lolligeslol | 30.04.2014 11:31 | tut mir leid, wusste ich nicht ;)
übrigens: die Festplatte ist eine Samsung SSD, nur falls dies wichtig ist :)
hoffe jetzt ist es besser!
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014
Ran by Silas (administrator) on SILAS-PC on 29-04-2014 16:38:54
Running from C:\Users\Silas\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corp.) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Samsung Electronics Co., Ltd.) C:\Windows\system32\RAPID\SamsungRapidSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
() C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [109280 2013-07-29] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-01-21] (BlackBerry Limited)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2937941739-3390224605-2116822940-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2937941739-3390224605-2116822940-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2937941739-3390224605-2116822940-1001\...\MountPoints2: {f0ca1a60-a283-11e2-8518-d9d05fc4d272} - E:\LaunchU3.exe -a
Startup: C:\Users\Silas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD70133BACCDECD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/$22/
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119779&tt=gc_&babsrc=SP_ss&mntrId=94D778E4000FEF33
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 secure.tune-up.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: HDvid Codec - C:\Users\Silas\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc@hdvc.com.xpi [2013-04-17]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-05-20]
Chrome:
=======
CHR HomePage: hxxp://www.ask.com/?l=dis&o=1586cr&gct=hp
CHR StartupUrls: "hxxp://de-de.facebook.com/", "hxxp://www.die-staemme.de/", "hxxp://web.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-20]
CHR Extension: (YouTube) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-20]
CHR Extension: (Adblock Plus) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-12-20]
CHR Extension: (Monster Dash) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog [2012-12-20]
CHR Extension: (Google-Suche) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-20]
CHR Extension: (Tampermonkey) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-04-05]
CHR Extension: (CinemaxX Trailer) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopcgojamofpmhidpadjjfilkiiehjea [2012-12-20]
CHR Extension: (Logitech SetPoint) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-05-20]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2012-12-20]
CHR Extension: (AdBlock) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-12-20]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-03-03]
CHR Extension: (Fuball Ergebnisse) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgikkhahmpgcibceopehblcifilnkpko [2012-12-20]
CHR Extension: (Google Wallet) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (beautiful megan) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbihhhkaldmedflhmdmkhmpmpijbaajo [2012-12-20]
CHR Extension: (Google Mail) - C:\Users\Silas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-20]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-20]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-04-28]
CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx [2013-04-28]
==================== Services (Whitelisted) =================
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [152064 2009-10-23] (Broadcom Corporation)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-08-16] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-08-16] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-08-16] (CyberLink)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-24] ()
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27360 2013-07-29] (Samsung Electronics Co., Ltd.)
==================== Drivers (Whitelisted) ====================
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 k57nd; C:\Windows\System32\DRIVERS\k57amd64.sys [333864 2009-12-11] (Broadcom Corporation)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [44272 2013-01-17] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [240864 2013-07-29] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2013-07-29] (Samsung Electronics Co., Ltd.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-08-14] (CyberLink Corp.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
U3 kgloypow; \??\C:\Users\Silas\AppData\Local\Temp\kgloypow.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-29 16:38 - 2014-04-29 16:39 - 00021093 _____ () C:\Users\Silas\Downloads\FRST.txt
2014-04-29 16:38 - 2014-04-29 16:38 - 00000472 _____ () C:\Users\Silas\Downloads\defogger_disable.log
2014-04-29 16:38 - 2014-04-29 16:38 - 00000000 ____D () C:\FRST
2014-04-29 16:38 - 2014-04-29 16:38 - 00000000 _____ () C:\Users\Silas\defogger_reenable
2014-04-29 16:27 - 2014-04-29 16:27 - 02061824 _____ (Farbar) C:\Users\Silas\Downloads\FRST64.exe
2014-04-29 16:21 - 2014-04-29 16:21 - 00050477 _____ () C:\Users\Silas\Downloads\Defogger.exe
2014-04-29 16:01 - 2014-04-29 16:01 - 00008431 _____ () C:\Users\Silas\Documents\gmer.log
2014-04-29 11:59 - 2014-04-29 11:59 - 00380416 _____ () C:\Users\Silas\Downloads\Gmer-19357.exe
2014-04-28 12:07 - 2014-04-29 16:33 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-04-28 12:07 - 2014-04-28 12:07 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-04-28 12:06 - 2014-04-28 12:06 - 05049344 _____ (Crawler.com ) C:\Users\Silas\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-04-27 18:40 - 2014-04-29 16:32 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-04-27 18:39 - 2014-04-27 18:39 - 02365840 _____ () C:\Users\Silas\Downloads\SecurityTaskManager_Setup.exe
2014-04-27 18:38 - 2014-04-27 18:38 - 00540072 _____ (Neuber Software) C:\Users\Silas\Downloads\SvchostAnalyzer.exe
2014-04-27 18:13 - 2014-04-29 09:52 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 18:11 - 2014-04-27 18:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Silas\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-27 18:11 - 2014-04-27 18:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Silas\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2014-04-25 11:39 - 2014-04-25 11:40 - 14298467 _____ () C:\Users\Silas\Downloads\nw_14643_handbrakexwinguiexe.exe
2014-04-22 20:17 - 2014-04-22 20:17 - 00000000 __SHD () C:\Users\Silas\AppData\Local\EmieUserList
2014-04-22 20:17 - 2014-04-22 20:17 - 00000000 __SHD () C:\Users\Silas\AppData\Local\EmieSiteList
2014-04-21 19:37 - 2014-04-21 19:37 - 00004853 _____ () C:\Users\Silas\Downloads\kroatien urlaub.odt
2014-04-11 09:46 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-11 09:46 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-11 09:46 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 09:46 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-11 09:46 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-11 09:46 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-11 09:46 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-11 09:46 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-11 09:46 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-11 09:46 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-11 09:46 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-11 09:46 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-11 09:46 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-11 09:46 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-11 09:46 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-11 09:46 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 09:46 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-11 09:46 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-11 09:46 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 09:46 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-11 09:46 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-11 09:46 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-11 09:46 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 09:46 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-11 09:46 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-11 09:46 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-11 09:46 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-11 09:46 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-11 09:46 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-11 09:46 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-11 09:46 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-11 09:46 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-11 09:46 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-11 09:46 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-11 09:46 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-11 09:46 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-11 09:46 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-11 09:46 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-11 09:46 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-11 09:46 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-11 09:46 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-11 09:46 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-11 09:46 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-11 09:46 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-11 09:46 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-11 09:46 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-11 09:46 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-11 09:46 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-10 19:26 - 2014-04-10 19:26 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-10 19:26 - 2014-04-10 19:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-10 19:26 - 2014-04-10 19:26 - 00000000 ____D () C:\Users\Silas\AppData\Local\Skype
2014-04-10 19:26 - 2014-04-10 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-10 10:27 - 2009-12-11 00:32 - 00333864 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57amd64.sys
2014-04-10 10:26 - 2014-04-10 10:27 - 00000000 ____D () C:\Users\Silas\Desktop\LAN_Broadcom_12.4.0.3_Win7x86x64
2014-04-10 10:24 - 2014-04-10 10:24 - 00000000 ____D () C:\Users\Silas\Desktop\Modem_LSI_2.2.99.0_Win7x86x64
2014-04-10 10:23 - 2014-04-10 10:23 - 02134334 _____ () C:\Users\Silas\Downloads\Modem_LSI_2.2.99.0_W7x86W7x64_A.zip
2014-04-10 10:22 - 2014-04-10 10:26 - 139876507 _____ () C:\Users\Silas\Downloads\Lan_Broadcom_12.4.0.3_W7x86W7x64_A.zip
2014-04-10 10:01 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 10:01 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 10:01 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 10:01 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 10:01 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 10:01 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 10:01 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 10:01 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 10:01 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 10:01 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 10:01 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 10:01 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 10:01 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 10:01 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 10:01 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 10:01 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 10:00 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 22:13 - 2014-04-08 22:13 - 00000635 _____ () C:\Users\Silas\Desktop\Cyperia - Verknüpfung.lnk
2014-04-08 18:39 - 2014-04-08 22:13 - 00000000 ____D () C:\Users\Silas\Desktop\Cyperia 2013 Client
2014-04-08 16:52 - 2014-04-08 18:39 - 904446119 _____ () C:\Users\Silas\Downloads\Cyperia2013Client.zip
2014-04-08 13:08 - 2014-04-08 13:08 - 01768986 _____ () C:\Users\Silas\Downloads\switchbot.zip
2014-04-08 12:24 - 2014-04-08 12:25 - 29990274 _____ () C:\Users\Silas\Downloads\cyperia.rar
2014-04-02 17:44 - 2014-04-03 17:27 - 00000000 ____D () C:\Users\Silas\AppData\Local\Downloaded Installations
2014-04-02 17:43 - 2014-04-02 17:44 - 00013785 _____ () C:\ads_err.adt
2014-04-02 17:43 - 2014-04-02 17:44 - 00004559 _____ () C:\ads_err.adm
2014-04-02 17:43 - 2014-04-02 17:44 - 00003072 _____ () C:\ads_err.adi
2014-04-02 17:43 - 2014-04-02 17:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-04-02 17:43 - 2014-04-02 17:43 - 00000000 ____D () C:\Users\Silas\Documents\BlackBerry
2014-04-02 17:33 - 2014-04-02 18:59 - 00000308 _____ () C:\Users\Silas\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-04-02 17:33 - 2014-04-02 18:59 - 00000308 _____ () C:\Users\Silas\AppData\Roaming\Rim.Desktop.Exception.log
2014-04-02 17:33 - 2014-04-02 18:27 - 00000000 ____D () C:\Users\Silas\AppData\Local\Research In Motion
2014-04-02 17:33 - 2014-04-02 17:33 - 00000000 ____D () C:\Users\Silas\AppData\Roaming\Research In Motion
2014-04-02 17:32 - 2014-04-02 17:32 - 00002231 _____ () C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
2014-04-02 17:32 - 2014-04-02 17:32 - 00001153 _____ () C:\Users\Silas\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-04-02 17:32 - 2014-04-02 17:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
2014-04-02 17:32 - 2014-04-02 17:32 - 00000000 ____D () C:\ProgramData\Research In Motion
2014-04-02 17:32 - 2014-04-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
2014-04-02 17:32 - 2014-04-02 17:32 - 00000000 ____D () C:\Program Files (x86)\Research In Motion
2014-04-02 17:32 - 2012-12-10 15:48 - 00044544 _____ (Research in Motion Ltd) C:\Windows\system32\Drivers\RimSerial_AMD64.sys
2014-04-02 17:26 - 2014-04-02 17:29 - 119528976 _____ () C:\Users\Silas\Downloads\710_b042_multilanguage.exe
==================== One Month Modified Files and Folders =======
2014-04-29 16:39 - 2014-04-29 16:38 - 00021093 _____ () C:\Users\Silas\Downloads\FRST.txt
2014-04-29 16:38 - 2014-04-29 16:38 - 00000472 _____ () C:\Users\Silas\Downloads\defogger_disable.log
2014-04-29 16:38 - 2014-04-29 16:38 - 00000000 ____D () C:\FRST
2014-04-29 16:38 - 2014-04-29 16:38 - 00000000 _____ () C:\Users\Silas\defogger_reenable
2014-04-29 16:38 - 2012-12-20 18:08 - 00000000 ____D () C:\Users\Silas
2014-04-29 16:36 - 2014-02-23 20:35 - 00000000 ____D () C:\Users\Silas\AppData\Local\E3683022-6603-40FF-BA8F-5B741D87BBFC.aplzod
2014-04-29 16:36 - 2014-02-23 16:44 - 00000000 ____D () C:\Users\Silas\Documents\Outlook-Dateien
2014-04-29 16:33 - 2014-04-28 12:07 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-04-29 16:32 - 2014-04-27 18:40 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-04-29 16:28 - 2012-12-20 20:35 - 00000000 ____D () C:\Users\Silas\AppData\Roaming\Dropbox
2014-04-29 16:27 - 2014-04-29 16:27 - 02061824 _____ (Farbar) C:\Users\Silas\Downloads\FRST64.exe
2014-04-29 16:27 - 2012-12-20 18:09 - 00000000 ___RD () C:\Users\Silas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-29 16:25 - 2014-03-01 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-04-29 16:25 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-04-29 16:25 - 2013-05-02 21:28 - 00000000 ____D () C:\Users\Silas\AppData\Roaming\rinsebyreal
2014-04-29 16:21 - 2014-04-29 16:21 - 00050477 _____ () C:\Users\Silas\Downloads\Defogger.exe
2014-04-29 16:21 - 2012-12-20 19:45 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-29 16:09 - 2012-12-20 18:13 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-29 16:02 - 2012-12-20 18:08 - 01825891 _____ () C:\Windows\WindowsUpdate.log
2014-04-29 16:01 - 2014-04-29 16:01 - 00008431 _____ () C:\Users\Silas\Documents\gmer.log
2014-04-29 16:01 - 2009-07-14 19:58 - 00704912 _____ () C:\Windows\system32\perfh007.dat
2014-04-29 16:01 - 2009-07-14 19:58 - 00151224 _____ () C:\Windows\system32\perfc007.dat
2014-04-29 16:01 - 2009-07-14 07:13 - 01628308 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-29 11:59 - 2014-04-29 11:59 - 00380416 _____ () C:\Users\Silas\Downloads\Gmer-19357.exe
2014-04-29 09:52 - 2014-04-27 18:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 09:42 - 2009-07-14 06:45 - 00021984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-29 09:42 - 2009-07-14 06:45 - 00021984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-29 09:36 - 2012-12-20 20:37 - 00000000 ___RD () C:\Users\Silas\Dropbox
2014-04-29 09:36 - 2012-12-20 18:13 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-29 09:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-29 09:35 - 2009-07-14 06:51 - 00054423 _____ () C:\Windows\setupact.log
2014-04-28 21:15 - 2012-12-20 21:56 - 00000000 ____D () C:\Users\Silas\Documents\Schule
2014-04-28 18:22 - 2012-12-20 18:39 - 00474810 _____ () C:\Windows\PFRO.log
2014-04-28 12:07 - 2014-04-28 12:07 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-04-28 12:06 - 2014-04-28 12:06 - 05049344 _____ (Crawler.com ) C:\Users\Silas\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-04-27 19:47 - 2013-03-06 23:38 - 00000000 ____D () C:\Users\Silas\AppData\Local\Windows Live
2014-04-27 18:39 - 2014-04-27 18:39 - 02365840 _____ () C:\Users\Silas\Downloads\SecurityTaskManager_Setup.exe
2014-04-27 18:38 - 2014-04-27 18:38 - 00540072 _____ (Neuber Software) C:\Users\Silas\Downloads\SvchostAnalyzer.exe
2014-04-27 18:33 - 2012-12-20 20:46 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-27 18:11 - 2014-04-27 18:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Silas\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-27 18:11 - 2014-04-27 18:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Silas\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2014-04-27 17:50 - 2013-01-11 16:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-27 14:29 - 2013-07-27 16:29 - 00000000 ____D () C:\Users\Silas\Documents\Scan
2014-04-26 13:27 - 2012-12-25 12:08 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-04-25 11:40 - 2014-04-25 11:39 - 14298467 _____ () C:\Users\Silas\Downloads\nw_14643_handbrakexwinguiexe.exe
2014-04-22 20:17 - 2014-04-22 20:17 - 00000000 __SHD () C:\Users\Silas\AppData\Local\EmieUserList
2014-04-22 20:17 - 2014-04-22 20:17 - 00000000 __SHD () C:\Users\Silas\AppData\Local\EmieSiteList
2014-04-21 19:37 - 2014-04-21 19:37 - 00004853 _____ () C:\Users\Silas\Downloads\kroatien urlaub.odt
2014-04-17 19:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-15 15:40 - 2012-12-20 18:13 - 00112000 _____ () C:\Users\Silas\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-15 15:40 - 2009-07-14 06:45 - 00443464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-15 12:07 - 2012-12-20 20:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-15 12:07 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-04-11 11:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 20:01 - 2012-12-21 12:49 - 00000000 ____D () C:\Users\Silas\AppData\Roaming\Skype
2014-04-10 19:26 - 2014-04-10 19:26 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-10 19:26 - 2014-04-10 19:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-10 19:26 - 2014-04-10 19:26 - 00000000 ____D () C:\Users\Silas\AppData\Local\Skype
2014-04-10 19:26 - 2014-04-10 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-10 19:26 - 2012-12-21 12:49 - 00000000 ____D () C:\ProgramData\Skype
2014-04-10 12:11 - 2013-01-23 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-10 10:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-10 10:27 - 2014-04-10 10:26 - 00000000 ____D () C:\Users\Silas\Desktop\LAN_Broadcom_12.4.0.3_Win7x86x64
2014-04-10 10:26 - 2014-04-10 10:22 - 139876507 _____ () C:\Users\Silas\Downloads\Lan_Broadcom_12.4.0.3_W7x86W7x64_A.zip
2014-04-10 10:24 - 2014-04-10 10:24 - 00000000 ____D () C:\Users\Silas\Desktop\Modem_LSI_2.2.99.0_Win7x86x64
2014-04-10 10:23 - 2014-04-10 10:23 - 02134334 _____ () C:\Users\Silas\Downloads\Modem_LSI_2.2.99.0_W7x86W7x64_A.zip
2014-04-09 19:40 - 2013-08-14 13:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 19:38 - 2012-12-21 17:55 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 22:13 - 2014-04-08 22:13 - 00000635 _____ () C:\Users\Silas\Desktop\Cyperia - Verknüpfung.lnk
2014-04-08 22:13 - 2014-04-08 18:39 - 00000000 ____D () C:\Users\Silas\Desktop\Cyperia 2013 Client
2014-04-08 18:39 - 2014-04-08 16:52 - 904446119 _____ () C:\Users\Silas\Downloads\Cyperia2013Client.zip
2014-04-08 16:51 - 2013-01-12 20:24 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-04-08 13:08 - 2014-04-08 13:08 - 01768986 _____ () C:\Users\Silas\Downloads\switchbot.zip
2014-04-08 12:25 - 2014-04-08 12:24 - 29990274 _____ () C:\Users\Silas\Downloads\cyperia.rar
2014-04-04 13:04 - 2012-12-21 12:45 - 00046355 _____ () C:\Windows\DirectX.log
2014-04-04 11:13 - 2013-03-26 23:36 - 00000000 ____D () C:\Users\Silas\Documents\Bewerbung
2014-04-03 17:27 - 2014-04-02 17:44 - 00000000 ____D () C:\Users\Silas\AppData\Local\Downloaded Installations
2014-04-03 09:04 - 2012-12-20 18:13 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-03 09:04 - 2012-12-20 18:13 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-02 18:59 - 2014-04-02 17:33 - 00000308 _____ () C:\Users\Silas\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-04-02 18:59 - 2014-04-02 17:33 - 00000308 _____ () C:\Users\Silas\AppData\Roaming\Rim.Desktop.Exception.log
2014-04-02 18:27 - 2014-04-02 17:33 - 00000000 ____D () C:\Users\Silas\AppData\Local\Research In Motion
2014-04-02 17:44 - 2014-04-02 17:43 - 00013785 _____ () C:\ads_err.adt
2014-04-02 17:44 - 2014-04-02 17:43 - 00004559 _____ () C:\ads_err.adm
2014-04-02 17:44 - 2014-04-02 17:43 - 00003072 _____ () C:\ads_err.adi
2014-04-02 17:43 - 2014-04-02 17:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-04-02 17:43 - 2014-04-02 17:43 - 00000000 ____D () C:\Users\Silas\Documents\BlackBerry
2014-04-02 17:33 - 2014-04-02 17:33 - 00000000 ____D () C:\Users\Silas\AppData\Roaming\Research In Motion
2014-04-02 17:32 - 2014-04-02 17:32 - 00002231 _____ () C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
2014-04-02 17:32 - 2014-04-02 17:32 - 00001153 _____ () C:\Users\Silas\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-04-02 17:32 - 2014-04-02 17:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
2014-04-02 17:32 - 2014-04-02 17:32 - 00000000 ____D () C:\ProgramData\Research In Motion
2014-04-02 17:32 - 2014-04-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
2014-04-02 17:32 - 2014-04-02 17:32 - 00000000 ____D () C:\Program Files (x86)\Research In Motion
2014-04-02 17:29 - 2014-04-02 17:26 - 119528976 _____ () C:\Users\Silas\Downloads\710_b042_multilanguage.exe
Some content of TEMP:
====================
C:\Users\Silas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprjmxg_.dll
C:\Users\Silas\AppData\Local\Temp\TUUUninstallHelper.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 13:47
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014
Ran by Silas at 2014-04-29 16:39:24
Running from C:\Users\Silas\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}) (Version: 1.5.17.05094 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094 - Alcor Micro Corp.) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.20928 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{ABFC0970-7FDF-9E49-C049-5D24CB1F150E}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70928.1539 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{5BF3423C-4397-4FE3-A318-C9850EA24CB3}) (Version: 8.0.0.46 - Research In Motion Ltd)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Management Programs (HKLM\...\{688758A2-8520-4470-8FA6-765BAC86FC53}) (Version: 12.53.01 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0928.1532.26058 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CrystalDiskInfo 5.2.2 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.2.2 - Crystal Dew World)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1905c.56 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1905c.56 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version: - Microsoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )
Download.am (HKLM-x32\...\Download.am) (Version: - )
Driver Checker v2.7.5 (HKLM-x32\...\Driver Checker_is1) (Version: 2.7.5 - driverchecker.com, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
K-Lite Codec Pack 10.2.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.46 (HKLM\...\Logitech Gaming Software) (Version: 8.46.27 - Logitech Inc.)
Logitech SetPoint 6.52 (HKLM\...\sp6) (Version: 6.52.74 - Logitech)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RAPID Mode (Version: 1.0.1.42 - Samsung Electronics Co., Ltd.) Hidden
Revo Uninstaller Pro 2.5.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.9 - VS Revo Group, Ltd.)
Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.01 (01/05/2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.02.09 (25/04/2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.45.02(01/05/2012) - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.18.04 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SilkroadR (HKLM-x32\...\SilkroadR) (Version: - )
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{7FBE2D23-9F3C-4983-B927-2A4BF600B7A7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{885A0D95-13A8-4A31-B01C-B02454F414AA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DA3F3D63-4C9F-407B-9CA1-39638F85BDDD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version: - Microsoft)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
15-04-2014 10:06:49 Windows Update
18-04-2014 13:41:07 Windows Update
21-04-2014 14:13:33 Windows Update
25-04-2014 15:39:00 Windows Update
28-04-2014 18:34:56 Windows Update
29-04-2014 14:20:44 Revo Uninstaller Pro's restore point - TuneUp Utilities 2013
29-04-2014 14:20:59 TuneUp Utilities 2013 wird entfernt
29-04-2014 14:21:18 TuneUp Utilities Language Pack (de-DE) wird entfernt
29-04-2014 14:23:25 Revo Uninstaller Pro's restore point - Rinse
29-04-2014 14:23:35 Removed Rinse
29-04-2014 14:25:14 Revo Uninstaller Pro's restore point - Wondershare Dr.Fone für iOS(Build 4.0.1.75)
29-04-2014 14:27:25 Revo Uninstaller Pro's restore point - Dropbox
29-04-2014 14:28:43 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware Version 2.0.1.1004
29-04-2014 14:32:26 Revo Uninstaller Pro's restore point - Security Task Manager 1.8g
29-04-2014 14:33:30 Revo Uninstaller Pro's restore point - Spyware Terminator 2012
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-01-11 16:57 - 00000854 __RAH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 secure.tune-up.com
==================== Scheduled Tasks (whitelisted) =============
Task: {2D26ECD1-582B-43DB-B0B2-39AE5418B5D8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {3147FEFA-5AB3-4A1D-90DC-A711007D59E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {3CEAE202-4A0E-4311-8EBA-67897AA6F1FC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9436BD86-B333-4D21-AF90-25D3873D444A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {B3EBF746-8FB6-4DE2-88F8-C9FD03A54B71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20] (Google Inc.)
Task: {B41F8E7A-3FE2-4210-BDE0-E06A3D4BF2DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20] (Google Inc.)
Task: {C98D8581-FEB1-412B-90B3-EDD91078FE26} - System32\Tasks\EPUpdater => C:\Users\Silas\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {F0ED3525-DD0C-4B80-8B2A-4A64AE23E416} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {F5221A1A-BB3E-4737-95D9-CB817E48C42E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-09 12:47 - 2012-01-09 12:47 - 00034304 _____ () C:\Windows\System32\sst7clm.dll
2012-12-21 12:45 - 2012-12-24 15:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-05-01 10:20 - 2012-05-01 10:20 - 01541712 _____ () C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 19:14 - 2009-12-23 18:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-12-27 13:59 - 2013-11-28 13:14 - 00013824 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
2013-12-27 13:59 - 2013-11-28 19:59 - 00098816 _____ () C:\Program Files (x86)\Samsung SSD Magician\PAL.dll
2013-12-27 13:59 - 2013-11-28 19:59 - 00034304 _____ () C:\Program Files (x86)\Samsung SSD Magician\SATA.dll
2013-12-27 13:59 - 2013-11-28 19:59 - 00032768 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAT.dll
2013-12-27 13:59 - 2013-11-28 20:00 - 00031232 _____ () C:\Program Files (x86)\Samsung SSD Magician\SMINI.dll
2013-12-27 13:59 - 2013-11-28 19:59 - 00029696 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAS.dll
2012-02-15 15:17 - 2012-02-15 15:17 - 00310272 _____ () C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\sslog.dll
2012-03-21 07:22 - 2012-03-21 07:22 - 00683520 _____ () C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\SASkin.dll
2012-03-21 07:23 - 2012-03-21 07:23 - 00615424 _____ () C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\SAStyle.cjstyles
2012-02-20 22:22 - 2012-02-20 22:22 - 00050688 _____ () C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-04-23 12:14 - 2012-04-23 12:14 - 02013184 _____ () C:\Program Files (x86)\Samsung\Easy Printer Manager\sf.dll
2014-04-26 17:12 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-26 17:12 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-26 17:12 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-26 17:12 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-26 17:12 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-26 17:12 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-01-23 15:55 - 2014-01-23 15:55 - 01030312 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^Silas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung SSD Magician.lnk => C:\Windows\pss\Samsung SSD Magician.lnk.Startup
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/29/2014 04:20:43 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {deb1dc83-9239-4b63-aac1-298cc80799ad}
Error: (04/25/2014 11:24:40 AM) (Source: Application Hang) (User: )
Description: Programm PowerDVD12.exe, Version 12.0.11175.1925 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a28
Startzeit: 01cf6067da62011c
Endzeit: 7
Anwendungspfad: C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
Berichts-ID: 69f9a7f7-cc5b-11e3-8b7b-00262d9d8fa7
Error: (04/22/2014 07:24:10 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(ec:35:86:c8:01:96@fe80::ee35:86ff:fec8:196._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (04/21/2014 09:59:32 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(ec:35:86:c8:01:96@fe80::ee35:86ff:fec8:196._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (04/18/2014 03:33:44 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(ec:35:86:c8:01:96@fe80::ee35:86ff:fec8:196._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (04/11/2014 02:56:39 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(ec:35:86:c8:01:96@fe80::ee35:86ff:fec8:196._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (04/10/2014 05:33:19 PM) (Source: Bonjour Service) (User: )
Description: 472: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (04/10/2014 05:33:19 PM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (04/10/2014 03:07:08 PM) (Source: Bonjour Service) (User: )
Description: 548: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (04/10/2014 03:07:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
System errors:
=============
Error: (04/26/2014 08:17:17 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.173.603.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (04/10/2014 10:07:39 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.169.2070.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (04/09/2014 07:37:45 PM) (Source: DCOM) (User: )
Description: {74944725-B65F-4E37-8633-BD4DDE193921}
Error: (04/09/2014 05:53:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde nicht richtig gestartet.
Error: (04/02/2014 05:46:57 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Blackberry Device Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/01/2014 02:30:58 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (04/01/2014 02:30:58 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (04/01/2014 02:30:58 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (04/01/2014 02:30:58 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (04/01/2014 02:30:54 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Microsoft Office Sessions:
=========================
Error: (04/29/2014 04:20:43 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {deb1dc83-9239-4b63-aac1-298cc80799ad}
Error: (04/25/2014 11:24:40 AM) (Source: Application Hang)(User: )
Description: PowerDVD12.exe12.0.11175.1925a2801cf6067da62011c7C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe69f9a7f7-cc5b-11e3-8b7b-00262d9d8fa7
Error: (04/22/2014 07:24:10 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(ec:35:86:c8:01:96@fe80::ee35:86ff:fec8:196._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (04/21/2014 09:59:32 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(ec:35:86:c8:01:96@fe80::ee35:86ff:fec8:196._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (04/18/2014 03:33:44 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(ec:35:86:c8:01:96@fe80::ee35:86ff:fec8:196._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (04/11/2014 02:56:39 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(ec:35:86:c8:01:96@fe80::ee35:86ff:fec8:196._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (04/10/2014 05:33:19 PM) (Source: Bonjour Service)(User: )
Description: 472: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (04/10/2014 05:33:19 PM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (04/10/2014 03:07:08 PM) (Source: Bonjour Service)(User: )
Description: 548: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (04/10/2014 03:07:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
==================== Memory info ===========================
Percentage of memory in use: 80%
Total physical RAM: 3956.5 MB
Available physical RAM: 778.62 MB
Total Pagefile: 4396.51 MB
Available Pagefile: 906.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.37 GB) (Free:105.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 8E8583B3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-29 21:46:11
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Samsung_ rev.DXM0 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\Silas\AppData\Local\Temp\kgloypow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002dfe000 45 bytes [60, 94, 2C, 05, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002dfe02f 16 bytes [00, 06, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076171465 2 bytes [17, 76]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761714bb 2 bytes [17, 76]
.text ... * 2
.text C:\Windows\SysWOW64\PnkBstrA.exe[2608] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000071ad1a22 2 bytes [AD, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2608] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000071ad1ad0 2 bytes [AD, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2608] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000071ad1b08 2 bytes [AD, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2608] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000071ad1bba 2 bytes [AD, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2608] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000071ad1bda 2 bytes [AD, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076171465 2 bytes [17, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761714bb 2 bytes [17, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[2572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076171465 2 bytes [17, 76]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[2572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761714bb 2 bytes [17, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[1896] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076171465 2 bytes [17, 76]
.text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[1896] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761714bb 2 bytes [17, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe[2528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076171465 2 bytes [17, 76]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe[2528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761714bb 2 bytes [17, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe[5416] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076171465 2 bytes [17, 76]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe[5416] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761714bb 2 bytes [17, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[7884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076171465 2 bytes [17, 76]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[7884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761714bb 2 bytes [17, 76]
.text ... * 2
---- EOF - GMER 2.1 ---- |