhause\Desktop\defogger_disable.log
2014-03-02 13:41 - 2014-03-02 13:41 - 00000000 _____ () C:\Users\Zuhause\defogger_reenable
2014-03-01 12:01 - 2014-03-01 12:01 - 00050477 _____ () C:\Users\Zuhause\Desktop\Defogger.exe
2014-02-28 15:15 - 2013-01-04 17:01 - 00001440 _____ () C:\Users\Zuhause\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-28 15:13 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-02-28 15:04 - 2014-02-28 15:04 - 00000000 ____D () C:\Users\Zuhause\AppData\Local\Tuguu_SL
2014-02-28 15:03 - 2014-02-28 15:03 - 00000000 ____D () C:\Users\Zuhause\AppData\Local\cache
2014-02-28 15:03 - 2014-02-28 15:03 - 00000000 ____D () C:\Users\Zuhause\.android
2014-02-28 15:03 - 2014-02-28 15:03 - 00000000 _____ () C:\Users\Zuhause\daemonprocess.txt
2014-02-28 14:14 - 2014-02-28 14:14 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-28 14:14 - 2014-02-28 14:14 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-28 14:14 - 2014-02-28 14:14 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-25 11:07 - 2013-05-25 15:18 - 00000000 ____D () C:\Program Files\My Dell
2014-02-25 11:07 - 2012-12-14 14:48 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-25 10:49 - 2014-02-25 10:49 - 00761664 _____ () C:\Windows\Minidump\022514-23265-01.dmp
2014-02-25 10:49 - 2013-01-10 12:35 - 748420816 _____ () C:\Windows\MEMORY.DMP
2014-02-25 10:49 - 2013-01-10 12:35 - 00000000 ____D () C:\Windows\Minidump
2014-02-23 12:48 - 2013-01-31 21:41 - 00000000 ____D () C:\Users\Zuhause\AppData\Roaming\Homag Group
2014-02-21 07:06 - 2012-07-26 09:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-02-18 19:20 - 2013-01-09 18:06 - 00000287 _____ () C:\Users\Zuhause\AppData\Local\VersionChecker_14.xml
2014-02-17 23:03 - 2013-11-17 18:58 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2013-11-17 18:58 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 19:42 - 2013-01-04 18:04 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 19:42 - 2013-01-04 18:04 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 08:07 - 2013-07-24 18:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 08:03 - 2013-01-07 18:01 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 11:13 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-02-15 10:41 - 2014-02-15 10:41 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-15 10:41 - 2014-02-15 10:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-15 10:41 - 2014-02-15 10:41 - 00000000 ____D () C:\Program Files\iTunes
2014-02-15 10:41 - 2014-02-15 10:41 - 00000000 ____D () C:\Program Files\iPod
2014-02-15 10:41 - 2014-02-15 10:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-15 10:41 - 2013-08-24 06:09 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-15 10:38 - 2013-01-09 18:05 - 00000000 ____D () C:\ProgramData\Apple
2014-02-15 10:13 - 2013-01-04 20:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 19:54 - 2012-07-26 08:21 - 00027954 _____ () C:\Windows\setupact.log
2014-02-08 12:21 - 2014-02-08 12:21 - 00921224 _____ () C:\Windows\Minidump\020814-32140-01.dmp
Some content of TEMP:
====================
C:\Users\Zuhause\AppData\Local\Temp\APNSetup.exe
C:\Users\Zuhause\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Zuhause\AppData\Local\Temp\nsd83FB.exe
C:\Users\Zuhause\AppData\Local\Temp\nsi4F85.exe
C:\Users\Zuhause\AppData\Local\Temp\nsl568D.exe
C:\Users\Zuhause\AppData\Local\Temp\nsm68FD.exe
C:\Users\Zuhause\AppData\Local\Temp\nsp9403.exe
C:\Users\Zuhause\AppData\Local\Temp\nsuD392.exe
C:\Users\Zuhause\AppData\Local\Temp\nsv88F4.exe
C:\Users\Zuhause\AppData\Local\Temp\nsvCA86.exe
C:\Users\Zuhause\AppData\Local\Temp\Quarantine.exe
C:\Users\Zuhause\AppData\Local\Temp\SPSetup.exe
C:\Users\Zuhause\AppData\Local\Temp\SPStub.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 14:32
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-03-2014
Ran by Zuhause at 2014-03-07 00:13:36
Running from C:\Users\Zuhause\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 12.5.100.20719 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{0CD183F1-E511-0777-1C35-DC29235885C5}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-006A-76A7-A758B70C0A03}) (Version: 12.10.3.30 - APN, LLC) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcast (HKLM-x32\...\{A1A84C94-17E9-4B78-A113-1EA833675560}) (Version: 3.2.23.0 - Homag Group)
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0719.2149.37214 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0719.2149.37214 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0719.2149.37214 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0719.2149.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0719.2148.37214 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0719.2149.37214 - Advanced Micro Devices, Inc.) Hidden
CNC-Simulator v5.0.015f (HKLM-x32\...\CNCSim5_is1) (Version: 5.0.15.6 - WEEKE Bohrsysteme GmbH)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.40.0 - Conexant)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Touchpad (HKLM\...\Elantech) (Version: 11.3.2.5 - ELAN Microelectronic Corp.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LicenseServer (HKLM-x32\...\{F9EF2956-6648-48B8-8EE8-8102075E9EF2}) (Version: 2.2.3.0 - Homag Group)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NCWEEKE, M01, WEEKE BHX050_1 (HKLM-x32\...\{9C9EA7F2-3AE0-4990-82C1-B33999603C94}) (Version: 5.0.284.3 - Weeke Bohrsysteme GmbH)
OfficetoMachine (HKLM-x32\...\{1A5C06C1-67DF-4B76-B36E-B035F779FAF8}) (Version: 2.18.0.0 - Weeke)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.005 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RadioTotal Toolbar for IE (HKLM-x32\...\IECT3317483) (Version: 6.17.2.8 - RadioTotal)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
ResultsAlpha (HKLM\...\ResultsAlpha) (Version: 2013.11.20.232030 - ResultsAlpha)
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden
SavingsbullFilter (Version: 1.0.0.0 - SavingsBull Filter) Hidden <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SIM_Models3d, M01, WEEKE BHX050_1 (HKLM-x32\...\{6522D628-A3F0-4B27-BD23-75A317604E4C}) (Version: 1.0.29.0 - Weeke Bohrsysteme GmbH)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
TubeBox (HKLM-x32\...\{f4bae24f-62cf-49b2-9648-a3a3065611ca}) (Version: 4.4.0.0 - Freetec)
TubeBox (x32 Version: 4.4.0.0 - Freetec) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft)
Vectorworks interiorcad 2009 SP1 R1 F0 (HKLM-x32\...\Vectorworks interiorcad 2009 SP1 R1 F0) (Version: - )
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
woodAssembler v1.9.006d (HKLM-x32\...\WoodAsm1_is1) (Version: 1.9.6.4 - WEEKE Bohrsysteme GmbH)
woodVisio v1.0.017d (HKLM-x32\...\woodVis0_is1) (Version: 1.0.17.4 - WEEKE Bohrsysteme GmbH)
woodWOP DXF-Import (HKLM-x32\...\Bpp) (Version: - )
woodWOP6 (HKLM-x32\...\{BAD9F13D-48FF-4D10-B4D0-B1A8818873D0}) (Version: 6.1.44.0 - Homag Group)
WZ_DBE, M01, WEEKE BHX050_1 (HKLM-x32\...\{E78FC16E-6A73-41D5-8187-F5F37B89982A}) (Version: 2.12.50.0 - Homag Group AG)
==================== Restore Points =========================
16-02-2014 07:01:52 Windows Update
21-02-2014 10:36:05 Windows Modules Installer
25-02-2014 11:44:07 Uniblue SpeedUpMyPC installation
28-02-2014 14:18:51 Removed SavingsBull
05-03-2014 18:16:06 Malwarebytes Anti-Rootkit Restore Point
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {092D8CD4-9D72-400A-96F6-0B6753641ADE} - \Plus-HD-8.9-codedownloader No Task File
Task: {0FA0B480-05F3-482B-B147-6B5F16F685C9} - \Plus-HD-8.9-chromeinstaller No Task File
Task: {141D4292-5025-4E7A-8FB6-12BDFBC438B5} - System32\Tasks\AdobeAAMUpdater-1.0-Josef-Zuhause => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {246D3489-DD86-494B-8CDE-D85EECF48827} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {2E7AB9C7-40EE-462B-8C03-AFF720C7C39D} - \Plus-HD-8.9-enabler No Task File
Task: {4D6451C6-09C5-4539-A2C8-221B7B9351FD} - \HQ-Video-Profession-1.3-enabler No Task File
Task: {55458E0E-7441-4CD1-BDDB-4399D32F5ACC} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {6F464381-C81A-4451-95AE-3E52D8635133} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-08-01] (Intel)
Task: {74468EB7-E0AC-4F54-A26B-2E0CAE6AC30F} - \HQ-Video-Profession-1.3-firefoxinstaller No Task File
Task: {8D3AE4EE-5957-4972-AEE7-1D92984DB982} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {8F156983-C111-4682-AC63-512300753D26} - \Plus-HD-8.9-updater No Task File
Task: {9421408D-E240-4FD7-90BC-42A1FF9C94F8} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A7E83C00-81FD-415A-A385-307A238BA3E4} - \HQ-Video-Profession-1.3-codedownloader No Task File
Task: {B566C880-DD97-4F7A-BFC5-E4DCC2FFEF6F} - \Plus-HD-8.9-firefoxinstaller No Task File
Task: {BB58348B-2162-46AA-B6B2-DD0C19C9EF4E} - \HQ-Video-Profession-1.3-chromeinstaller No Task File
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C94F142D-81ED-44DE-BE74-A88052492393} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {E63DE6B6-DA04-4D72-87F3-01EED700B31F} - \HQ-Video-Profession-1.3-updater No Task File
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F389A83B-5A32-45F4-B421-1E98AB931A71} - \BackgroundContainer Startup Task No Task File
Task: {F62C72F0-867F-4852-92D8-A23175C94C65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-14 14:51 - 2012-04-25 03:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-02-12 14:16 - 2014-02-12 14:16 - 00210432 _____ () c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
2014-02-02 11:26 - 2014-02-02 11:26 - 00317952 _____ () c:\Program Files\SavingsbullFilter\ProtocolFilters.dll
2013-11-19 00:42 - 2013-11-19 00:42 - 00110080 _____ () c:\Program Files\SavingsbullFilter\nfapi.dll
2012-12-14 16:22 - 2012-07-25 21:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-12-14 14:44 - 2012-04-05 21:55 - 00164992 _____ () C:\Program Files\Conexant\SA3\MaxxAudioWrapper.dll
2012-07-20 04:47 - 2012-07-20 04:47 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-10-14 18:07 - 2013-11-22 00:22 - 00484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-04 08:49 - 2014-03-02 03:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2012-12-14 14:50 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 18:34 - 2012-06-08 18:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-03-04 08:49 - 2014-03-02 03:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 08:49 - 2014-03-02 03:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 08:49 - 2014-03-02 03:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 08:49 - 2014-03-02 03:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 08:49 - 2014-03-02 03:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-03-04 08:49 - 2014-03-02 03:35 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
2014-02-16 08:10 - 2014-02-16 08:10 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b1c5b85477b09ceb4fa27fdf6e37e617\PSIClient.ni.dll
2012-12-14 14:45 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-20 22:32 - 2013-11-21 22:00 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-02-22 04:05 - 2012-11-26 06:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-02-22 04:05 - 2012-11-26 06:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2014 11:44:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: devmonsrv.exe, Version: 2.5.0.244, Zeitstempel: 0x50220e70
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x15fc
Startzeit der fehlerhaften Anwendung: 0xdevmonsrv.exe0
Pfad der fehlerhaften Anwendung: devmonsrv.exe1
Pfad des fehlerhaften Moduls: devmonsrv.exe2
Berichtskennung: devmonsrv.exe3
Vollständiger Name des fehlerhaften Pakets: devmonsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devmonsrv.exe5
System errors:
=============
Error: (03/06/2014 11:58:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1243
Error: (03/06/2014 11:44:26 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/06/2014 11:43:56 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (03/06/2014 11:44:33 PM) (Source: Application Error)(User: )
Description: devmonsrv.exe2.5.0.24450220e70unknown0.0.0.000000000c00000050000000015fc01cf398bc7e07f22C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeunknowne249b10f-a580-11e3-becd-6036dd2b7eb4
CodeIntegrity Errors:
===================================
Date: 2013-04-16 21:56:32.463
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\MCWrp64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 8061.27 MB
Available physical RAM: 5610.66 MB
Total Pagefile: 16253.27 MB
Available Pagefile: 13478.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.41 GB) (Free:827.93 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:11.95 GB) (Free:0.28 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 8CB49295)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 7C781414)
Partition: GPT Partition Type.
==================== End Of Log ============================ |