FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2013
Ran by Pelka (administrator) on 10-08-2013 16:11:11
Running from C:\Users\Pelka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Windows\jmesoft\Service.exe
( ) C:\Windows\system32\lxeacoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
() C:\Windows\jmesoft\JME_LOAD.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12850792 2011-09-05] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] - C:\Windows\SysWOW64\UMonit.exe [49152 2011-05-25] ()
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM\...\Run: [lxeamon.exe] - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [770728 2011-01-23] ()
HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [148280 2011-01-23] ()
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Pelka\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-07-13] (Google Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [jmekey] - C:\Windows\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo)
HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] ()
HKLM-x32\...\Run: [LVT] - C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [IR_SERVER] - C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe [x]
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Pelka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: msdaipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
FireFox:
========
FF ProfilePath: C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t-immersion.com/DFusionHomeWebPlugIn - C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Pelka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Pelka\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Pelka\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Pelka\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Pelka\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\searchplugins\ashampoo-de-customized-web-search-1.xml
FF SearchPlugin: C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\searchplugins\ashampoo-de-customized-web-search.xml
FF SearchPlugin: C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\searchplugins\gutscheinsuche.xml
FF Extension: Foxdie - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\Foxdie@tanjihay.com
FF Extension: Widevine Media Optimizer - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}
FF Extension: Yahoo! Toolbar - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: No Name - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\{29852C08-1E91-4889-A6BF-C77F91D6A8F3}.xpi
FF Extension: No Name - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\{aa26583b-4c35-4729-913e-156956078824}.xpi
FF Extension: No Name - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi
FF Extension: No Name - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi
FF Extension: No Name - C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\Extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
==================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-09] (Adobe Systems)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe" [x]
==================== Drivers (Whitelisted) ====================
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [101376 2011-11-21] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [217088 2011-11-21] (Renesas Electronics Corporation)
S3 catchme; \??\C:\uninstall.exe\catchme.sys [x]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-10 16:08 - 2013-08-10 16:08 - 01790633 _____ (Farbar) C:\Users\Pelka\Desktop\FRST64.exe
2013-08-03 23:21 - 2013-08-03 23:23 - 00000000 ____D C:\Windows\system32\MRT
2013-08-02 10:39 - 2013-08-02 10:39 - 00000000 _____ C:\Users\Pelka\AppData\Roaming\DVAP.set
2013-08-02 10:38 - 2013-08-02 10:38 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-08-02 10:38 - 2010-05-09 10:01 - 00108032 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-07-28 15:44 - 2013-07-28 15:44 - 00000000 ____D C:\Users\Pelka\Desktop\Urlaub Theresa
2013-07-25 10:33 - 2013-08-10 16:03 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000UA.job
2013-07-25 10:33 - 2013-08-10 11:24 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000Core.job
2013-07-25 10:33 - 2013-07-25 10:33 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000UA
2013-07-25 10:33 - 2013-07-25 10:33 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000Core
2013-07-11 23:34 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 23:34 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 23:34 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 23:34 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 23:34 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 23:34 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 23:34 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 23:34 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 23:34 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 23:34 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 23:34 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 23:34 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 23:34 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 23:34 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 23:34 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 23:34 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 23:34 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 23:34 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-11 23:34 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 23:34 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 23:34 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 23:34 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 22:20 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 22:20 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 22:19 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 22:19 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 22:15 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 22:12 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 22:12 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
==================== One Month Modified Files and Folders =======
2013-08-10 16:11 - 2009-07-14 06:45 - 00031248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-10 16:11 - 2009-07-14 06:45 - 00031248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-10 16:09 - 2012-12-15 23:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-10 16:08 - 2013-08-10 16:08 - 01790633 _____ (Farbar) C:\Users\Pelka\Desktop\FRST64.exe
2013-08-10 16:03 - 2013-07-25 10:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000UA.job
2013-08-10 16:03 - 2012-12-08 21:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-10 12:31 - 2012-05-19 17:50 - 01606686 _____ C:\Windows\WindowsUpdate.log
2013-08-10 11:24 - 2013-07-25 10:33 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000Core.job
2013-08-10 10:07 - 2012-12-11 12:32 - 00000000 ____D C:\Users\Pelka\AppData\Roaming\Skype
2013-08-10 09:25 - 2013-01-04 18:21 - 00000000 ____D C:\Users\Pelka\AppData\Local\HTC MediaHub
2013-08-10 09:25 - 2012-12-15 23:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-10 09:25 - 2012-12-11 12:22 - 00047815 _____ C:\ProgramData\lxeascan.log
2013-08-10 09:13 - 2012-05-20 03:03 - 00763398 _____ C:\Windows\system32\perfh007.dat
2013-08-10 09:13 - 2012-05-20 03:03 - 00170534 _____ C:\Windows\system32\perfc007.dat
2013-08-10 09:13 - 2009-07-14 07:13 - 01777080 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-10 09:09 - 2013-06-02 00:06 - 00007199 _____ C:\Windows\setupact.log
2013-08-10 09:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-09 06:35 - 2013-05-10 21:59 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2013-08-07 23:12 - 2012-12-11 12:24 - 00000000 ____D C:\ProgramData\Lx_cats
2013-08-07 07:41 - 2012-12-08 18:29 - 00000000 ____D C:\Users\Pelka\AppData\Roaming\Mozilla
2013-08-04 14:29 - 2013-03-30 14:45 - 00000000 ____D C:\Users\Pelka\Desktop\Photoshop Thomas
2013-08-03 23:23 - 2013-08-03 23:21 - 00000000 ____D C:\Windows\system32\MRT
2013-08-02 10:39 - 2013-08-02 10:39 - 00000000 _____ C:\Users\Pelka\AppData\Roaming\DVAP.set
2013-08-02 10:39 - 2012-12-29 07:03 - 00007680 _____ C:\Users\Pelka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-02 10:38 - 2013-08-02 10:38 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-08-02 00:05 - 2012-12-08 21:28 - 00000000 ____D C:\Users\Pelka\AppData\Roaming\FileZilla
2013-07-30 23:27 - 2012-12-09 14:30 - 00000000 ___RD C:\Users\Pelka\Desktop\Masterordner
2013-07-30 23:27 - 2012-12-08 21:09 - 00000000 ___RD C:\Users\Pelka\Desktop\Website_neu
2013-07-30 19:14 - 2012-12-09 01:37 - 01846784 ___SH C:\Users\Pelka\Desktop\Thumbs.db
2013-07-28 21:14 - 2012-05-19 17:48 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-28 15:44 - 2013-07-28 15:44 - 00000000 ____D C:\Users\Pelka\Desktop\Urlaub Theresa
2013-07-25 10:33 - 2013-07-25 10:33 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000UA
2013-07-25 10:33 - 2013-07-25 10:33 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000Core
2013-07-25 10:33 - 2012-12-08 18:25 - 00000000 ____D C:\Users\Pelka\AppData\Local\Google
2013-07-20 00:19 - 2013-03-25 18:53 - 00016296 _____ C:\ProgramData\lxea.log
2013-07-17 22:00 - 2012-12-11 23:15 - 00000370 _____ C:\ProgramData\lxeaDiagnostics.log
2013-07-13 00:04 - 2012-12-15 23:04 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 00:04 - 2012-12-15 23:04 - 00003852 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 07:14 - 2009-07-14 06:45 - 05019936 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 07:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 07:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-11 23:37 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-02 17:31
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2013
Ran by Pelka at 2013-08-10 16:11:54
Running from C:\Users\Pelka\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Reader XI - Deutsch (x32 Version: 11.0.00)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft TotalMedia 3.5 (x32 Version: 3.5.7.307)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6514.5001)
D3DX10 (x32 Version: 15.4.2368.0902)
Driver & Application Installation (x32 Version: 6.02.0316)
eaner (Version: 4.00)
ElsterFormular (x32 Version: 14.1.20130301)
Falk Navi-Manager (x32 Version: 2.16.0)
ffdshow v1.1.3425 [2010-05-08] (x32 Version: 1.1.3425.0)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
FilmRiss 0.1.27 (x32 Version: 0.1.27)
Free YouTube Download version 3.1.41.1201 (x32 Version: 3.1.41.1201)
Freemake Video Converter Version 3.2.1 (x32 Version: 3.2.1)
Genesys USB Mass Storage Device (x32 Version: 4.0.2.3)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Talk Plugin (x32 Version: 4.4.2.14502)
Google Update Helper (x32 Version: 1.3.21.153)
HTC Driver Installer (x32 Version: 4.2.0.001)
HTC Sync Manager (x32 Version: 2.0.61.0)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 8.0.0.1351)
Intel(R) OpenCL CPU Runtime (x32)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2598)
Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
IPTInstaller (x32 Version: 4.0.8)
jAlbum (x32 Version: 10.10.8)
Java 7 Update 15 (x32 Version: 7.0.150)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Lenovo Assistant (x32 Version: 1.0.0.30)
Lenovo Blacksilk USB Keyboard Driver (x32 Version: V1.4.11.0608)
Lenovo Power2Go (x32 Version: 6.0.6008)
Lenovo Registration (x32 Version: 1.0.4)
Lenovo Rescue System (Version: 3.0.3810)
Lenovo Rescue System (x32 Version: 3.0.3810)
Lexmark S300-S400 Series
LVT (x32 Version: 1.01.0213)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.6)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Corporation (x32 Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office FrontPage 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Silverlight (x32 Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
PDF Settings CS6 (x32 Version: 11.0)
PDFCreator (x32 Version: 1.6.0)
Pinnacle Studio 16 - Install Manager (x32 Version: 16.10.115)
PlayReady PC Runtime amd64 (Version: 1.3.0)
QuickTime (x32 Version: 7.73.80.64)
REALTEK DTV USB DEVICE (x32 Version: 1.00.0000)
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6454)
Revo Uninstaller Pro 3.0.5 (Version: 3.0.5)
Skype™ 6.0 (x32 Version: 6.0.126)
Skype™ 6.5 (x32 Version: 6.5.158)
TIPP10 Version 2.1.0 (x32)
TotalMedia Setup (x32 Version: 1.00.0000)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
WOW Slider (x32)
==================== Restore Points =========================
01-08-2013 22:05:51 Windows Update
02-08-2013 22:02:11 Windows Update
03-08-2013 21:19:27 Windows Update
04-08-2013 22:02:26 Windows Update
05-08-2013 06:57:28 Windows Update
05-08-2013 21:16:19 Windows Update
06-08-2013 21:48:52 Windows Update
07-08-2013 21:33:37 Windows Update
08-08-2013 21:14:39 Windows Update
09-08-2013 21:54:44 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-06-12 09:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {05F999F6-37C3-40C8-93B4-8CB7B68B3482} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {0CB5926A-98E4-4F79-82BF-8EB76C947B65} - System32\Tasks\{EF7690E8-75FF-40FE-B69D-8E748FB8E365} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe No File
Task: {0ECB86F1-A8D0-4EC9-A99F-7A200CEED6F6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe No File
Task: {1647B538-8096-424C-A470-68EF27BE0451} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {1C45385E-81EC-455D-9126-616A4A46B8E1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000Core => C:\Users\Pelka\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {28747CA7-0211-4084-9849-F959ACA5A113} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {2CA12A14-8186-49C1-A97B-5B12134171F6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe No File
Task: {33269FAB-5BFE-4BB7-A093-A745501D52DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-15] (Google Inc.)
Task: {66BFEDFA-9E27-42BD-BFF7-2B630FBB6C86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe No File
Task: {6C56DE59-4D7B-4162-86EF-5EDCE22F9BE4} - System32\Tasks\{9196B27C-22A5-4EA5-BD9A-0A26FE92863C} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe No File
Task: {73CE2FE3-197E-4FA8-BABD-BE622442E7A8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File
Task: {7896389D-02D0-45FF-9460-50C49B99E3FB} - System32\Tasks\{2EEB0D3E-5B8F-4C91-8BB8-438A05166E0B} => E:\software\setup.exe No File
Task: {867DAB3F-491B-4BCE-8572-45DB7029ABEC} - System32\Tasks\{EF55F9AC-F5A9-4FAB-9B5F-E44D58E3D736} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe No File
Task: {9B758849-D871-4D14-A06E-CD6BB41B86E9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {D1C92601-8210-4108-9163-995D70E7A382} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {DBA2F9E8-023C-4E72-90A3-E8FFA714DD6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-15] (Google Inc.)
Task: {E0B801E2-504F-4482-A687-4A4CC2850F3D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000UA => C:\Users\Pelka\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {FA1DF074-FE10-4916-9EA9-FAB5430C25BB} - System32\Tasks\OFFICE2010ACT => C:\Windows\system32\OFFICEICON.vbs [2012-02-23] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000Core.job => C:\Users\Pelka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1042785062-2963155747-956239600-1000UA.job => C:\Users\Pelka\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/10/2013 09:10:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/09/2013 06:37:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/09/2013 10:40:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/09/2013 06:37:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/08/2013 07:13:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2013 07:15:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/06/2013 07:18:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 08:55:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/04/2013 11:33:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/03/2013 00:07:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (08/10/2013 09:52:18 AM) (Source: DCOM) (User: Pelka-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Pelka-PCPelkaS-1-5-21-1042785062-2963155747-956239600-1000LocalHost (unter Verwendung von LRPC)
Error: (08/10/2013 09:10:13 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/10/2013 09:09:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/10/2013 09:09:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/10/2013 09:09:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxeaCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/10/2013 09:09:14 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxeaCATSCustConnectService erreicht.
Error: (08/09/2013 11:55:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2847559)
Error: (08/09/2013 06:37:24 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/09/2013 06:36:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/09/2013 06:36:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (08/10/2013 09:10:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/09/2013 06:37:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/09/2013 10:40:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/09/2013 06:37:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/08/2013 07:13:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2013 07:15:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/06/2013 07:18:20 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 08:55:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/04/2013 11:33:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/03/2013 00:07:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-06-12 09:18:51.067
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\uninstall.exe\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-12 09:18:51.021
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\uninstall.exe\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-09 16:07:42.417
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AVerAF35.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-09 16:07:42.367
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AVerAF35.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-09 16:05:17.991
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AVerAF35.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-09 16:05:17.921
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AVerAF35.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-08 10:47:24.030
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-08 10:47:23.983
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-07 07:41:15.726
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AVerAF35.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-07 07:41:15.633
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AVerAF35.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 50%
Total physical RAM: 3990.88 MB
Available physical RAM: 1992.24 MB
Total Pagefile: 7979.93 MB
Available Pagefile: 5828.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:906.24 GB) (Free:700.91 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6FA0DD9C)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=12)
==================== End Of Log ============================ |