Hallo Schrauber
es scheint wohl nix mehr mit meinem PC ok zu sein , habe mir die eset NOD32 ANTIVIRUS Software gekauft und mal alles mehrmals gründlich durch gescannt ! Sieht nicht gut aus :stirn:
Ich werde wohl nicht drum herum kommen die Festplatte zu Formatieren und Windows 8 neu zu Installieren. Nur hat eset mir schon angezeigt das der MBR beschädigt ist !
Da ja meine Festplatte in 2 Teile Partitioniert ist und auf Partion 2 das Windows Backup ist was ebenfalls schon verseucht ist kann ich nix mehr neu installieren was ich schon probiert habe.
Es wurde die alte Installation wieder hergestellt. Nun weiß ich mir auch keinen Rat mehr ?
Da scheint wohl einiges im Argen zu sein und nicht OHNE !!!
Was für Möglichkeiten bleiben noch um Sicher beide Partionen zu Löschen und wie ohne das was von dem Verseuchten Müll übrig bleibt ?
lieben Gruß cafee , bin für jede Hilfe jetzt schon Dankbar
Hallo Schrauber hier der FRXT.txt vom scan
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Jörg (administrator) on JÖRGI on 23-04-2014 11:28:35
Running from D:\Büro\Sicherheit
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-12-23] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\MountPoints2: {a5919ca4-84df-11e2-be70-806e6f6e6963} - "E:\setup.exe"
IFEO\chrome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
==================== Internet (Whitelisted) ====================
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKCU - DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL =
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default
FF NewTab: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.eset.com
FF Keyword.URL: https://www.google.com/search
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\searchplugins\findr.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerplus - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-12]
FF Extension: German Dictionary, extended for Austria - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\de-AT@dictionaries.addons.mozilla.org [2013-03-05]
FF Extension: LavaFox V2-Blue - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\djziggy@gmail.com [2014-01-29]
FF Extension: Freeven Pro 1.3 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com [2014-04-12]
FF Extension: British English Dictionary (Updated) - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\en-gb@flyingtophat.co.uk [2014-01-31]
FF Extension: United States English Spellchecker - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario Español Argentina - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-AR@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario de Español/México - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-MX@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario en Español para Venezuela - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-ve@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: LavaFox V2 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\info@djzig.com [2014-01-29]
FF Extension: Dizionario italiano - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\it-IT@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Brazilian Portuguese (Current Spelling) - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\pt-BR@dictionaries.addons.mozilla.org [2014-02-08]
FF Extension: Corretor para Português de Portugal - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\pt-PT@dictionaries.addons.mozilla.org [2014-04-05]
FF Extension: LavaFox V2-Purple - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\zigboom555@aol.com [2014-01-29]
FF Extension: LavaFox V2-Green - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\zigboom@ymail.com [2014-01-29]
FF Extension: Ghostery - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\firefox@ghostery.com.xpi [2013-11-27]
FF Extension: YouTube HTML5 Switch - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\jid0-coCUQ7NySNPcj72dA3557kKXGZU@jetpack.xpi [2013-03-13]
FF Extension: YouTube HD - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\jid0-HbNL9qqBkuuKRhJ9ncTonCky1HU@jetpack.xpi [2013-10-18]
FF Extension: Traditional Chinese (zh-TW) Language Pack - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2013-03-05]
FF Extension: Stylish - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-06-08]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2013-10-21]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-10-20]
FF Extension: Adblock Plus - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-23]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-22]
Chrome:
=======
CHR HomePage: hxxp://go.findrsearch.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Freeven Pro 1.3) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj [2014-04-12]
CHR Extension: (Google Docs) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (YouTube) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Mac OSX Font Rendering) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbokdhnlldmknaijpgikegjffnlpaamk [2013-03-02]
CHR Extension: (AdBlock) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-03-02]
CHR Extension: (Lone Tree) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2013-03-04]
CHR Extension: (No Name) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-03-02]
CHR Extension: (MediaPlayerplus) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-12]
CHR Extension: (No Name) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-03-16]
CHR Extension: (Gmail) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-03]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Jörg\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-08-14]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-11-08] (Ellora Assets Corp.)
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\JRG~1\AppData\Local\Temp\7zS1478\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
R3 camfilt2; C:\Windows\system32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-23 11:08 - 2014-04-23 11:08 - 00525886 _____ () C:\Users\Jörg\Desktop\bookmarks-2014-04-23.json
2014-04-23 06:44 - 2014-04-23 06:44 - 00000000 __SHD () C:\Recovery
2014-04-23 06:21 - 2014-04-23 06:37 - 00001677 _____ () C:\Windows\setupact.log
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagerr.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\ProgramData\ESET
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\Program Files\ESET
2014-04-21 07:51 - 2014-04-21 07:51 - 00444872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-19 17:54 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-19 17:54 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-19 17:54 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 17:54 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 17:54 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-19 17:54 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-19 17:54 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-19 17:54 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-19 17:54 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-19 17:54 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-19 17:54 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-19 17:54 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-19 17:54 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-19 17:54 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-19 17:52 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-19 17:52 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-19 17:52 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-19 17:52 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-19 17:52 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-19 17:52 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-19 17:52 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-19 17:52 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-19 17:52 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-19 17:52 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-19 17:52 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-19 17:52 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-19 17:52 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-19 17:52 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-19 17:52 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-19 17:52 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-19 17:52 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-19 17:52 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 17:52 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 17:52 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 17:51 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-19 17:51 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-19 17:51 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-19 17:51 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-19 17:44 - 2014-04-19 17:44 - 00000000 ____D () C:\Users\Jörg\AppData\Local\ESET
2014-04-19 07:57 - 2014-04-19 07:58 - 00029977 _____ () C:\Users\Jörg\Downloads\Addition.txt
2014-04-19 07:56 - 2014-04-23 11:28 - 00000000 ____D () C:\FRST
2014-04-19 07:56 - 2014-04-19 07:58 - 00044162 _____ () C:\Users\Jörg\Downloads\FRST.txt
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\DriverCure
2014-04-15 22:48 - 2014-04-15 23:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-04-15 22:36 - 2014-04-19 14:27 - 01001716 _____ () C:\Windows\PFRO.log
2014-04-12 16:54 - 2014-04-19 13:56 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-12 16:50 - 2014-04-13 01:47 - 00000000 ____D () C:\Users\Jörg\AppData\Local\Lollipop
==================== One Month Modified Files and Folders =======
2014-04-23 11:28 - 2014-04-19 07:56 - 00000000 ____D () C:\FRST
2014-04-23 11:24 - 2014-01-02 14:59 - 00000348 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-04-23 11:16 - 2013-03-02 14:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 11:08 - 2014-04-23 11:08 - 00525886 _____ () C:\Users\Jörg\Desktop\bookmarks-2014-04-23.json
2014-04-23 10:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-23 08:26 - 2013-03-02 12:28 - 01418546 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 08:24 - 2012-07-26 12:27 - 00752930 _____ () C:\Windows\system32\perfh007.dat
2014-04-23 08:24 - 2012-07-26 12:27 - 00156156 _____ () C:\Windows\system32\perfc007.dat
2014-04-23 08:24 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 07:51 - 2013-03-02 15:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-23 07:51 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 07:38 - 2012-07-26 07:26 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-04-23 06:44 - 2014-04-23 06:44 - 00000000 __SHD () C:\Recovery
2014-04-23 06:37 - 2014-04-23 06:21 - 00001677 _____ () C:\Windows\setupact.log
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagerr.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-22 20:10 - 2013-03-05 10:34 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\OpenCandy
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\ProgramData\ESET
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\Program Files\ESET
2014-04-21 18:13 - 2013-03-28 11:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-21 17:53 - 2013-10-27 13:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedTestAnalysis
2014-04-21 11:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-21 08:16 - 2013-03-02 14:00 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-21 08:03 - 2013-06-26 20:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 07:51 - 2014-04-21 07:51 - 00444872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-19 18:02 - 2013-03-02 12:29 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-19 18:02 - 2013-03-02 12:29 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-19 17:57 - 2013-09-10 09:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-19 17:55 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-19 17:44 - 2014-04-19 17:44 - 00000000 ____D () C:\Users\Jörg\AppData\Local\ESET
2014-04-19 17:15 - 2013-03-02 12:35 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2502406073-1232304317-553576181-1001
2014-04-19 15:08 - 2013-03-02 14:03 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-19 15:07 - 2014-02-14 15:02 - 00000000 ____D () C:\Program Files (x86)\Two Worlds Pinball
2014-04-19 15:01 - 2013-03-02 12:28 - 00000000 ____D () C:\Users\Jörg
2014-04-19 14:27 - 2014-04-15 22:36 - 01001716 _____ () C:\Windows\PFRO.log
2014-04-19 14:22 - 2013-03-02 14:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-19 13:59 - 2013-03-07 11:47 - 00000000 ____D () C:\Users\I-Net
2014-04-19 13:58 - 2013-12-15 05:11 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-04-19 13:58 - 2013-10-27 13:00 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 2013 Free
2014-04-19 13:58 - 2013-07-24 16:26 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\IrfanView
2014-04-19 13:58 - 2013-05-12 16:11 - 00000000 ____D () C:\ProgramData\TechSmith
2014-04-19 13:58 - 2013-04-27 13:56 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayLogic
2014-04-19 13:58 - 2013-04-01 10:28 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-19 13:58 - 2013-03-15 21:16 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\dvdcss
2014-04-19 13:58 - 2013-03-07 11:48 - 00000000 ___RD () C:\Users\I-Net\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-19 13:58 - 2013-03-07 11:48 - 00000000 ___RD () C:\Users\I-Net\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-19 13:58 - 2013-03-05 01:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-19 13:58 - 2013-03-04 21:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Nachschlagewerke
2014-04-19 13:58 - 2013-03-04 21:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autostart
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-19 13:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-19 13:58 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-04-19 13:58 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing
2014-04-19 13:56 - 2014-04-12 16:54 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-19 13:56 - 2013-05-12 16:11 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-04-19 13:56 - 2013-03-02 14:05 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-04-19 13:56 - 2013-03-02 14:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-19 13:56 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-19 13:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\registration
2014-04-19 13:50 - 2013-05-06 18:53 - 00000000 ____D () C:\ProgramData\Real
2014-04-19 13:49 - 2013-07-09 18:49 - 00000000 ____D () C:\Program Files\Java
2014-04-19 08:24 - 2013-03-05 20:01 - 00019697 _____ () C:\ProgramData\hpzinstall.log
2014-04-19 07:58 - 2014-04-19 07:57 - 00029977 _____ () C:\Users\Jörg\Downloads\Addition.txt
2014-04-19 07:58 - 2014-04-19 07:56 - 00044162 _____ () C:\Users\Jörg\Downloads\FRST.txt
2014-04-18 02:26 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-15 23:08 - 2014-04-15 22:48 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\DriverCure
2014-04-13 01:47 - 2014-04-12 16:50 - 00000000 ____D () C:\Users\Jörg\AppData\Local\Lollipop
2014-04-06 17:35 - 2013-05-30 16:15 - 00000000 ____D () C:\Users\Jörg\AppData\Local\CrashDumps
2014-04-03 11:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-31 23:18 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:51 - 2013-03-02 12:45 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-28 10:30 - 2013-08-16 18:43 - 00000000 ____D () C:\Users\Jörg\Downloads\Bilder
Some content of TEMP:
====================
C:\Users\Jörg\AppData\Local\Temp\InstHelper.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-17 12:45
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
--- --- ---
Addition.txtFRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01
Ran by Jörg at 2014-04-19 07:57:21
Running from C:\Users\Jörg\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AIO_CDB_ToolboxIni64 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Classic Shell (HKLM\...\{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}) (Version: 3.6.5 - IvoSoft)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
K-Lite Codec Pack 9.7.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.7.5 - )
Logitech Unifying-Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PeaZip 4.8.1 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Stellarium 0.12.0 (HKLM\...\Stellarium_is1) (Version: 0.12.0 - Stellarium team)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
==================== Restore Points =========================
13-04-2014 17:00:19 Windows-Sicherung
14-04-2014 15:46:39 Windows-Sicherung
15-04-2014 19:14:01 Removed Java 8 (64-bit)
==================== Hosts content: ==========================
2012-07-26 07:26 - 2014-04-06 19:33 - 00450639 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 0Scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 Gadgets And More
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {05CFA7CA-BF05-41AB-856F-44893CE0BA51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {09EC757E-839C-44BC-AA2C-D886E9D8884E} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2013-12-23] (RealNetworks, Inc.)
Task: {160ABBDF-40C9-46FD-8618-84BDB8C0C0EA} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {166C6F55-3CC8-4182-ACC5-E8A37B829A1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C0457F1-486E-4F5B-819F-8EC2D500BF34} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1F2602B0-D1C7-4967-858E-1846F7527E09} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {23C79B54-CCA0-4912-9391-BBAD10DB095A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {70D27CF5-CD25-4EB0-9FCA-64227D8996CB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {74096BB9-CE73-41BD-B2E0-2DFC9446D806} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C906787-F4A2-4645-950A-7561888C806D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {8367C11D-BAAB-40B6-A64C-B3F392EC5F9B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {8E7E0702-2851-4DC2-9484-321D3204C6A5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9541B63D-C604-475C-8255-746756404574} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {980D554F-9C0E-4CCC-960F-6CB2BBA9737C} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-09-20] ()
Task: {A35DB7B2-E473-40DB-A0DF-66554079B6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B48256EB-4050-49BF-B398-0C67868E274E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D6FEEA11-2D8D-48A0-897A-A7C02BEAAC63} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E872139C-651C-4CA8-931F-D780A5ED0D96} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {EAD45328-BB32-46DA-ACA5-D94691A229DE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F436C26F-358F-46DA-8933-A5B608DA948D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-05] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) =============
2013-03-02 15:00 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-04 21:06 - 2013-06-03 13:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-01-28 10:37 - 2014-01-28 10:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2013-03-02 13:57 - 2013-03-02 13:57 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-03-02 14:47 - 2012-08-09 12:55 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-03-02 14:47 - 2012-08-09 12:55 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-04-19 07:31 - 2014-04-19 07:31 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041802\algo.dll
2013-03-05 01:56 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-03-05 01:56 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-03-05 01:56 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-03-05 01:56 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-03-05 01:56 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2013-03-05 01:56 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2013-12-07 10:55 - 2013-12-07 10:55 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-18 00:19 - 2014-02-18 00:19 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/19/2014 07:54:37 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/19/2014 07:54:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/19/2014 06:45:22 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/19/2014 06:45:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/18/2014 09:10:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/18/2014 09:10:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/17/2014 01:06:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Error: (04/17/2014 01:06:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (04/17/2014 00:51:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/17/2014 00:51:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (04/19/2014 07:56:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (04/19/2014 07:56:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (04/19/2014 07:56:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (04/19/2014 07:54:37 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (04/19/2014 07:54:33 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe
Error: (04/19/2014 06:45:22 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (04/19/2014 06:45:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe
Error: (04/18/2014 09:10:17 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (04/18/2014 09:10:13 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe
Error: (04/17/2014 01:06:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Users\Jörg\Downloads\SoftonicDownloader_for_earthquake-3d.exe
Error: (04/17/2014 01:06:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Jörg\Downloads\SoftonicDownloader_fuer_paragon-partition-manager.exe
Error: (04/17/2014 00:51:37 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (04/17/2014 00:51:37 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe
CodeIntegrity Errors:
===================================
Date: 2013-03-27 21:18:36.379
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-27 21:18:12.566
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-27 21:02:16.637
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-27 20:46:14.027
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-27 18:40:53.134
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-27 18:24:09.056
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-27 10:23:04.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-27 09:29:59.001
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\JRG~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-03-27 08:43:44.819
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\JRG~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-03-27 08:18:18.577
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\JRG~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 4054.54 MB
Available physical RAM: 2769.3 MB
Total Pagefile: 8150.54 MB
Available Pagefile: 6758.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: (Win8) (Fixed) (Total:465.42 GB) (Free:337.48 GB) NTFS
Drive d: (WD-1) (Fixed) (Total:326.04 GB) (Free:24.7 GB) NTFS
Drive e: (FARCRY2) (CDROM) (Total:3.67 GB) (Free:0 GB) UDF
Drive f: (WD-2) (Fixed) (Total:436.08 GB) (Free:115.03 GB) NTFS
Drive g: (Neues Laufwerk) (Fixed) (Total:169.37 GB) (Free:169.05 GB) NTFS
Drive l: (Volume) (Fixed) (Total:931.51 GB) (Free:549.33 GB) NTFS
Drive n: () (Removable) (Total:7.42 GB) (Free:2.03 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9A96E11F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=436 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=326 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=169 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: D1278E23)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 8 (Size: 7 GB) (Disk ID: 4416DB50)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================ --- --- --- Zitat:
Zitat von schrauber
(Beitrag 1286269)
hi,
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
- Starte jetzt FRST.
- Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
- Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
- Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
| ist durchgeführt und gepostet die FRST.txt und die Addition.txt !
glg cafee |