next one: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows 8 x64
Ran by Sandra on 29.08.2013 at 14:37:12,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\ProgramData\datamngr"
Failed to delete: [Folder] "C:\ProgramData\wincert"
Failed to delete: [Folder] "C:\Program Files (x86)\movies toolbar"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.08.2013 at 14:44:30,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und hier die letzten zwei:
mei, vielen vielen vielen dank!!! :-)
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013
Ran by Sandra (administrator) on 29-08-2013 14:54:39
Running from C:\Users\Sandra\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee.com\agent\mcagent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\mcafee\VirusScan\mcods.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-05] ()
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [RadioController] - C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-02-04] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-10-24] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-10-24] (Acer Incorporated)
AppInit_DLLs: [0 ] ()
AppInit_DLLs-x32: [0 ] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {559FBB58-28EC-4CD2-B5E8-25F8A2D87047} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {559FBB58-28EC-4CD2-B5E8-25F8A2D87047} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {559FBB58-28EC-4CD2-B5E8-25F8A2D87047} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {559FBB58-28EC-4CD2-B5E8-25F8A2D87047} URL =
SearchScopes: HKCU - {559FBB58-28EC-4CD2-B5E8-25F8A2D87047} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
DPF: HKLM-x32 {5852F5ED-8BF4-11D4-A245-0080C6F74284} hxxp://javadl-esd.oracle.com/update/1.6.0/jinstall-6u20-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\fhqqeuge.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.at
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-29] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [811064 2013-07-29] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-27] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [384048 2013-02-25] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-07] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-02-04] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-07-29] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-07-29] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [83672 2013-07-29] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
R3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-02-04] (Dritek System Inc.)
U3 mfeavfk01; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-29 14:44 - 2013-08-29 14:44 - 00000854 _____ C:\Users\Sandra\Desktop\JRT.txt
2013-08-29 14:37 - 2013-08-29 14:37 - 00000000 ____D C:\Windows\ERUNT
2013-08-29 14:36 - 2013-08-29 14:36 - 01023533 _____ (Thisisu) C:\Users\Sandra\Downloads\JRT (1).exe
2013-08-29 14:23 - 2013-08-29 14:23 - 01023533 _____ (Thisisu) C:\Users\Sandra\Downloads\JRT.exe
2013-08-29 14:20 - 2013-08-29 14:23 - 01023533 _____ (Thisisu) C:\Users\Sandra\Downloads\JRT_exe
2013-08-29 13:16 - 2013-08-29 13:16 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-29 13:08 - 2013-08-29 13:12 - 00000000 ____D C:\AdwCleaner
2013-08-29 12:44 - 2013-08-29 12:44 - 00994642 _____ C:\Users\Sandra\Desktop\adwcleaner.exe
2013-08-29 12:26 - 2013-08-29 12:26 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Malwarebytes
2013-08-29 12:25 - 2013-08-29 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 12:25 - 2013-08-29 12:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 12:25 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-29 12:24 - 2013-08-29 12:24 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sandra\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-26 00:51 - 2013-08-26 00:51 - 00000000 ____D C:\FRST
2013-08-25 15:05 - 2013-08-25 15:05 - 00050477 _____ C:\Users\Sandra\Desktop\Defogger.exe
2013-08-19 11:24 - 2013-08-19 11:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 10:15 - 2013-08-19 10:16 - 00014848 ___SH C:\Users\Sandra\Desktop\Thumbs.db
2013-08-16 23:43 - 2013-08-17 00:01 - 00000000 ____D C:\Users\Sandra\Documents\Hochzeit Susanne u. Johannes
2013-08-16 23:43 - 2013-08-16 23:43 - 00000000 ____D C:\Users\Sandra\AppData\Local\clear.fi
2013-08-16 21:02 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-16 21:02 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-16 21:02 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-16 21:01 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 21:01 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 21:01 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-16 21:01 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-16 21:01 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 21:01 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 21:01 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 21:01 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 21:01 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 21:01 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 21:01 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-16 21:01 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 21:01 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 21:01 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 21:01 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 21:01 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 21:01 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 21:01 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 21:01 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 21:01 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 21:01 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-16 21:01 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-16 21:01 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-16 21:00 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 21:00 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 20:59 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-16 20:59 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-16 20:59 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-16 20:59 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-16 20:59 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-16 20:59 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-16 20:59 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-16 20:59 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-16 20:59 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-13 12:36 - 2013-08-13 12:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-08-13 09:20 - 2013-08-13 09:20 - 00001402 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-08-13 09:19 - 2013-08-13 09:20 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-13 09:13 - 2013-08-29 12:40 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\DVDVideoSoft
2013-08-13 09:12 - 2013-08-13 09:12 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Sandra\Downloads\FreeYouTubeToMP3Converter-3.12.9.725.exe
2013-08-10 19:06 - 2013-08-16 23:42 - 00000000 ____D C:\Users\Sandra\AppData\Local\Deployment
2013-08-10 19:06 - 2013-08-10 19:06 - 00000000 ____D C:\Users\Sandra\AppData\Local\Apps\2.0
2013-08-10 18:54 - 2013-08-10 18:54 - 00427328 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-10 18:43 - 2013-08-10 18:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-08-10 18:42 - 2013-08-10 18:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2013-08-10 18:41 - 2013-08-10 18:41 - 00000000 ____D C:\Windows\PCHEALTH
2013-08-10 18:39 - 2013-08-10 18:39 - 00000000 ____D C:\Program Files\Microsoft Office
2013-08-10 18:39 - 2013-08-10 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-08-10 18:38 - 2013-08-10 18:38 - 00000000 __RHD C:\MSOCache
2013-08-10 18:35 - 2013-08-10 18:36 - 00000000 ____D C:\Office
2013-08-10 14:55 - 2013-08-10 17:43 - 264821640 _____ C:\Users\Sandra\Downloads\EnterWW.cab
2013-08-10 11:57 - 2013-08-29 13:12 - 00000000 ____D C:\ProgramData\Datamngr
2013-08-10 11:57 - 2013-08-10 11:57 - 00000000 ____D C:\ProgramData\Wincert
2013-08-10 11:57 - 2013-08-10 11:57 - 00000000 ____D C:\Program Files (x86)\Movies Toolbar
2013-08-08 21:40 - 2013-08-19 10:22 - 00000000 ____D C:\Windows\system32\MRT
2013-08-08 21:07 - 2013-08-10 18:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-08 21:07 - 2013-08-08 21:07 - 00000000 ____D C:\Users\Sandra\AppData\Local\Microsoft Help
2013-08-08 11:41 - 2013-08-08 11:41 - 00000000 ____D C:\Users\Sandra\AppData\Local\Macromedia
2013-08-08 11:39 - 2013-08-08 11:41 - 00000000 ____D C:\Users\Sandra\AppData\Local\Adobe
2013-08-07 22:39 - 2013-08-07 22:39 - 00000783 _____ C:\Windows\ie8_main.log
2013-08-07 20:59 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-08-07 20:59 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-08-07 20:58 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-08-07 20:58 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-08-07 20:58 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-08-07 20:58 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-08-07 20:58 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-08-07 20:58 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-07 20:58 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-08-07 20:58 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-08-07 20:58 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-08-07 20:58 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-08-07 20:58 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-08-07 20:58 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-08-07 20:58 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-08-07 20:58 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-08-07 20:58 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-08-07 20:58 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-08-07 20:58 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-07 20:58 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-08-07 20:58 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-08-07 20:58 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-08-07 20:58 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-08-07 20:58 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-08-07 20:58 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-08-07 20:58 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-08-07 20:58 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-08-07 20:58 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-08-07 20:58 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-08-07 20:58 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-08-07 20:58 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-08-07 20:58 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-08-07 20:58 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-08-07 20:58 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-08-07 20:48 - 2012-11-20 07:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-08-07 20:48 - 2012-11-20 07:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-08-07 20:48 - 2012-11-20 07:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-08-07 20:48 - 2012-11-20 06:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2013-08-07 20:48 - 2012-11-08 06:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-08-07 20:48 - 2012-11-08 06:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-08-07 20:48 - 2012-11-08 06:25 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-07 20:48 - 2012-11-08 06:22 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-08-07 20:48 - 2012-11-08 06:22 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-08-07 20:48 - 2012-11-08 06:22 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-07 20:47 - 2012-11-27 08:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2013-08-07 20:47 - 2012-11-27 06:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-08-07 20:47 - 2012-11-27 06:20 - 01217536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-08-07 20:47 - 2012-11-27 06:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-08-07 20:47 - 2012-11-27 06:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-08-07 20:47 - 2012-11-27 06:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-08-07 20:47 - 2012-11-27 06:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-08-07 20:47 - 2012-11-27 06:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-08-07 20:47 - 2012-11-27 06:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-08-07 20:47 - 2012-11-27 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-08-07 20:47 - 2012-11-27 06:19 - 03245568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-07 20:47 - 2012-11-27 06:19 - 01536512 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2013-08-07 20:47 - 2012-11-27 06:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2013-08-07 20:47 - 2012-11-27 06:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2013-08-07 20:47 - 2012-11-27 06:19 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-08-07 20:47 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2013-08-07 20:47 - 2012-11-27 06:18 - 01071104 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-08-07 20:47 - 2012-11-27 06:18 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-08-07 20:47 - 2012-11-27 06:18 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-08-07 20:47 - 2012-11-27 06:17 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-08-07 20:47 - 2012-09-11 07:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2013-08-07 20:47 - 2012-09-11 07:27 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2013-08-07 20:46 - 2012-12-04 06:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-08-07 20:45 - 2012-11-06 09:52 - 00277736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-08-07 20:45 - 2012-11-06 09:33 - 01566432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-08-07 20:45 - 2012-11-06 06:48 - 01150160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-08-07 20:45 - 2012-11-06 06:20 - 00883712 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-08-07 20:45 - 2012-11-06 06:20 - 00516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-08-07 20:45 - 2012-11-06 06:20 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-08-07 20:45 - 2012-11-06 06:20 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-08-07 20:45 - 2012-11-06 06:20 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2013-08-07 20:45 - 2012-11-06 06:20 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-08-07 20:45 - 2012-11-06 06:20 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 08552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2013-08-07 20:45 - 2012-11-06 06:19 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2013-08-07 20:45 - 2012-11-06 06:18 - 11459584 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2013-08-07 20:45 - 2012-11-06 06:18 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-08-07 20:45 - 2012-11-06 06:18 - 00976384 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-07 20:45 - 2012-11-06 06:18 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-08-07 20:45 - 2012-11-06 06:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2013-08-07 20:45 - 2012-11-06 06:18 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2013-08-07 20:45 - 2012-11-06 06:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-08-07 20:45 - 2012-11-06 06:17 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-08-07 20:45 - 2012-11-06 06:17 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2013-08-07 20:45 - 2012-11-06 05:53 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-08-07 20:45 - 2012-11-06 05:51 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-07 20:44 - 2012-11-06 06:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-08-07 20:44 - 2012-11-06 06:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2013-08-07 20:44 - 2012-11-06 05:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2013-08-07 20:44 - 2012-11-06 05:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-08-07 20:44 - 2012-11-06 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2013-08-07 20:44 - 2012-11-06 05:55 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2013-08-07 20:44 - 2012-11-06 05:55 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2013-08-07 20:44 - 2012-11-06 05:55 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2013-08-07 20:44 - 2012-11-06 05:55 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2013-08-05 18:59 - 2013-08-05 18:59 - 00015360 ___SH C:\Users\Sandra\Downloads\Thumbs.db
2013-08-03 11:01 - 2013-08-03 11:01 - 00000000 ____D C:\Users\Sandra\AppData\Local\Mozilla
2013-08-03 10:59 - 2013-08-24 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-03 10:59 - 2013-08-03 10:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-03 10:59 - 2013-08-03 10:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-03 10:55 - 2013-08-03 10:56 - 00003542 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-30 13:29 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-30 13:14 - 2013-06-28 00:04 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-30 13:14 - 2013-06-28 00:04 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-30 12:20 - 2013-08-03 10:55 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-30 11:39 - 2013-08-19 10:20 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== One Month Modified Files and Folders =======
2013-08-29 14:53 - 2013-08-29 14:53 - 01579080 _____ (Farbar) C:\Users\Sandra\Desktop\FRST64.exe
2013-08-29 14:50 - 2013-07-27 19:57 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-670448937-171419631-3567303464-1001
2013-08-29 14:48 - 2013-07-27 19:50 - 01422480 _____ C:\Windows\WindowsUpdate.log
2013-08-29 14:44 - 2013-08-29 14:44 - 00000854 _____ C:\Users\Sandra\Desktop\JRT.txt
2013-08-29 14:37 - 2013-08-29 14:37 - 00000000 ____D C:\Windows\ERUNT
2013-08-29 14:36 - 2013-08-29 14:36 - 01023533 _____ (Thisisu) C:\Users\Sandra\Downloads\JRT (1).exe
2013-08-29 14:23 - 2013-08-29 14:23 - 01023533 _____ (Thisisu) C:\Users\Sandra\Downloads\JRT.exe
2013-08-29 14:23 - 2013-08-29 14:20 - 01023533 _____ (Thisisu) C:\Users\Sandra\Downloads\JRT_exe
2013-08-29 14:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-29 13:20 - 2013-02-05 00:19 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-08-29 13:20 - 2013-02-05 00:19 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-08-29 13:20 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-29 13:16 - 2013-08-29 13:16 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-29 13:16 - 2012-12-24 19:48 - 00053284 _____ C:\Windows\system32\wpbbin.exe
2013-08-29 13:16 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-29 13:12 - 2013-08-29 13:08 - 00000000 ____D C:\AdwCleaner
2013-08-29 13:12 - 2013-08-10 11:57 - 00000000 ____D C:\ProgramData\Datamngr
2013-08-29 12:55 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-08-29 12:46 - 2012-12-24 21:08 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-08-29 12:46 - 2012-12-24 19:48 - 00025074 _____ C:\Windows\PFRO.log
2013-08-29 12:44 - 2013-08-29 12:44 - 00994642 _____ C:\Users\Sandra\Desktop\adwcleaner.exe
2013-08-29 12:40 - 2013-08-13 09:13 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\DVDVideoSoft
2013-08-29 12:34 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-29 12:26 - 2013-08-29 12:26 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Malwarebytes
2013-08-29 12:25 - 2013-08-29 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 12:25 - 2013-08-29 12:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 12:24 - 2013-08-29 12:24 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sandra\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 00:53 - 2013-07-27 19:51 - 00000000 ___RD C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-29 00:53 - 2013-07-27 19:50 - 00000000 ____D C:\Users\Sandra
2013-08-28 15:10 - 2013-07-29 21:51 - 00004914 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-28 14:47 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-26 00:51 - 2013-08-26 00:51 - 00000000 ____D C:\FRST
2013-08-25 15:05 - 2013-08-25 15:05 - 00050477 _____ C:\Users\Sandra\Desktop\Defogger.exe
2013-08-24 23:40 - 2013-08-03 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-20 14:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-19 11:24 - 2013-08-19 11:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 10:24 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-19 10:24 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-19 10:22 - 2013-08-08 21:40 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 10:20 - 2013-07-30 11:39 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-19 10:16 - 2013-08-19 10:15 - 00014848 ___SH C:\Users\Sandra\Desktop\Thumbs.db
2013-08-19 08:35 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-08-17 00:01 - 2013-08-16 23:43 - 00000000 ____D C:\Users\Sandra\Documents\Hochzeit Susanne u. Johannes
2013-08-16 23:43 - 2013-08-16 23:43 - 00000000 ____D C:\Users\Sandra\AppData\Local\clear.fi
2013-08-16 23:42 - 2013-08-10 19:06 - 00000000 ____D C:\Users\Sandra\AppData\Local\Deployment
2013-08-13 12:36 - 2013-08-13 12:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-08-13 12:36 - 2012-07-26 09:21 - 00026188 _____ C:\Windows\setupact.log
2013-08-13 09:20 - 2013-08-13 09:20 - 00001402 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-08-13 09:20 - 2013-08-13 09:19 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-13 09:12 - 2013-08-13 09:12 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Sandra\Downloads\FreeYouTubeToMP3Converter-3.12.9.725.exe
2013-08-10 19:06 - 2013-08-10 19:06 - 00000000 ____D C:\Users\Sandra\AppData\Local\Apps\2.0
2013-08-10 18:54 - 2013-08-10 18:54 - 00427328 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-10 18:45 - 2013-08-08 21:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-10 18:43 - 2013-08-10 18:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-08-10 18:43 - 2013-02-04 16:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-08-10 18:43 - 2012-12-24 19:57 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-08-10 18:42 - 2013-08-10 18:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2013-08-10 18:41 - 2013-08-10 18:41 - 00000000 ____D C:\Windows\PCHEALTH
2013-08-10 18:40 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-10 18:39 - 2013-08-10 18:39 - 00000000 ____D C:\Program Files\Microsoft Office
2013-08-10 18:39 - 2013-08-10 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-08-10 18:39 - 2012-07-26 09:52 - 00000000 ____D C:\Windows\ShellNew
2013-08-10 18:39 - 2012-07-26 07:26 - 00000199 _____ C:\Windows\win.ini
2013-08-10 18:38 - 2013-08-10 18:38 - 00000000 __RHD C:\MSOCache
2013-08-10 18:36 - 2013-08-10 18:35 - 00000000 ____D C:\Office
2013-08-10 17:43 - 2013-08-10 14:55 - 264821640 _____ C:\Users\Sandra\Downloads\EnterWW.cab
2013-08-10 11:57 - 2013-08-10 11:57 - 00000000 ____D C:\ProgramData\Wincert
2013-08-10 11:57 - 2013-08-10 11:57 - 00000000 ____D C:\Program Files (x86)\Movies Toolbar
2013-08-08 21:07 - 2013-08-08 21:07 - 00000000 ____D C:\Users\Sandra\AppData\Local\Microsoft Help
2013-08-08 19:50 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-08-08 11:41 - 2013-08-08 11:41 - 00000000 ____D C:\Users\Sandra\AppData\Local\Macromedia
2013-08-08 11:41 - 2013-08-08 11:39 - 00000000 ____D C:\Users\Sandra\AppData\Local\Adobe
2013-08-07 22:39 - 2013-08-07 22:39 - 00000783 _____ C:\Windows\ie8_main.log
2013-08-06 20:56 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-08-06 20:54 - 2013-02-04 16:16 - 00000000 ____D C:\ProgramData\Norton
2013-08-05 18:59 - 2013-08-05 18:59 - 00015360 ___SH C:\Users\Sandra\Downloads\Thumbs.db
2013-08-03 11:03 - 2013-07-29 21:53 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Mozilla
2013-08-03 11:01 - 2013-08-03 11:01 - 00000000 ____D C:\Users\Sandra\AppData\Local\Mozilla
2013-08-03 10:59 - 2013-08-03 10:59 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-03 10:59 - 2013-08-03 10:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-03 10:56 - 2013-08-03 10:55 - 00003542 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-08-03 10:56 - 2013-07-27 19:51 - 00000000 ___RD C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-08-03 10:55 - 2013-07-30 12:20 - 00000000 ___RD C:\Windows\BrowserChoice
2013-08-03 10:55 - 2013-07-27 19:50 - 00000000 ____D C:\Users\Sandra\AppData\Local\Packages
2013-08-03 10:55 - 2012-12-24 19:59 - 00000000 ____D C:\ProgramData\PRICache
2013-07-30 13:13 - 2012-12-24 21:08 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-07-30 12:20 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-30 12:18 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-30 12:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-30 12:16 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-30 12:16 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-30 12:16 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-30 12:16 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
Files to move or delete:
====================
C:\Users\Sandra\AppData\Local\Temp\Quarantine.exe
C:\Users\Sandra\AppData\Local\Temp\~convert3591457963108336489.exe
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\setup.exe
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Office.de-de\DW20.EXE
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Office.de-de\dwdcw20.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Office.de-de\dwtrig20.exe
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Office.de-de\msvcr80.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Office.de-de\osetupui.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Office.de-de\1031\dwintl20.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Enterprise.WW\ose.exe
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Enterprise.WW\osetup.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\oct.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\octca.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\zh-tw\octres.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\zh-cn\octres.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\ko-kr\octres.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\ja-jp\octres.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\it-it\octres.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\fr-fr\octres.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\es-es\octres.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\en-us\octres.dll
C:\Users\Sandra\AppData\Local\Temp\Temp1_Ofice_Insatllation.zip\Ofice_Insatllation\Admin\de-de\octres.dll
C:\Users\Sandra\AppData\Local\Temp\SDIAG_9d4861e4-81ee-428e-9f84-035313ee5006\DiagPackage.dll
C:\Users\Sandra\AppData\Local\Temp\SDIAG_9d4861e4-81ee-428e-9f84-035313ee5006\NetworkDiagnosticSnapIn.dll
C:\Users\Sandra\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Sandra\AppData\Local\Temp\is-3OIUC.tmp\dvssyshelper.dll
C:\Users\Sandra\AppData\Local\Temp\is-3OIUC.tmp\InnoCallback.dll
C:\Users\Sandra\AppData\Local\Temp\is-3OIUC.tmp\psvince.dll
C:\Users\Sandra\AppData\Local\Temp\is-3OIUC.tmp\_isetup\_shfoldr.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-20 13:47
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013
Ran by Sandra at 2013-08-29 14:56:05
Running from C:\Users\Sandra\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
clear.fi SDK - Video 2 (x32 Version: 2.1.2128)
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112)
Acer Backup Manager (x32 Version: 4.0.0.0071)
Acer Instant Update Service (Version: 1.00.3013)
Acer Power Management (Version: 7.00.3011)
Acer Recovery Management (Version: 6.00.3012)
AcerCloud (x32 Version: 2.01.3125)
AcerCloud Docs (x32 Version: 1.00.3204)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
Applet (HKCU)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)
Backup Manager v4 (x32 Version: 4.0.0.0071)
Bejeweled 3 (x32 Version: 2.2.0.98)
clear.fi Media (x32 Version: 2.01.3112)
clear.fi Photo (x32 Version: 2.01.3109)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.16)
Dritek Radio Controller (x32 Version: 2.02.2001.0803)
Free YouTube to MP3 Converter version 3.12.9.725 (x32 Version: 3.12.9.725)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110)
Identity Card (x32 Version: 2.00.3004)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Island Tribe (x32 Version: 2.2.0.98)
Java Auto Updater (x32 Version: 2.0.2.1)
Java(TM) 6 Update 20 (x32 Version: 6.0.200)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Launch Manager (x32 Version: 7.0.10)
Live Updater (x32 Version: 2.00.3006)
Magic Academy (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Internet Security Suite (x32 Version: 11.6.511)
Microsoft Office (x32 Version: 15.0.4420.1017)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
Norton Online Backup (x32 Version: 2.2.3.51r)
Norton Online Backup ARA (x32 Version: 4.1.0.14)
NTI Media Maker 9 (x32 Version: 9.0.2.9014)
Office Addin (x32 Version: 2.01.3202)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.216)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.31)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6716)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.27028)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update Installer for WildTangent Games App (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
Ware PS/2-X64 11.6.16.203_WHQL (Version: 11.6.16.203)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.3)
Zuma's Revenge (x32 Version: 2.2.0.98)
==================== Restore Points =========================
05-08-2013 15:51:05 Windows Update
08-08-2013 17:47:45 Windows Update
10-08-2013 16:37:42 Installed Microsoft Office Enterprise 2007
17-08-2013 14:40:03 Windows Update
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {115A30F5-9629-4E2E-993E-F2EF77734558} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2012-11-27] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1CF5FBA5-141F-4E2B-B4FC-71FCAED98B95} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {307D8C75-FDA3-49D3-AA9F-DB79F405FB59} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2012-07-26] (Microsoft Corporation)
Task: {343E40F2-250C-4A52-A8B8-B55A35032492} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-10-08] (Acer Incorporated)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3D011488-04FF-4EF8-A772-0A4A0803CC8B} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {536A3462-6032-4DF6-91B8-BC3E29191B8D} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5F461DB1-266D-41DD-930C-F2B48B58FDAC} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {67229DF8-B971-4F31-933D-0FD466D45DE1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {77A6D07E-0548-43BF-9341-44568B406959} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-670448937-171419631-3567303464-1001
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {84DE5EB5-DE94-465B-ADDF-103C8E5131E8} - System32\Tasks\WPD\SqmUpload_S-1-5-21-670448937-171419631-3567303464-1001 => C:\Windows\System32\portabledeviceapi.dll [2012-07-26] (Microsoft Corporation)
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {95ADF8CE-D9E4-47EF-9D02-91C741A48533} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B5B481B4-B4A5-4A76-B37A-826794D7784F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {BA1DB0D5-84AC-40C0-A5A1-E9B78AA84F8E} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C536413C-A943-4DD2-8D3A-66C7D2F9AE1C} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {C7AE9012-BCC7-4321-845A-2CF60FBC08E8} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {C7EC631F-FD90-4F26-BC1A-0CD3B9FFD9C8} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {C9A9BF47-4E2C-464D-8524-8D6DD936537B} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DBF96A75-B294-477D-9830-2C5A1458BAF4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F64ED41B-18B4-4F36-959D-0F00EC7E1136} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2012-07-26] (Microsoft Corporation)
Task: {F711BCE7-6A06-4BAF-8158-C5207E4EEDA5} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-670448937-171419631-3567303464-500
Task: {FBE635E0-09EB-484B-841D-87E2880B9059} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {FE4FEB64-44A0-4EFE-A705-ECB7DDC75D40} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\Sandra\Desktop\Thumbs.db:encryptable
AlternateDataStreams: C:\Users\Sandra\Downloads\Thumbs.db:encryptable
==================== Faulty Device Manager Devices =============
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/29/2013 01:07:05 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: AUSNAHMEFEHLER beim Aufruf der Funktion IThread(ProtocolSrvConThread)::run() für die Datei
unknown.
[ACCESS_VIOLATION Exception!! EIP = 0x74024753]
Bitte Avira informieren und die obige Datei übersenden!
Error: (08/25/2013 01:48:01 PM) (Source: Winlogon) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
Error: (08/25/2013 00:05:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.2.9200.16384, Zeitstempel: 0x5010a64a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000420
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x2d24
Startzeit der fehlerhaften Anwendung: 0xregsvr32.exe0
Pfad der fehlerhaften Anwendung: regsvr32.exe1
Pfad des fehlerhaften Moduls: regsvr32.exe2
Berichtskennung: regsvr32.exe3
Vollständiger Name des fehlerhaften Pakets: regsvr32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: regsvr32.exe5
Error: (08/24/2013 11:39:38 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (08/22/2013 10:28:27 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 23.0.1.4974 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12bc
Startzeit: 01ce9f75ea390f5c
Endzeit: 16
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 59581556-0b69-11e3-be76-206a8af508d4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/19/2013 09:57:49 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (08/19/2013 08:46:14 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1830
Startzeit: 01ce9ca730725079
Endzeit: 16
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: ba3b9ba0-089a-11e3-be75-206a8af508d4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/18/2013 11:21:01 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1838
Startzeit: 01ce9bf3e354f256
Endzeit: 31
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 73144195-07e7-11e3-be75-206a8af508d4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/17/2013 00:42:35 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (08/13/2013 00:22:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Ben)
Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (08/29/2013 01:27:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070
Error: (08/29/2013 01:27:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Error: (08/29/2013 01:16:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5
Error: (08/29/2013 01:16:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avgntflt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5
Error: (08/29/2013 01:02:02 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}
Error: (08/29/2013 01:02:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070
Error: (08/29/2013 01:02:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Error: (08/29/2013 00:51:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5
Error: (08/29/2013 00:50:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avgntflt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5
Error: (08/29/2013 00:50:06 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: 1069netprofmNicht verfügbar{A47979D2-C419-11D9-A5B4-001185AD2B89}
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 3891.59 MB
Available physical RAM: 2402.86 MB
Total Pagefile: 6835.59 MB
Available Pagefile: 4909.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.37 GB) (Free:396.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: A98576D3)
Partition: GPT Partition Type
==================== End Of Log ============================ |