Sportmaus | 16.05.2014 12:32 | Code:
OTL logfile created on: 16.05.2014 12:05:14 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\sunny\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,75 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 51,32% Memory free
7,50 Gb Paging File | 5,43 Gb Available in Paging File | 72,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,21 Gb Total Space | 132,63 Gb Free Space | 71,23% Space Free | Partition Type: NTFS
Drive E: | 37,27 Gb Total Space | 36,48 Gb Free Space | 97,87% Space Free | Partition Type: NTFS
Drive F: | 28,64 Gb Total Space | 11,68 Gb Free Space | 40,77% Space Free | Partition Type: NTFS
Computer Name: PROBIERCOMPUTER | User Name: sunny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Users\sunny\Desktop\OTL.exe (OldTimer Tools)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 1F 84 59 FA 32 CF 01 [binary data]
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\..\SearchScopes,DefaultScope = {AAC63DD9-2AFC-4FEB-9E97-F50E051621E1}
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\..\SearchScopes\{AAC63DD9-2AFC-4FEB-9E97-F50E051621E1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2014.05.06 18:16:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sunny\AppData\Roaming\mozilla\Extensions
[2014.05.12 18:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.05.12 18:58:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [G Data ASM] C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3205923182-3546866059-566919124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89929902-5E1E-4922-9D3D-7D47822EC2AF}: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe) - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe (G Data Software AG)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\DatamngrCoordinator.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\DatamngrCoordinator.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a8ad026c-b518-11e3-ae6e-0025226548fc}\Shell - "" = AutoRun
O33 - MountPoints2\{a8ad026c-b518-11e3-ae6e-0025226548fc}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.05.16 12:03:01 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\sunny\Desktop\OTL.exe
[2014.05.15 20:58:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2014.05.15 10:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2014.05.15 09:42:07 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.05.15 09:42:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.05.15 09:37:39 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.05.15 09:37:38 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014.05.15 09:37:37 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014.05.15 09:37:37 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014.05.15 09:37:37 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014.05.15 09:37:36 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014.05.15 09:37:35 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014.05.15 09:37:34 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014.05.15 09:37:33 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014.05.15 09:37:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014.05.15 09:37:33 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014.05.15 09:37:33 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014.05.15 09:37:33 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014.05.15 09:37:33 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014.05.15 09:37:33 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014.05.15 09:37:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014.05.15 09:37:33 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014.05.15 09:37:33 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014.05.15 09:37:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014.05.15 09:37:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014.05.15 09:37:33 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014.05.15 09:37:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014.05.15 09:37:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014.05.15 09:37:04 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.05.15 09:37:04 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.05.12 19:10:31 | 000,000,000 | ---D | C] -- C:\Users\sunny\Documents\GMER
[2014.05.12 18:58:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014.05.12 18:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.05.12 17:28:54 | 000,018,160 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GdPhyMem.sys
[2014.05.12 17:28:51 | 000,106,272 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2014.05.08 14:25:28 | 000,000,000 | ---D | C] -- C:\Users\sunny\AppData\Local\Mozilla
[2014.05.08 14:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.05.06 18:51:30 | 000,068,608 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2014.05.06 18:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE
[2014.05.06 18:50:44 | 000,064,000 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2014.05.06 18:50:27 | 000,065,024 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2014.05.06 18:50:23 | 000,135,168 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2014.05.06 18:50:18 | 000,057,344 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2014.05.06 18:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data
[2014.05.06 18:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\G Data
[2014.05.06 18:16:17 | 000,000,000 | ---D | C] -- C:\Users\sunny\AppData\Roaming\Mozilla
[2014.05.06 17:37:24 | 000,000,000 | ---D | C] -- C:\Users\sunny\AppData\Local\Diagnostics
[2014.05.06 16:45:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2014.05.06 16:44:51 | 000,000,000 | -HSD | C] -- C:\Users\sunny\AppData\Local\EmieUserList
[2014.05.06 16:44:51 | 000,000,000 | -HSD | C] -- C:\Users\sunny\AppData\Local\EmieSiteList
[2014.05.06 14:56:29 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.04 19:16:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX
[2014.05.04 19:16:17 | 000,000,000 | ---D | C] -- C:\Users\sunny\AppData\Local\Canon Easy-PhotoPrint EX
[2014.05.03 16:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.05.03 16:52:56 | 000,313,256 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.05.03 16:52:49 | 000,191,400 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.05.03 16:52:49 | 000,190,888 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.05.03 16:52:49 | 000,111,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.05.03 16:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.05.02 18:07:02 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.05.02 18:06:58 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.05.02 18:06:58 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.05.02 18:06:58 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.05.02 18:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.05.02 17:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJ
[2014.05.02 17:09:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2014.05.02 17:08:57 | 000,000,000 | ---D | C] -- C:\Users\sunny\AppData\Roaming\Canon
[2014.05.02 17:02:57 | 000,000,000 | --SD | C] -- C:\Users\sunny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
[2014.05.02 16:40:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2014.05.02 16:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5100 series Benutzerregistrierung
[2014.05.02 16:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2014.05.02 14:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2014.05.02 14:24:29 | 000,000,000 | ---D | C] -- C:\Users\sunny\AppData\Roaming\OpenOffice
[2014.04.29 15:26:57 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014.04.25 13:22:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
[2014.04.25 13:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014.04.25 13:17:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2014.04.17 11:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.04.17 11:40:53 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014.04.17 11:40:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.04.17 11:40:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.04.17 11:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.04.17 11:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014.04.17 11:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014.04.17 11:33:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CatRoot2_201442313556
[2014.04.17 11:12:52 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014.04.17 11:12:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014.04.17 11:12:52 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014.04.17 11:12:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014.04.17 11:12:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014.04.17 11:12:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014.04.17 11:12:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014.04.17 11:12:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014.04.17 11:12:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014.04.17 11:12:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014.04.17 11:07:56 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisRtl.dll
[2014.04.17 11:07:56 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisRtl.dll
[2014.04.17 11:07:56 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admwprox.dll
[2014.04.17 11:07:56 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admwprox.dll
[2014.04.17 11:07:55 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ahadmin.dll
[2014.04.17 11:07:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ahadmin.dll
[2014.04.17 11:07:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisreset.exe
[2014.04.17 11:07:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisreset.exe
[2014.04.17 11:07:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wamregps.dll
[2014.04.17 11:07:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisrstap.dll
[2014.04.17 11:07:55 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wamregps.dll
[2014.04.17 11:07:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisrstap.dll
[2014.04.17 11:00:28 | 000,000,000 | ---D | C] -- C:\inetpub
[2014.04.17 11:00:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2014.04.17 10:46:43 | 000,000,000 | ---D | C] -- C:\Users\sunny\AppData\Local\ElevatedDiagnostics
[2014.04.17 10:46:08 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014.04.16 18:18:07 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
========== Files - Modified Within 30 Days ==========
[2014.05.16 12:04:42 | 001,840,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.05.16 12:04:42 | 000,786,722 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.05.16 12:04:42 | 000,726,456 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.05.16 12:04:42 | 000,180,824 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.05.16 12:04:42 | 000,146,994 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.05.16 12:04:17 | 000,020,272 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.16 12:04:16 | 000,020,272 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.16 11:55:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.16 11:54:57 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.15 21:11:33 | 000,006,758 | ---- | M] () -- C:\Users\sunny\Documents\cc_20140515_211127.reg
[2014.05.15 11:11:42 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2014.05.15 10:36:53 | 000,000,023 | ---- | M] () -- C:\Windows\SysWow64\CleanGenius3Free.dll
[2014.05.12 19:09:30 | 000,380,416 | ---- | M] () -- C:\Users\sunny\Desktop\Gmer-19357.exe
[2014.05.12 18:58:16 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.05.12 17:29:28 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.12 17:28:54 | 000,018,160 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GdPhyMem.sys
[2014.05.12 17:28:51 | 000,106,272 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2014.05.09 08:14:03 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.05.09 08:11:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.05.08 12:08:46 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A}.job
[2014.05.06 19:02:11 | 000,103,434 | ---- | M] () -- C:\Users\sunny\Documents\cc_20140506_190204.reg
[2014.05.06 18:51:30 | 000,068,608 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2014.05.06 18:51:23 | 000,002,050 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity CBE.lnk
[2014.05.06 18:50:44 | 000,064,000 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2014.05.06 18:50:27 | 000,065,024 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2014.05.06 18:50:23 | 000,135,168 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2014.05.06 18:50:18 | 000,057,344 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2014.05.06 05:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.05.06 04:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.05.03 16:52:41 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.05.03 16:52:38 | 000,313,256 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.05.03 16:52:38 | 000,191,400 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.05.03 16:52:38 | 000,190,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.05.03 15:20:39 | 000,295,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.05.02 17:02:57 | 000,001,188 | ---- | M] () -- C:\Users\sunny\Desktop\OpenOffice 4.1.0.lnk
[2014.05.02 16:35:46 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2014.05.02 14:49:36 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.05.02 14:18:34 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.02 14:18:34 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.04.25 13:22:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014.04.17 11:41:02 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.04.17 11:03:42 | 001,726,076 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.04.16 18:14:54 | 000,000,034 | ---- | M] () -- C:\Windows\cdplayer.ini
[2014.04.16 18:12:46 | 000,000,898 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014.04.16 18:08:34 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
========== Files Created - No Company Name ==========
[2014.05.15 21:11:29 | 000,006,758 | ---- | C] () -- C:\Users\sunny\Documents\cc_20140515_211127.reg
[2014.05.15 11:11:42 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2014.05.15 10:36:53 | 000,000,023 | ---- | C] () -- C:\Windows\SysWow64\CleanGenius3Free.dll
[2014.05.12 19:09:27 | 000,380,416 | ---- | C] () -- C:\Users\sunny\Desktop\Gmer-19357.exe
[2014.05.12 18:58:16 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.05.06 19:02:07 | 000,103,434 | ---- | C] () -- C:\Users\sunny\Documents\cc_20140506_190204.reg
[2014.05.06 18:51:23 | 000,002,050 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity CBE.lnk
[2014.05.02 17:02:57 | 000,001,188 | ---- | C] () -- C:\Users\sunny\Desktop\OpenOffice 4.1.0.lnk
[2014.04.25 13:22:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014.04.17 11:41:02 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.04.16 18:10:25 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A}.job
[2014.04.16 18:08:35 | 000,000,898 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014.04.16 18:06:34 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2014.04.16 18:03:16 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014.02.26 18:25:34 | 001,726,076 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== LOP Check ==========
[2014.05.08 12:08:46 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A}.job
[2009.07.14 07:08:49 | 000,027,846 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by sunny at 2014-05-16 13:29:39
Running from C:\Users\sunny\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
==================== Restore Points =========================
17-04-2014 09:39:38 Installed iTunes
23-04-2014 11:54:23 Installed Microsoft Fix it 50528
25-04-2014 11:17:09 DCInstallRestorePoint
29-04-2014 13:26:25 Windows Update
02-05-2014 11:43:57 Windows Update
02-05-2014 15:01:03 OpenOffice 4.1.0 wird installiert
02-05-2014 16:05:51 Installed Java 7 Update 55
03-05-2014 14:52:10 Installed Java 8 Update 5 (64-bit)
08-05-2014 10:15:59 Windows Update
12-05-2014 15:30:42 Windows Update
15-05-2014 07:38:11 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {2E929C44-60DF-49FD-8A2F-EE18F53BE892} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {4883D3C9-8B68-4D75-9A1A-06D302592516} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4EEFD061-6B41-4462-9921-8A6DF5AE011A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {4F03DBAF-499F-44CD-9BF1-AE210C98D446} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7056ED80-E995-4BCE-A364-1DD5422F5551} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D03515FC-7E65-444C-B31D-BF5869C479AD} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {F65019D1-3D44-4591-8708-E3A3F774F300} - System32\Tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A} => C:\Program Files\V-bates\PrefHelper.exe
Task: {FE5ADB97-EB02-4E05-962B-FD4FA9C0A43E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: C:\Windows\Tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A}.job => C:\Program Files\V-bates\PrefHelper.exe
==================== Loaded Modules (whitelisted) =============
2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-05-12 18:58 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-02 14:18 - 2014-05-02 14:18 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/16/2014 01:12:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/16/2014 01:12:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/16/2014 01:12:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/16/2014 01:11:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/16/2014 00:18:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/16/2014 11:56:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/15/2014 08:28:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/15/2014 10:55:30 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/15/2014 10:55:30 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/15/2014 10:55:30 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (05/16/2014 00:18:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Pipe-Listeneradapter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/16/2014 00:18:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Pipe-Listeneradapter erreicht.
Error: (05/16/2014 00:17:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 16.05.2014 um 12:14:06 unerwartet heruntergefahren.
Error: (05/16/2014 00:03:36 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error: (05/16/2014 00:02:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (05/16/2014 00:02:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (05/16/2014 00:02:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (05/16/2014 00:02:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (05/16/2014 00:02:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (05/15/2014 10:55:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (05/16/2014 01:12:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sunny\Desktop\esetsmartinstaller_deu.exe
Error: (05/16/2014 01:12:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sunny\Desktop\esetsmartinstaller_deu.exe
Error: (05/16/2014 01:12:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sunny\Desktop\esetsmartinstaller_deu.exe
Error: (05/16/2014 01:11:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sunny\Desktop\esetsmartinstaller_deu.exe
Error: (05/16/2014 00:18:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/16/2014 11:56:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/15/2014 08:28:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/15/2014 10:55:30 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
Error: (05/15/2014 10:55:30 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/15/2014 10:55:30 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 3839.3 MB
Available physical RAM: 2405.55 MB
Total Pagefile: 7676.79 MB
Available Pagefile: 5831.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:186.21 GB) (Free:132.55 GB) NTFS
Drive e: (Volume) (Fixed) (Total:37.27 GB) (Free:36.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 37 GB) (Disk ID: 6D456D45)
Partition 1: (Not Active) - (Size=37 GB) - (Type=42)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: B1DFB1DF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by sunny (administrator) on PROBIERCOMPUTER on 16-05-2014 13:28:29
Running from C:\Users\sunny\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKU\S-1-5-21-3205923182-3546866059-566919124-1000\...\MountPoints2: {a8ad026c-b518-11e3-ae6e-0025226548fc} - F:\LaunchU3.exe -a
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8A1F8459FA32CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\sunny\AppData\Roaming\Mozilla\Firefox\Profiles\j3odcmuk.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
==================== Services (Whitelisted) =================
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-05-06] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-05-06] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [68608 2014-05-06] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-05-06] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-05-12] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-05-06] (G Data Software AG)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-16 13:28 - 2014-05-16 13:28 - 00008443 _____ () C:\Users\sunny\Desktop\FRST.txt
2014-05-16 13:28 - 2014-05-16 13:28 - 00000000 ____D () C:\FRST
2014-05-16 13:26 - 2014-05-16 13:26 - 02067456 _____ (Farbar) C:\Users\sunny\Desktop\FRST64.exe
2014-05-16 13:12 - 2014-05-16 13:12 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-16 12:45 - 2014-05-16 12:45 - 00013703 _____ () C:\Users\sunny\Documents\Medikamentenliste 16052014.odt
2014-05-16 12:40 - 2014-05-16 12:40 - 00012011 _____ () C:\Users\sunny\Documents\Reaktionen auf...16052014.odt
2014-05-16 12:37 - 2014-05-16 12:38 - 00014263 _____ () C:\Users\sunny\Documents\OP-Liste 16052014.odt
2014-05-16 12:12 - 2014-05-16 12:24 - 00018073 _____ () C:\Users\sunny\Documents\Arztliste Erika 16052014.odt
2014-05-16 12:12 - 2014-05-16 12:12 - 00034384 _____ () C:\Users\sunny\Desktop\Extras.Txt
2014-05-16 12:11 - 2014-05-16 12:11 - 00071648 _____ () C:\Users\sunny\Desktop\OTL.Txt
2014-05-16 12:03 - 2012-09-01 15:34 - 00598528 _____ (OldTimer Tools) C:\Users\sunny\Desktop\OTL.exe
2014-05-16 11:55 - 2014-05-16 12:17 - 00000112 _____ () C:\Windows\setupact.log
2014-05-16 11:55 - 2014-05-16 11:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-15 21:11 - 2014-05-15 21:11 - 00006758 _____ () C:\Users\sunny\Documents\cc_20140515_211127.reg
2014-05-15 20:58 - 2014-05-15 20:58 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-05-15 11:13 - 2014-05-15 11:13 - 00001986 _____ () C:\Users\sunny\Documents\Quickscan 15.05.2014.log
2014-05-15 11:11 - 2014-05-15 11:11 - 00001724 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-05-15 10:36 - 2014-05-15 10:36 - 00000023 _____ () C:\Windows\SysWOW64\CleanGenius3Free.dll
2014-05-15 10:31 - 2014-05-15 11:11 - 00000000 ____D () C:\Program Files\Defraggler
2014-05-15 09:42 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 09:42 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 09:42 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 09:42 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 09:42 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 09:42 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 09:37 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 09:37 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 09:37 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 09:37 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 09:37 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 09:37 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 09:37 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 09:37 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 09:37 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 09:37 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 09:37 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 09:37 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 09:37 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 09:37 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 09:37 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 09:37 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 09:37 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 09:37 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 09:37 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 09:37 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 09:37 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 09:37 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 09:37 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 09:37 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 09:37 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 09:37 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 09:37 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 09:37 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 09:37 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 09:37 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 09:37 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 09:37 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 09:37 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 09:37 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:10 - 2014-05-15 11:12 - 00000000 ____D () C:\Users\sunny\Documents\GMER
2014-05-12 19:09 - 2014-05-12 19:09 - 00380416 _____ () C:\Users\sunny\Desktop\Gmer-19357.exe
2014-05-12 18:58 - 2014-05-12 18:58 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 18:58 - 2014-05-12 18:58 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-12 18:58 - 2014-05-12 18:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 18:56 - 2014-05-12 18:56 - 00283144 _____ (Mozilla) C:\Users\sunny\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-12 17:28 - 2014-05-12 17:28 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2014-05-12 17:28 - 2014-05-12 17:28 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-05-08 15:20 - 2014-05-08 15:20 - 00198051 _____ () C:\Users\sunny\Downloads\bookmarks-08.05.2014.html
2014-05-08 14:25 - 2014-05-12 18:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 14:25 - 2014-05-08 14:25 - 00000000 ____D () C:\Users\sunny\AppData\Local\Mozilla
2014-05-06 19:02 - 2014-05-06 19:02 - 00103434 _____ () C:\Users\sunny\Documents\cc_20140506_190204.reg
2014-05-06 18:51 - 2014-05-06 18:51 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-05-06 18:51 - 2014-05-06 18:51 - 00002050 _____ () C:\Users\Public\Desktop\G Data InternetSecurity CBE.lnk
2014-05-06 18:51 - 2014-05-06 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE
2014-05-06 18:50 - 2014-05-06 18:50 - 00135168 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-05-06 18:50 - 2014-05-06 18:50 - 00065024 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-05-06 18:50 - 2014-05-06 18:50 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-05-06 18:50 - 2014-05-06 18:50 - 00057344 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-05-06 18:47 - 2014-05-06 18:59 - 00000000 ____D () C:\ProgramData\G Data
2014-05-06 18:47 - 2014-05-06 18:47 - 00000000 ____D () C:\Program Files (x86)\G Data
2014-05-06 18:16 - 2014-05-08 14:25 - 00000000 ____D () C:\Users\sunny\AppData\Roaming\Mozilla
2014-05-06 16:44 - 2014-05-06 16:44 - 00000000 __SHD () C:\Users\sunny\AppData\Local\EmieUserList
2014-05-06 16:44 - 2014-05-06 16:44 - 00000000 __SHD () C:\Users\sunny\AppData\Local\EmieSiteList
2014-05-06 14:56 - 2014-05-12 17:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 19:16 - 2014-05-04 19:41 - 00000000 ____D () C:\Users\sunny\AppData\Local\Canon Easy-PhotoPrint EX
2014-05-04 19:16 - 2014-05-04 19:16 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX
2014-05-03 16:52 - 2014-05-03 16:52 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-03 16:52 - 2014-05-03 16:52 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-03 16:52 - 2014-05-03 16:52 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-03 16:52 - 2014-05-03 16:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-03 16:52 - 2014-05-03 16:52 - 00000000 ____D () C:\Program Files\Java
2014-05-03 16:50 - 2014-05-03 16:51 - 34131368 _____ (Oracle Corporation) C:\Users\sunny\Downloads\jre-8u5-windows-x64.exe
2014-05-02 18:07 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-02 18:06 - 2014-05-03 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-02 18:06 - 2014-05-02 18:06 - 00004328 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-02 18:06 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-02 18:06 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-02 18:06 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-02 17:12 - 2014-05-02 17:12 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-05-02 17:09 - 2014-05-02 17:09 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-05-02 17:08 - 2014-05-04 19:19 - 00000000 ____D () C:\Users\sunny\AppData\Roaming\Canon
2014-05-02 17:02 - 2014-05-02 17:03 - 00000000 ___SD () C:\Users\sunny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-05-02 17:02 - 2014-05-02 17:02 - 00001188 _____ () C:\Users\sunny\Desktop\OpenOffice 4.1.0.lnk
2014-05-02 16:56 - 2014-05-02 16:56 - 00000000 ____D () C:\Users\sunny\Downloads\OpenOffice 4.1.0 (de) Installation Files
2014-05-02 16:40 - 2014-05-02 16:40 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-05-02 16:37 - 2014-05-02 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5100 series Benutzerregistrierung
2014-05-02 16:36 - 2014-05-02 16:36 - 00011350 _____ () C:\Users\sunny\Documents\Norwegengrundausrüstung.xlsx
2014-05-02 16:35 - 2014-05-02 16:35 - 00028672 _____ () C:\Users\sunny\Documents\Einkaufzettel 2014 97 6 Personen.xls
2014-05-02 16:34 - 2014-05-02 16:34 - 00000000 ____D () C:\Program Files\Canon
2014-05-02 15:48 - 2014-05-02 15:57 - 164962843 _____ () C:\Users\sunny\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_de.exe
2014-05-02 14:55 - 2014-05-02 15:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-02 14:36 - 2014-05-02 14:36 - 04745984 _____ (Piriform Ltd) C:\Users\sunny\Downloads\ccsetup413.exe
2014-05-02 14:24 - 2014-05-02 14:24 - 00000000 ____D () C:\Users\sunny\AppData\Roaming\OpenOffice
2014-04-29 15:26 - 2014-05-15 09:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 13:22 - 2014-04-25 13:22 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-04-25 13:21 - 2014-05-15 20:43 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-04-25 13:12 - 2014-04-25 13:14 - 50284752 _____ (Microsoft Corporation) C:\Users\sunny\Downloads\MouseKeyboardCenter_64bit_DEU_2.3.188.exe
2014-04-17 11:41 - 2014-04-17 11:41 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-17 11:41 - 2014-04-17 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-17 11:40 - 2014-04-17 11:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-17 11:40 - 2014-04-17 11:40 - 00000000 ____D () C:\Program Files\iTunes
2014-04-17 11:40 - 2014-04-17 11:40 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-17 11:40 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-17 11:39 - 2014-04-17 11:39 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-17 11:39 - 2014-04-17 11:39 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-17 11:33 - 2014-04-17 11:36 - 00000000 ____D () C:\Windows\system32\CatRoot2_201442313556
2014-04-17 11:14 - 2014-04-17 11:14 - 00673280 _____ () C:\Users\sunny\Downloads\MicrosoftFixit50528.msi
2014-04-17 11:12 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 11:12 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 11:12 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 11:12 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 11:12 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 11:12 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 11:12 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 11:12 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 11:12 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 11:12 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 11:12 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 11:07 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-04-17 11:07 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-04-17 11:07 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-04-17 11:07 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-04-17 11:07 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-04-17 11:07 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-04-17 11:07 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-04-17 11:07 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-04-17 11:07 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-04-17 11:07 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-04-17 11:07 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-04-17 11:07 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-04-17 11:00 - 2014-04-17 11:00 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-17 11:00 - 2014-04-17 11:00 - 00000000 ____D () C:\inetpub
2014-04-16 18:18 - 2014-04-16 18:18 - 00000000 ____D () C:\Windows\CheckSur
2014-04-16 18:10 - 2014-05-08 12:08 - 00000282 _____ () C:\Windows\Tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A}.job
2014-04-16 18:10 - 2014-05-06 18:58 - 00003262 _____ () C:\Windows\System32\Tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A}
2014-04-16 18:08 - 2014-04-16 18:12 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-04-16 18:06 - 2014-04-16 18:14 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-04-16 18:03 - 2014-04-16 18:08 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-16 17:44 - 2014-04-16 18:07 - 470051719 _____ () C:\Users\sunny\Downloads\Windows6.1-KB947821-v32-x64.msu
==================== One Month Modified Files and Folders =======
2014-05-16 13:28 - 2014-05-16 13:28 - 00008443 _____ () C:\Users\sunny\Desktop\FRST.txt
2014-05-16 13:28 - 2014-05-16 13:28 - 00000000 ____D () C:\FRST
2014-05-16 13:26 - 2014-05-16 13:26 - 02067456 _____ (Farbar) C:\Users\sunny\Desktop\FRST64.exe
2014-05-16 13:12 - 2014-05-16 13:12 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-16 12:45 - 2014-05-16 12:45 - 00013703 _____ () C:\Users\sunny\Documents\Medikamentenliste 16052014.odt
2014-05-16 12:40 - 2014-05-16 12:40 - 00012011 _____ () C:\Users\sunny\Documents\Reaktionen auf...16052014.odt
2014-05-16 12:38 - 2014-05-16 12:37 - 00014263 _____ () C:\Users\sunny\Documents\OP-Liste 16052014.odt
2014-05-16 12:25 - 2009-07-14 06:45 - 00020272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-16 12:25 - 2009-07-14 06:45 - 00020272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-16 12:24 - 2014-05-16 12:12 - 00018073 _____ () C:\Users\sunny\Documents\Arztliste Erika 16052014.odt
2014-05-16 12:21 - 2014-02-26 15:35 - 01393567 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 12:17 - 2014-05-16 11:55 - 00000112 _____ () C:\Windows\setupact.log
2014-05-16 12:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 12:12 - 2014-05-16 12:12 - 00034384 _____ () C:\Users\sunny\Desktop\Extras.Txt
2014-05-16 12:11 - 2014-05-16 12:11 - 00071648 _____ () C:\Users\sunny\Desktop\OTL.Txt
2014-05-16 12:11 - 2011-04-12 09:43 - 00786722 _____ () C:\Windows\system32\perfh007.dat
2014-05-16 12:11 - 2011-04-12 09:43 - 00180824 _____ () C:\Windows\system32\perfc007.dat
2014-05-16 12:11 - 2009-07-14 07:13 - 01840484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-16 11:55 - 2014-05-16 11:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-15 21:11 - 2014-05-15 21:11 - 00006758 _____ () C:\Users\sunny\Documents\cc_20140515_211127.reg
2014-05-15 20:58 - 2014-05-15 20:58 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-05-15 20:52 - 2014-02-26 15:41 - 00000000 ____D () C:\Users\sunny
2014-05-15 20:43 - 2014-04-25 13:21 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-15 11:13 - 2014-05-15 11:13 - 00001986 _____ () C:\Users\sunny\Documents\Quickscan 15.05.2014.log
2014-05-15 11:12 - 2014-05-12 19:10 - 00000000 ____D () C:\Users\sunny\Documents\GMER
2014-05-15 11:11 - 2014-05-15 11:11 - 00001724 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-05-15 11:11 - 2014-05-15 10:31 - 00000000 ____D () C:\Program Files\Defraggler
2014-05-15 10:56 - 2014-02-26 15:42 - 00000000 ___RD () C:\Users\sunny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 10:56 - 2014-02-26 15:42 - 00000000 ___RD () C:\Users\sunny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 10:36 - 2014-05-15 10:36 - 00000023 _____ () C:\Windows\SysWOW64\CleanGenius3Free.dll
2014-05-15 09:43 - 2014-04-29 15:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 09:41 - 2014-02-27 16:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 09:40 - 2014-02-27 16:04 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 19:09 - 2014-05-12 19:09 - 00380416 _____ () C:\Users\sunny\Desktop\Gmer-19357.exe
2014-05-12 18:58 - 2014-05-12 18:58 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 18:58 - 2014-05-12 18:58 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-12 18:58 - 2014-05-12 18:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 18:58 - 2014-05-08 14:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 18:56 - 2014-05-12 18:56 - 00283144 _____ (Mozilla) C:\Users\sunny\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-12 17:29 - 2014-05-06 14:56 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-12 17:28 - 2014-05-12 17:28 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2014-05-12 17:28 - 2014-05-12 17:28 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-05-12 10:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-09 08:14 - 2014-05-15 09:37 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 09:37 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 15:20 - 2014-05-08 15:20 - 00198051 _____ () C:\Users\sunny\Downloads\bookmarks-08.05.2014.html
2014-05-08 14:25 - 2014-05-08 14:25 - 00000000 ____D () C:\Users\sunny\AppData\Local\Mozilla
2014-05-08 14:25 - 2014-05-06 18:16 - 00000000 ____D () C:\Users\sunny\AppData\Roaming\Mozilla
2014-05-08 12:08 - 2014-04-16 18:10 - 00000282 _____ () C:\Windows\Tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A}.job
2014-05-06 19:02 - 2014-05-06 19:02 - 00103434 _____ () C:\Users\sunny\Documents\cc_20140506_190204.reg
2014-05-06 18:59 - 2014-05-06 18:47 - 00000000 ____D () C:\ProgramData\G Data
2014-05-06 18:58 - 2014-04-16 18:10 - 00003262 _____ () C:\Windows\System32\Tasks\FF Watcher {9036F269-E2BC-4454-8362-1AB1A3FBAA4A}
2014-05-06 18:58 - 2014-04-05 14:56 - 00000000 ____D () C:\Windows\pss
2014-05-06 18:58 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-06 18:51 - 2014-05-06 18:51 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-05-06 18:51 - 2014-05-06 18:51 - 00002050 _____ () C:\Users\Public\Desktop\G Data InternetSecurity CBE.lnk
2014-05-06 18:51 - 2014-05-06 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE
2014-05-06 18:50 - 2014-05-06 18:50 - 00135168 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-05-06 18:50 - 2014-05-06 18:50 - 00065024 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-05-06 18:50 - 2014-05-06 18:50 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-05-06 18:50 - 2014-05-06 18:50 - 00057344 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-05-06 18:47 - 2014-05-06 18:47 - 00000000 ____D () C:\Program Files (x86)\G Data
2014-05-06 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-05-06 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-05-06 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-05-06 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-05-06 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-05-06 17:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 16:44 - 2014-05-06 16:44 - 00000000 __SHD () C:\Users\sunny\AppData\Local\EmieUserList
2014-05-06 16:44 - 2014-05-06 16:44 - 00000000 __SHD () C:\Users\sunny\AppData\Local\EmieSiteList
2014-05-06 06:40 - 2014-05-15 09:42 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 09:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 09:42 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 09:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 09:42 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 09:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 19:41 - 2014-05-04 19:16 - 00000000 ____D () C:\Users\sunny\AppData\Local\Canon Easy-PhotoPrint EX
2014-05-04 19:36 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-04 19:21 - 2014-03-26 19:35 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-04 19:19 - 2014-05-02 17:08 - 00000000 ____D () C:\Users\sunny\AppData\Roaming\Canon
2014-05-04 19:16 - 2014-05-04 19:16 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX
2014-05-03 16:52 - 2014-05-03 16:52 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-03 16:52 - 2014-05-03 16:52 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-03 16:52 - 2014-05-03 16:52 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-03 16:52 - 2014-05-03 16:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-03 16:52 - 2014-05-03 16:52 - 00000000 ____D () C:\Program Files\Java
2014-05-03 16:52 - 2014-05-02 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-03 16:51 - 2014-05-03 16:50 - 34131368 _____ (Oracle Corporation) C:\Users\sunny\Downloads\jre-8u5-windows-x64.exe
2014-05-03 15:20 - 2009-07-14 06:45 - 00295440 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-02 18:11 - 2014-03-19 14:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-02 18:06 - 2014-05-02 18:06 - 00004328 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-02 18:06 - 2014-03-19 14:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-02 17:12 - 2014-05-02 17:12 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-05-02 17:09 - 2014-05-02 17:09 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-05-02 17:08 - 2014-02-27 17:40 - 00064416 _____ () C:\Users\sunny\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-02 17:03 - 2014-05-02 17:02 - 00000000 ___SD () C:\Users\sunny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-05-02 17:03 - 2014-04-15 13:48 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-05-02 17:02 - 2014-05-02 17:02 - 00001188 _____ () C:\Users\sunny\Desktop\OpenOffice 4.1.0.lnk
2014-05-02 16:56 - 2014-05-02 16:56 - 00000000 ____D () C:\Users\sunny\Downloads\OpenOffice 4.1.0 (de) Installation Files
2014-05-02 16:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-02 16:42 - 2014-03-26 19:30 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-02 16:40 - 2014-05-02 16:40 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-05-02 16:37 - 2014-05-02 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5100 series Benutzerregistrierung
2014-05-02 16:36 - 2014-05-02 16:36 - 00011350 _____ () C:\Users\sunny\Documents\Norwegengrundausrüstung.xlsx
2014-05-02 16:35 - 2014-05-02 16:35 - 00028672 _____ () C:\Users\sunny\Documents\Einkaufzettel 2014 97 6 Personen.xls
2014-05-02 16:35 - 2014-03-26 19:32 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-05-02 16:35 - 2014-03-26 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-05-02 16:34 - 2014-05-02 16:34 - 00000000 ____D () C:\Program Files\Canon
2014-05-02 15:57 - 2014-05-02 15:48 - 164962843 _____ () C:\Users\sunny\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_de.exe
2014-05-02 15:42 - 2014-05-02 14:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-02 14:49 - 2014-02-26 16:06 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-02 14:49 - 2014-02-26 16:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-02 14:36 - 2014-05-02 14:36 - 04745984 _____ (Piriform Ltd) C:\Users\sunny\Downloads\ccsetup413.exe
2014-05-02 14:32 - 2014-03-03 19:49 - 00000000 ____D () C:\Users\sunny\AppData\Local\Adobe
2014-05-02 14:24 - 2014-05-02 14:24 - 00000000 ____D () C:\Users\sunny\AppData\Roaming\OpenOffice
2014-05-02 14:18 - 2014-02-26 16:42 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-02 14:18 - 2014-02-26 16:42 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 13:22 - 2014-04-25 13:22 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-04-25 13:14 - 2014-04-25 13:12 - 50284752 _____ (Microsoft Corporation) C:\Users\sunny\Downloads\MouseKeyboardCenter_64bit_DEU_2.3.188.exe
2014-04-17 11:41 - 2014-04-17 11:41 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-17 11:41 - 2014-04-17 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-17 11:40 - 2014-04-17 11:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-17 11:40 - 2014-04-17 11:40 - 00000000 ____D () C:\Program Files\iTunes
2014-04-17 11:40 - 2014-04-17 11:40 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-17 11:39 - 2014-04-17 11:39 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-17 11:39 - 2014-04-17 11:39 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-17 11:36 - 2014-04-17 11:33 - 00000000 ____D () C:\Windows\system32\CatRoot2_201442313556
2014-04-17 11:31 - 2014-02-26 15:41 - 00000000 ____D () C:\Users\sunny\AppData\Local\VirtualStore
2014-04-17 11:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-04-17 11:14 - 2014-04-17 11:14 - 00673280 _____ () C:\Users\sunny\Downloads\MicrosoftFixit50528.msi
2014-04-17 11:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\CatRoot2_2014417111510
2014-04-17 11:03 - 2014-02-26 18:25 - 01726076 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-17 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-04-17 11:00 - 2014-04-17 11:00 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-17 11:00 - 2014-04-17 11:00 - 00000000 ____D () C:\inetpub
2014-04-17 11:00 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-17 11:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-04-17 11:00 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-17 11:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 18:18 - 2014-04-16 18:18 - 00000000 ____D () C:\Windows\CheckSur
2014-04-16 18:14 - 2014-04-16 18:06 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-04-16 18:12 - 2014-04-16 18:08 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-04-16 18:08 - 2014-04-16 18:03 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-16 18:07 - 2014-04-16 17:44 - 470051719 _____ () C:\Users\sunny\Downloads\Windows6.1-KB947821-v32-x64.msu
2014-04-16 18:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-16 18:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2014-05-15 09:37] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-12 12:46
==================== End Of Log ============================ --- --- ---
--- --- --- |