steffifei | 24.04.2014 09:44 | Hallo schrauber,
vielen Dank erstmal.
Hier FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014
Ran by Susanne (administrator) on SUSANNE-PC on 24-04-2014 09:33:56
Running from C:\Users\Susanne\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
() c:\programdata\setapp\ws_enabler\WS_Enabler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCtrlCntr.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcUxSys.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Google Inc.) C:\Users\Susanne\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Users\Susanne\AppData\Local\Context2pro\contextfr.exe
() C:\Users\Susanne\AppData\Local\Context2pro\conadvanced.exe
(Smartbar) C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Susanne\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Susanne\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] => C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [NvCplDaemon] => C:\windows\system32\NvCpl.dll [13834856 2010-02-10] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [997408 2010-11-30] (Microsoft Corporation)
HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-10-23] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [280576 2013-08-19] (Microsoft Corporation)
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [BrowserChoice] => C:\Windows\System32\browserchoice.exe [293376 2010-02-11] (Microsoft Corporation)
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [Google Update] => C:\Users\Susanne\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-13] (Google Inc.)
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [contextfr] => C:\Users\Susanne\AppData\Local\Context2pro\contextfr.exe [545792 2013-08-26] ()
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [conadvanced] => C:\Users\Susanne\AppData\Local\Context2pro\conadvanced.exe [573952 2013-08-26] ()
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [contextprod] => C:\Users\Susanne\AppData\Local\Context2pro\contextprod.exe [573952 2013-08-26] ()
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.exe [28192 2014-03-30] (Smartbar)
HKU\S-1-5-21-1072828290-3828818215-1948454868-1001\...\MountPoints2: F - explorer Cajasiete. Particulares
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Susanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwq9syl7jujY3NzKRCkOGQT5jprLNUZBdYwX7BkmMvbvDOi-YS61dvk7zyFtdTa80oRw03gNwBYUsEOfpqE6F993iqIZDF5b11Nw8SReQpUcIjWJM-jm1yxFtW6oiA9luRiG_44LTm9KGQdGns5FpcP4jlQ,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Awesomehp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwq9syl7jujY3NzKRCkOGQT5jprLNUZBdYwX7BkmMvbvDOi-YS61dvk7zyFtdTa80oRw03gNwBYUsEOfpqE6F993iqIZDF5b11Nw8SReQpUcIjWJM-jm1yxFtW6oiA9luRiG_44LTm9KGQdGns5FpcP4jlQ,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394745311&from=tugs&uid=TOSHIBAXMK5055GSX_30FOT0IUTXX30FOT0IUT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Awesomehp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Awesomehp
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394745311&from=tugs&uid=TOSHIBAXMK5055GSX_30FOT0IUTXX30FOT0IUT&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe Awesomehp
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwq9syl7jujY3NzKRCkOGQT5jprLNUZBdYwX7BkmMvbvDOi-YS61dvk7zyFtdTa80oRw03gNwBYUsEOfpqE6F993iqIZDF5b11Nw8SReQpUcIjWJM-jm1yxFtW6oiA9luRiG_44LTm9KGQdGns5FpcP4jlc,&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwq9syl7jujY3NzKRCkOGQT5jprLNUZBdYwX7BkmMvbvDOi-YS61dvk7zyFtdTa80oRw03gNwBYUsEOfpqE6F993iqIZDF5b11Nw8SReQpUcIjWJM-jm1yxFtW6oiA9luRiG_44LTm9KGQdGns5FpcP4jlc,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwq9syl7jujY3NzKRCkOGQT5jprLNUZBdYwX7BkmMvbvDOi-YS61dvk7zyFtdTa80oRw03gNwBYUsEOfpqE6F993iqIZDF5b11Nw8SReQpUcIjWJM-jm1yxFtW6oiA9luRiG_44LTm9KGQdGns5FpcP4jlQ,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwq9syl7jujY3NzKRCkOGQT5jprLNUZBdYwX7BkmMvbvDOi-YS61dvk7zyFtdTa80oRw03gNwBYUsEOfpqE6F993iqIZDF5b11Nw8SReQpUcIjWJM-jm1yxFtW6oiA9luRiG_44LTm9KGQdGns5FpcP4jlQ,&q={searchTerms}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: YoutubeAdblocker - {25184FC4-F48C-20D7-FD6D-66C62F40B83E} - C:\Program Files\YoutubeAdblocker\e.dll ()
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: SNT - {330A8976-BD57-2C13-68B6-0B452C20C521} - C:\Program Files\SNT\Y.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Susanne\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Susanne\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Susanne\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Susanne\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Susanne\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Susanne\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Susanne\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Susanne\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-23]
Chrome:
=======
CHR HomePage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwq9syl7jujY3NzKRCkOGQT5jprLNUZBdYwX7BkmMvbvDOi-YS61dvk7zyFtdTa80oRw03gNwBYUsEOfpqE6F993iqIZAEqgv3_XAxaMdXXybYhwESwfOLmTuR5ndl8yJ2gUaT2uNJ72Srlcfg3HpC3H6kI,
CHR StartupUrls: "hxxp://www.huffington.es/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.50826.0\npctrl.dll No File
CHR Extension: (IsaVer) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\akkegenpanbbfnmhohhigpnepnaejifb [2014-02-28]
CHR Extension: (Google Drive) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-16]
CHR Extension: (YouTube) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-16]
CHR Extension: (Google-Suche) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-16]
CHR Extension: (YoutubeAdblocker) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaohinamdlfoebdgmglnlpjfpcbgndng [2014-01-29]
CHR Extension: (RealDownloader) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-10-24]
CHR Extension: (SNT) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggohnhcflhgdejjfhajnepebipjkeap [2014-01-29]
CHR Extension: (webusaavE) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipldncddfmbnichllkdmohfkpmopfhnj [2014-01-29]
CHR Extension: (YYTBookMArK) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamellgohoeimjmgfhmfiadhledlcjjm [2014-01-29]
CHR Extension: (Zate.tv Stream) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\khoncmmfjdkoiamjpnhohoeanaefcdnj [2013-12-13]
CHR Extension: (Speed Check) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-13]
CHR Extension: (Google Wallet) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (TubeAdBlOcKer) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdflegidopffjclenmhdnllgnmfldoe [2014-02-10]
CHR Extension: (Quick Start) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-13]
CHR Extension: (Google Mail) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-16]
CHR Extension: (Push to Kindle) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnaiinchjaonopoejhknmgjingcnaloc [2014-01-29]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-09-09]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2010-11-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [206360 2010-11-11] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-03-13] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
R1 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [165264 2010-10-24] (Microsoft Corporation)
R3 MpNWMon; C:\windows\System32\DRIVERS\MpNWMon.sys [43392 2010-10-24] (Microsoft Corporation)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-24 09:33 - 2014-04-24 09:34 - 00025507 _____ () C:\Users\Susanne\Desktop\FRST.txt
2014-04-24 09:33 - 2014-04-24 09:33 - 00000000 ____D () C:\FRST
2014-04-24 09:31 - 2014-04-24 09:33 - 01048576 _____ (Farbar) C:\Users\Susanne\Desktop\FRST.exe
2014-04-24 06:59 - 2014-04-24 06:59 - 00000000 ____D () C:\Program Files\ESET
2014-04-24 06:58 - 2014-04-24 06:58 - 02347384 _____ (ESET) C:\Users\Susanne\Desktop\esetsmartinstaller_enu.exe
2014-04-23 17:57 - 2014-04-23 17:57 - 00000000 ____D () C:\Program Files\COuupExtensIon
2014-04-23 17:54 - 2014-04-23 17:55 - 00000000 ____D () C:\Program Files\MiniGet
2014-04-23 17:54 - 2014-04-23 17:54 - 00001688 _____ () C:\Users\Susanne\Desktop\Continue MiniGet Smart Downloader.lnk
2014-04-23 17:54 - 2014-04-23 17:54 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\MiniGet
2014-04-23 12:36 - 2014-04-23 18:26 - 00002606 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-04-23 12:35 - 2014-04-23 12:36 - 00000000 ____D () C:\Users\Susanne\AppData\Local\LPT
2014-04-23 12:35 - 2014-04-23 12:35 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Smartbar
2014-04-23 12:29 - 2014-04-23 12:29 - 00000000 ____D () C:\Users\Susanne\AppData\Local\RegistryDR
2014-04-23 12:24 - 2014-04-23 12:34 - 00000000 __SHD () C:\windows\system32\AI_RecycleBin
2014-04-23 12:24 - 2014-04-23 12:34 - 00000000 ____D () C:\Program Files\Registry Dr
2014-04-23 12:24 - 2014-04-23 12:29 - 00000000 ____D () C:\Users\Susanne\Documents\RegistryDr
2014-04-23 12:24 - 2014-04-23 12:24 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Context2pro
2014-04-23 12:21 - 2014-04-23 12:21 - 00351232 _____ () C:\Users\Susanne\Downloads\Fit Fuers Zertifikat Deutsch B1__3039_i590278821_il3648529.exe
2014-04-23 12:00 - 2014-04-23 12:36 - 00000000 ____D () C:\Users\Susanne\Desktop\Goethe Prüfung Niveau B1
2014-04-22 11:27 - 2014-04-23 18:01 - 00000384 _____ () C:\windows\Tasks\RNUpgradeHelperLogonPrompt_Susanne.job
2014-04-22 11:27 - 2014-04-23 11:28 - 00000374 _____ () C:\windows\Tasks\ReclaimerUpdateXML_Susanne.job
2014-04-22 11:27 - 2014-04-23 10:40 - 00000378 _____ () C:\windows\Tasks\ReclaimerUpdateFiles_Susanne.job
2014-04-10 17:55 - 2014-04-23 17:59 - 00000000 ____D () C:\ProgramData\COuupExtensIon
2014-04-10 17:25 - 2014-03-06 09:02 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-10 17:25 - 2014-03-06 08:40 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-10 17:24 - 2014-03-06 10:19 - 17387008 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-10 17:24 - 2014-03-06 09:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-10 17:24 - 2014-03-06 09:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-10 17:24 - 2014-03-06 09:02 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-10 17:24 - 2014-03-06 09:01 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-10 17:24 - 2014-03-06 08:47 - 02178048 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-10 17:24 - 2014-03-06 08:46 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-10 17:24 - 2014-03-06 08:46 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-10 17:24 - 2014-03-06 08:45 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-10 17:24 - 2014-03-06 08:38 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-10 17:24 - 2014-03-06 08:38 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-10 17:24 - 2014-03-06 08:36 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-10 17:24 - 2014-03-06 08:28 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-10 17:24 - 2014-03-06 08:22 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-10 17:24 - 2014-03-06 08:18 - 00575488 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-10 17:24 - 2014-03-06 08:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 17:24 - 2014-03-06 08:07 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-10 17:24 - 2014-03-06 08:01 - 00244224 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-10 17:24 - 2014-03-06 07:46 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-10 17:24 - 2014-03-06 07:40 - 01967104 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-10 17:24 - 2014-03-06 07:36 - 11745792 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-10 17:24 - 2014-03-06 06:43 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-10 17:24 - 2014-03-06 06:41 - 01789440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-10 17:24 - 2014-03-06 06:36 - 01143808 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-10 10:00 - 2014-02-04 03:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-10 10:00 - 2014-02-04 03:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-10 09:59 - 2014-02-04 03:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-10 09:59 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-10 09:59 - 2014-01-24 03:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-10 08:50 - 2014-03-04 10:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-08 12:33 - 2014-04-22 14:02 - 00000000 ____D () C:\Users\Susanne\Desktop\2.ESO Präsentationen_Mein Star
2014-04-01 15:44 - 2014-04-01 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-04-01 15:44 - 2014-04-01 15:44 - 00000000 ____D () C:\Program Files\McAfee Security Scan
==================== One Month Modified Files and Folders =======
2014-04-24 09:34 - 2014-04-24 09:33 - 00025507 _____ () C:\Users\Susanne\Desktop\FRST.txt
2014-04-24 09:33 - 2014-04-24 09:33 - 00000000 ____D () C:\FRST
2014-04-24 09:33 - 2014-04-24 09:31 - 01048576 _____ (Farbar) C:\Users\Susanne\Desktop\FRST.exe
2014-04-24 09:14 - 2009-12-05 00:54 - 01279353 _____ () C:\windows\WindowsUpdate.log
2014-04-24 08:45 - 2013-09-13 19:49 - 00001128 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072828290-3828818215-1948454868-1001UA.job
2014-04-24 08:36 - 2013-08-16 21:59 - 00001100 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-24 07:01 - 2013-08-16 22:04 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Dropbox
2014-04-24 06:59 - 2014-04-24 06:59 - 00000000 ____D () C:\Program Files\ESET
2014-04-24 06:58 - 2014-04-24 06:58 - 02347384 _____ (ESET) C:\Users\Susanne\Desktop\esetsmartinstaller_enu.exe
2014-04-24 06:50 - 2013-09-13 19:49 - 00001076 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072828290-3828818215-1948454868-1001Core.job
2014-04-23 18:26 - 2014-04-23 12:36 - 00002606 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-04-23 18:08 - 2009-07-14 05:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 18:08 - 2009-07-14 05:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 18:01 - 2014-04-22 11:27 - 00000384 _____ () C:\windows\Tasks\RNUpgradeHelperLogonPrompt_Susanne.job
2014-04-23 18:01 - 2013-08-16 22:08 - 00000000 ___RD () C:\Users\Susanne\Google Drive
2014-04-23 18:00 - 2013-08-16 22:05 - 00000000 ___RD () C:\Users\Susanne\Dropbox
2014-04-23 17:59 - 2014-04-10 17:55 - 00000000 ____D () C:\ProgramData\COuupExtensIon
2014-04-23 17:59 - 2014-03-17 10:42 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-04-23 17:59 - 2014-01-29 13:25 - 00000436 ____H () C:\windows\Tasks\WS_Enabler-S-815932687.job
2014-04-23 17:59 - 2013-08-16 21:59 - 00001096 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-23 17:59 - 2009-12-05 01:39 - 00804538 _____ () C:\windows\PFRO.log
2014-04-23 17:59 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-23 17:59 - 2009-07-14 05:39 - 00097095 _____ () C:\windows\setupact.log
2014-04-23 17:57 - 2014-04-23 17:57 - 00000000 ____D () C:\Program Files\COuupExtensIon
2014-04-23 17:57 - 2014-01-29 13:22 - 00000000 ____D () C:\ProgramData\e8f3e261327dbbef
2014-04-23 17:55 - 2014-04-23 17:54 - 00000000 ____D () C:\Program Files\MiniGet
2014-04-23 17:54 - 2014-04-23 17:54 - 00001688 _____ () C:\Users\Susanne\Desktop\Continue MiniGet Smart Downloader.lnk
2014-04-23 17:54 - 2014-04-23 17:54 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\MiniGet
2014-04-23 12:36 - 2014-04-23 12:35 - 00000000 ____D () C:\Users\Susanne\AppData\Local\LPT
2014-04-23 12:36 - 2014-04-23 12:00 - 00000000 ____D () C:\Users\Susanne\Desktop\Goethe Prüfung Niveau B1
2014-04-23 12:35 - 2014-04-23 12:35 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Smartbar
2014-04-23 12:34 - 2014-04-23 12:24 - 00000000 __SHD () C:\windows\system32\AI_RecycleBin
2014-04-23 12:34 - 2014-04-23 12:24 - 00000000 ____D () C:\Program Files\Registry Dr
2014-04-23 12:29 - 2014-04-23 12:29 - 00000000 ____D () C:\Users\Susanne\AppData\Local\RegistryDR
2014-04-23 12:29 - 2014-04-23 12:24 - 00000000 ____D () C:\Users\Susanne\Documents\RegistryDr
2014-04-23 12:24 - 2014-04-23 12:24 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Context2pro
2014-04-23 12:21 - 2014-04-23 12:21 - 00351232 _____ () C:\Users\Susanne\Downloads\Fit Fuers Zertifikat Deutsch B1__3039_i590278821_il3648529.exe
2014-04-23 11:28 - 2014-04-22 11:27 - 00000374 _____ () C:\windows\Tasks\ReclaimerUpdateXML_Susanne.job
2014-04-23 10:40 - 2014-04-22 11:27 - 00000378 _____ () C:\windows\Tasks\ReclaimerUpdateFiles_Susanne.job
2014-04-22 21:55 - 2013-09-09 20:46 - 00000000 ____D () C:\Users\Susanne\Documents\BitLord
2014-04-22 21:21 - 2013-12-04 20:43 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\vlc
2014-04-22 14:02 - 2014-04-08 12:33 - 00000000 ____D () C:\Users\Susanne\Desktop\2.ESO Präsentationen_Mein Star
2014-04-11 12:17 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2014-04-11 10:20 - 2009-07-26 21:06 - 01625304 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-10 20:10 - 2013-10-14 19:55 - 00000000 ____D () C:\Users\Susanne\Desktop\Barcelona
2014-04-10 17:33 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-04-10 17:27 - 2010-08-16 17:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 17:23 - 2013-08-17 21:10 - 00000000 ____D () C:\windows\system32\MRT
2014-04-10 17:21 - 2010-08-16 17:54 - 88028728 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 20:07 - 2013-08-21 23:05 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Spotify
2014-04-09 14:24 - 2013-08-21 23:05 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Spotify
2014-04-03 19:53 - 2013-09-09 20:47 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\BitLord
2014-04-01 15:44 - 2014-04-01 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-04-01 15:44 - 2014-04-01 15:44 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-01 15:44 - 2013-10-23 18:52 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 14:11 - 2013-09-13 19:34 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Skype
2014-03-29 12:07 - 2013-09-13 19:34 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-29 12:07 - 2013-09-13 19:34 - 00000000 ____D () C:\ProgramData\Skype
2014-03-29 12:07 - 2013-09-13 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-03-25 18:57 - 2014-01-29 13:25 - 00000000 ____D () C:\Program Files\WS_Enabler
Some content of TEMP:
====================
C:\Users\Susanne\AppData\Local\Temp\0_Offer_0.exe
C:\Users\Susanne\AppData\Local\Temp\1_Offer_5.exe
C:\Users\Susanne\AppData\Local\Temp\6_Offer_8.exe
C:\Users\Susanne\AppData\Local\Temp\BackupSetup.exe
C:\Users\Susanne\AppData\Local\Temp\BitLord_Installer.exe
C:\Users\Susanne\AppData\Local\Temp\dwrex3hx.dll
C:\Users\Susanne\AppData\Local\Temp\flxb60dt.dll
C:\Users\Susanne\AppData\Local\Temp\instract.exe
C:\Users\Susanne\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Susanne\AppData\Local\Temp\nsjDFC9.exe
C:\Users\Susanne\AppData\Local\Temp\nst397B.exe
C:\Users\Susanne\AppData\Local\Temp\nsu7382.exe
C:\Users\Susanne\AppData\Local\Temp\nsuE9C9.exe
C:\Users\Susanne\AppData\Local\Temp\nsz7C78.exe
C:\Users\Susanne\AppData\Local\Temp\ose00001.exe
C:\Users\Susanne\AppData\Local\Temp\Quarantine.exe
C:\Users\Susanne\AppData\Local\Temp\setup.exe
C:\Users\Susanne\AppData\Local\Temp\SPSetup.exe
C:\Users\Susanne\AppData\Local\Temp\stubhelper.dll
C:\Users\Susanne\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-22 08:56
==================== End Of Log ============================ --- --- ---
--- --- ---
Und hier Addition.txt:FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2014
Ran by Susanne at 2014-04-24 09:35:09
Running from C:\Users\Susanne\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Context2pro (HKCU\...\Context2pro) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Shopping Helper Smartbar (HKLM\...\{7DD65DA0-AD4F-4974-AAC6-5834DD7F6841}) (Version: 11.43.63.16271 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: - )
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
==================== Restore Points =========================
05-04-2014 10:21:23 Windows Update
09-04-2014 13:00:28 Windows Update
10-04-2014 12:04:19 Windows Update
22-04-2014 08:03:39 Geplanter Prüfpunkt
22-04-2014 09:13:47 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {004A88D4-57F3-48BC-B87D-E3CA9A1C014B} - System32\Tasks\ReclaimerUpdateXML_Susanne => C:\Users\Susanne\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-22] (RealNetworks, Inc.)
Task: {0125262C-427A-4DFE-BB7B-A01F82677284} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {0537A967-F1B2-4986-8C77-E876E77AEE6A} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {0B1D63B1-8020-4ED9-899C-1227659EF6E7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1072828290-3828818215-1948454868-1001UA => C:\Users\Susanne\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {0E804968-8C42-4A10-9676-FF8E6161FA41} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {1292EF91-5D47-4720-92A4-83ED64F1D588} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {152FADB1-CA94-4C7F-8FF0-797CD3406347} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {1F17BFD7-CFCD-4F08-9700-3A157E04441A} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {2734BFE7-F19C-4BAB-9930-7A9F57AD891B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1072828290-3828818215-1948454868-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2748628F-A9EB-4010-94C1-1DED464FA34B} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-10-26] (SAMSUNG Electronics)
Task: {2885835F-2069-4708-AB11-9641F10EF909} - System32\Tasks\RNUpgradeHelperLogonPrompt_Susanne => C:\Users\Susanne\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-22] (RealNetworks, Inc.)
Task: {2BEE9C2A-EAC7-4CC4-8026-1B7B32F55B48} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {3142F0D2-D8D2-47E5-A950-968DC82CE728} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {3608F143-4612-4D36-9F55-B87EEFA78145} - System32\Tasks\RNUpgradeHelperResumePrompt_Susanne => C:\Users\Susanne\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-22] (RealNetworks, Inc.)
Task: {3A1F41B2-F4DE-489A-8C74-3CF680CD23CF} - System32\Tasks\RegistryDr_Start => C:\Program Files\Registry Dr\RegistryDr.exe <==== ATTENTION
Task: {4A092CA2-D52D-49A9-8D3F-E203276EE36D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1072828290-3828818215-1948454868-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4ED817F4-E88E-45CB-A31D-D8766B290254} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1072828290-3828818215-1948454868-1001Core => C:\Users\Susanne\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {54B4EB12-C9AD-4107-9F1C-82AFAC511AA0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {55B8429E-9CFE-48D6-8ED7-764C198F79BF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1072828290-3828818215-1948454868-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8B7486F7-47DC-40B6-87A5-E1D1B99251F9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8F252B44-B869-44FA-BBAF-464F53BE1410} - System32\Tasks\RegistryDr_Popup => C:\Program Files\Registry Dr\Splash.exe <==== ATTENTION
Task: {AC3B69EF-47AE-46F1-A883-40FE86A03344} - System32\Tasks\WS_Enabler-S-815932687 => c:\programdata\setapp\ws_enabler\WS_Enabler.exe [2014-01-29] () <==== ATTENTION
Task: {B9C3EEC1-7EEF-417F-99BE-5A02F20F5879} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1072828290-3828818215-1948454868-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C5521848-C645-436A-9BCC-46ADB8A42C14} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-19] (Samsung Electronics. Co. Ltd.)
Task: {C7C152FF-FAA9-49B3-8CFD-6F062F3D8BA6} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {DF68D4C0-9E52-4F1B-9377-0FA4D952A6E6} - System32\Tasks\ReclaimerUpdateFiles_Susanne => C:\Users\Susanne\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-22] (RealNetworks, Inc.)
Task: {ECC38333-48C7-4154-96DF-63387FE6AA7B} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11] (Microsoft Corporation)
Task: {F12ACCC0-EA4A-408E-953C-8FC0F7C899AB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072828290-3828818215-1948454868-1001Core.job => C:\Users\Susanne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072828290-3828818215-1948454868-1001UA.job => C:\Users\Susanne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ReclaimerUpdateFiles_Susanne.job => C:\Users\Susanne\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe
Task: C:\windows\Tasks\ReclaimerUpdateXML_Susanne.job => C:\Users\Susanne\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe
Task: C:\windows\Tasks\RNUpgradeHelperLogonPrompt_Susanne.job => C:\Users\Susanne\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe
Task: C:\windows\Tasks\WS_Enabler-S-815932687.job => c:\programdata\setapp\ws_enabler\WS_Enabler.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2010-08-23 20:17 - 2001-10-28 16:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll
2013-09-10 11:11 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-10 11:11 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2009-12-05 01:00 - 2009-07-07 19:23 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2013-09-10 11:11 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-10 11:11 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-10 11:11 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-29 13:25 - 2014-01-29 13:25 - 00729600 _____ () c:\programdata\setapp\ws_enabler\WS_Enabler.exe
2009-12-05 01:05 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2009-06-03 12:59 - 2009-06-03 12:59 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-06-03 12:59 - 2009-06-03 12:59 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2013-08-16 22:47 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-03-05 23:31 - 2014-03-05 23:31 - 00184832 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\05b1246653cf7a6234399cca296b67f3\Kies.Common.DeviceServiceLib.Interface.ni.dll
2014-03-05 23:51 - 2014-03-05 23:51 - 17280000 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\46904b825f37228bdf89654adaf1c2be\Kies.Theme.ni.dll
2014-03-05 23:14 - 2014-03-05 23:14 - 01795072 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\1fc4f2ab76d5cb95a374ba8dab64b2c0\Kies.UI.ni.dll
2014-03-05 23:14 - 2014-03-05 23:14 - 00081920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\e57a4d0bd4ed8f757e11cbe32bb0f89c\Kies.MVVM.ni.dll
2014-03-05 23:51 - 2014-03-05 23:51 - 00236032 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\cffeb31975c17760187d713cf2d7934d\ASF_cSharpAPI.ni.dll
2013-08-26 22:10 - 2013-08-26 22:10 - 00545792 _____ () C:\Users\Susanne\AppData\Local\Context2pro\contextfr.exe
2013-08-26 22:10 - 2013-08-26 22:10 - 00573952 _____ () C:\Users\Susanne\AppData\Local\Context2pro\conadvanced.exe
2014-03-30 10:49 - 2014-03-30 10:49 - 00046624 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00068640 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\srau.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00165408 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 02283040 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00066592 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\spbl.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00154656 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00014368 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\siem.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00063520 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\sppsm.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00696864 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00014880 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00078880 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00027168 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00056864 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\srut.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00029216 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\srsbs.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00065568 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00030752 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\srom.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00030752 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\smtu.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00038944 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\smta.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00043552 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\srbu.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00024096 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\sgml.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00061472 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00024608 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\srpdm.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00043040 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-03-30 10:48 - 2014-03-30 10:48 - 00026656 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00035360 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00193056 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\sgmu.dll
2014-03-30 10:46 - 2014-03-30 10:46 - 00061440 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00255008 _____ () C:\Users\Susanne\AppData\Local\Smartbar\Application\srns.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Susanne\AppData\Roaming\Dropbox\bin\libcef.dll
2014-04-23 18:00 - 2014-04-23 18:00 - 00098816 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32api.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00110080 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\pywintypes27.dll
2014-04-23 18:00 - 2014-04-23 18:00 - 00364544 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\pythoncom27.dll
2014-04-23 18:00 - 2014-04-23 18:00 - 00044032 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\_socket.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 01153024 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\_ssl.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00320512 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32com.shell.shell.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00711680 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\_hashlib.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 01175040 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\wx._core_.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00805888 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\wx._gdi_.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00811008 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\wx._windows_.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 01062400 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\wx._controls_.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00735232 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\wx._misc_.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00128512 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\_elementtree.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00127488 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\pyexpat.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00557056 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\pysqlite2._sqlite.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00087040 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\_ctypes.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00119808 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32file.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00108544 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32security.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00018432 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32event.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00038912 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32inet.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00122368 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\wx._wizard.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00026624 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\_multiprocessing.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00070656 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\wx._html2.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00010240 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\select.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00686080 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\unicodedata.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00025600 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32pdh.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00521680 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\windows._lib_cacheinvalidation.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00011264 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32crypt.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00024064 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32pipe.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00035840 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32process.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00017408 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32profile.pyd
2014-04-23 18:00 - 2014-04-23 18:00 - 00022528 _____ () C:\Users\Susanne\AppData\Local\Temp\_MEI38762\win32ts.pyd
2014-02-04 22:41 - 2014-02-02 00:41 - 00715592 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-04 22:41 - 2014-02-02 00:41 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-04 22:41 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 22:41 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 22:41 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-04-24 06:59 - 2013-02-07 12:35 - 00579904 _____ () C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-02-04 22:41 - 2014-02-02 00:42 - 13616456 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/23/2014 05:56:05 PM) (Source: Microsoft-Windows-RestartManager) (User: Susanne-PC)
Description: Die Anwendung oder der Dienst "linmsl" konnte nicht heruntergefahren werden.
Error: (04/22/2014 09:00:45 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/22/2014 09:00:25 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/22/2014 08:57:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/11/2014 00:08:19 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/11/2014 00:07:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/11/2014 00:04:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/09/2014 02:47:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/09/2014 02:47:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/09/2014 02:44:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (04/24/2014 08:51:16 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "GENIO",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{31D28976-26AE-48EC-B6CC-70306963F7DD-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (04/23/2014 05:54:48 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (04/23/2014 00:35:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/23/2014 00:32:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update Surftastic" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/23/2014 10:58:59 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{31D28976-26AE-48EC-B6CC-70306963F7DD}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (04/23/2014 10:42:33 AM) (Source: Microsoft Antimalware) (User: )
Description: Fehler in %%860-Echtzeitschutzfunktion.
Funktion: %%835
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler
Ursache: %%842
Error: (04/23/2014 10:41:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/23/2014 10:41:32 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (04/22/2014 08:54:58 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{31D28976-26AE-48EC-B6CC-70306963F7DD}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (04/22/2014 08:26:42 AM) (Source: Microsoft Antimalware) (User: )
Description: Fehler in %%860-Echtzeitschutzfunktion.
Funktion: %%835
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler
Ursache: %%842
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-01-28 21:43:21.434
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\nvd3dum.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 21:43:21.120
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\nvd3dum.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 21:43:01.588
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\nvd3dum.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 21:43:01.331
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\nvd3dum.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 21:42:33.795
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\nvd3dum.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 21:42:33.377
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\nvd3dum.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 60%
Total physical RAM: 3036.61 MB
Available physical RAM: 1210.99 MB
Total Pagefile: 6069.46 MB
Available Pagefile: 4072.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:396.58 GB) (Free:251.06 GB) NTFS
Drive d: () (Fixed) (Total:54.08 GB) (Free:21.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 711561A4)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=397 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=54 GB) - (Type=07 NTFS)
==================== End Of Log ============================ --- --- --- |