Hitman 21 | 22.09.2013 19:24 | Hallo Schrauber
Habe deine Anweisungen ausgeführt. Hier die Logfiles
Gruss Hitman 21 Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.09.22.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
*** :: ***-PC [Administrator]
22.09.2013 16:54:52
mbam-log-2013-09-22 (16-54-52).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|H:\|I:\|J:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 521849
Laufzeit: 1 Stunde(n), 30 Minute(n), 17 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) Code:
# AdwCleaner v3.004 - Bericht erstellt am 22/09/2013 um 19:02:38
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : *** - ***-PC
# Gestartet von : C:\Users\***\Desktop\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\foxydeal.sqlite
Ordner Gefunden : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gefunden C:\Users\***\AppData\LocalLow\boost_interprocess
Ordner Gefunden C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\jetpack
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Mozilla Firefox v10.0 (de)
[ Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1640 octets] - [22/09/2013 19:02:38]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1700 octets] ########## Code:
# AdwCleaner v3.004 - Bericht erstellt am 22/09/2013 um 19:04:31
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : *** - ***-PC
# Gestartet von : C:\Users\***\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\jetpack
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\foxydeal.sqlite
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Conduit
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Mozilla Firefox v10.0 (de)
[ Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1784 octets] - [22/09/2013 19:02:38]
AdwCleaner[S0].txt - [1659 octets] - [22/09/2013 19:04:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1719 octets] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Windows 7 Ultimate x64
Ran by *** on 22.09.2013 at 19:14:59.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{186A3FD9-C7AE-4993-BD33-AA92A006CE2C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{359006DF-7E48-44E9-9116-8A30940A1493}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DF26A31E-45AA-4BC9-8398-0DF1D0374B90}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.09.2013 at 19:19:36.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by *** (administrator) on ***-PC on 22-09-2013 19:37:33
Running from C:\Users\***\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
( ) C:\Windows\system32\dleccoms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe
() C:\Program Files (x86)\Dell P713w\dlecmon.exe
() C:\Program Files (x86)\Dell P713w\ezprint.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
() C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
() C:\Program Files (x86)\ZyXEL\NetUSB Share Center\Share Center.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) D:\Programme\iTunes\iTunesHelper.exe
(Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackup.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RunDLLEntry_THXCfg] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [207845 2011-04-29] ()
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] - LBTWIZ.EXE -silent
HKLM\...\Run: [dlecmon.exe] - C:\Program Files (x86)\Dell P713w\dlecmon.exe [770728 2011-01-24] ()
HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Dell P713w\ezprint.exe [139944 2011-01-24] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [OM_Monitor] - C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe [57344 2006-05-16] (OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [237693 2009-02-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [SPIRunE] - C:\Windows\\SysWOW64\SPIRunE.dll [18432 2009-07-27] (Creative Technology Ltd.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2011-08-12] (cyberlink)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [NeroLauncher] - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2825741 2011-04-29] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [ZyXEL USB Share Center] - C:\Program Files (x86)\ZyXEL\NetUSB Share Center\Share Center.exe [5623808 2010-07-22] ()
HKLM-x32\...\Run: [Memeo Backup] - C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-07-28] (Memeo Inc.)
HKLM-x32\...\Run: [QuickTime Task] - D:\Programme\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] - D:\Programme\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-09-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Programme\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.sunrise.ch/
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627195329.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Dell Symbolleiste - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120627195329.dll (McAfee, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Dell Symbolleiste - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 212.98.37.128 194.230.55.99
FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20(url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1%20%26%26%20url.indexOf('s3.amazonaws.com')%20%3D%3D%20-1%20%26%26%20url.indexOf('ping.chartbeat.net')%20%3D%3D%20-1%20%26%26%20url.indexOf('.png')%20%3D%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*'))%20%7B%20return%20'PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - D:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - D:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\***\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\***\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Просмотр HTTP заголовков - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4988pq95.default\Extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YouTube) - C:\Users\***~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\***~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (SiteAdvisor) - C:\Users\***~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1
CHR Extension: (RealDownloader) - C:\Users\***~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (ProxTube) - C:\Users\***~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdbaehcjcomcnnjhlmnfddpgoafpcko\1.0.5_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\***~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\***~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
==================== Services (Whitelisted) =================
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [248304 2011-08-11] (CyberLink)
S2 dlecCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\dlecserv.exe [45224 2010-05-21] ()
R2 dlec_device; C:\Windows\system32\dleccoms.exe [1052328 2010-05-21] ( )
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [224704 2011-03-08] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 ZyxelUDSMBus; C:\Windows\SysWow64\Drivers\ZyxelUDSMBus.sys [67168 2010-07-22] (Windows (R) Codename Longhorn DDK provider)
R3 ZyxelUDSTcpBus; C:\Windows\SysWow64\Drivers\ZyxelUDSTcpBus.sys [98912 2010-07-22] (Windows (R) Codename Longhorn DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S1 cdrbsdrv; No ImagePath
U3 mfeavfk01; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-22 19:37 - 2013-09-22 19:37 - 01956670 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-09-22 19:19 - 2013-09-22 19:19 - 00001439 _____ C:\Users\***\Desktop\JRT.txt
2013-09-22 19:14 - 2013-09-22 19:14 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 19:12 - 2013-09-22 19:12 - 01030038 _____ (Thisisu) C:\Users\***\Desktop\JRT.exe
2013-09-22 19:01 - 2013-09-22 19:04 - 00000000 ____D C:\AdwCleaner
2013-09-22 19:00 - 2013-09-22 19:01 - 01039554 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-09-20 17:49 - 2013-09-22 19:35 - 00000000 ____D C:\Users\***\Desktop\Neuer Ordner
2013-09-20 17:30 - 2013-09-20 17:30 - 00031923 _____ C:\ComboFix.txt
2013-09-20 17:19 - 2013-09-20 17:19 - 00000000 ____D C:\Users\***\Documents\ProcAlyzer Dumps
2013-09-20 17:13 - 2013-09-20 17:30 - 00000000 ____D C:\Qoobox
2013-09-20 15:05 - 2013-09-20 15:05 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-20 15:05 - 2013-09-20 15:05 - 00000000 ____D C:\Program Files\iTunes
2013-09-20 15:05 - 2013-09-20 15:05 - 00000000 ____D C:\Program Files\iPod
2013-09-20 10:51 - 2013-09-20 10:51 - 00000000 ____D C:\FRST
2013-09-18 21:04 - 2013-09-22 19:29 - 00000840 _____ C:\Windows\setupact.log
2013-09-18 21:04 - 2013-09-20 17:31 - 00001912 _____ C:\Windows\PFRO.log
2013-09-18 21:04 - 2013-09-18 21:04 - 00000000 _____ C:\Windows\setuperr.log
2013-09-18 14:32 - 2013-09-18 14:32 - 00000000 ____D C:\Users\***\AppData\Roaming\RealNetworks
2013-09-18 14:32 - 2013-09-18 14:32 - 00000000 ____D C:\ProgramData\RealNetworks
2013-09-18 14:32 - 2013-09-18 14:32 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-09-18 14:19 - 2013-09-18 14:19 - 00000494 _____ C:\Users\***\Desktop\***.website
2013-09-11 20:50 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 20:50 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 20:50 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 20:50 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 20:50 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 20:50 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 20:50 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 20:50 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 20:50 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 20:50 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 20:50 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 20:50 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 20:50 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 20:50 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 20:50 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 20:50 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 20:50 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 20:50 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 20:50 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 20:50 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 20:50 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 11:33 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 11:33 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 11:33 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 11:33 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 11:33 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 11:33 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 11:33 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 11:33 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 11:33 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 11:33 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 11:33 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 11:33 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 11:33 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 11:33 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 11:33 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 11:33 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 11:33 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 11:33 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 11:33 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 11:33 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 11:33 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 11:33 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 11:33 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 11:33 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 11:33 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 11:33 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 11:33 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 12:07 - 2013-09-10 12:07 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-10 11:49 - 2013-09-10 11:48 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-10 11:48 - 2013-09-10 11:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-10 11:48 - 2013-09-10 11:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-10 11:48 - 2013-09-10 11:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-26 15:56 - 2013-08-26 15:56 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-08-26 11:13 - 2013-08-26 11:13 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2013-08-26 09:10 - 2013-04-30 17:24 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts.20130826-091004.backup
2013-08-26 08:28 - 2013-08-26 08:28 - 00000000 ____D C:\Users\***\AppData\Roaming\NVIDIA
2013-08-26 08:24 - 2013-08-26 08:24 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-26 08:20 - 2013-09-20 17:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-26 08:20 - 2013-08-26 08:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-26 08:20 - 2013-08-26 08:20 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-26 08:20 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-08-26 08:11 - 2013-08-26 08:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Browser
2013-08-26 07:48 - 2013-08-26 07:48 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-08-26 07:48 - 2013-08-26 06:46 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\SoftThinks
2013-08-26 07:48 - 2012-02-11 11:22 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2013-08-26 07:48 - 2012-01-17 13:03 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-08-26 07:48 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-08-26 07:48 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-08-26 07:47 - 2013-08-09 03:05 - 03310693 _____ C:\Windows\system32\nvcoproc.bin
2013-08-26 07:46 - 2013-08-26 07:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-24 21:53 - 2013-09-22 19:06 - 00003258 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3354904592-2679355235-2660027724-1000
==================== One Month Modified Files and Folders =======
2013-09-22 19:37 - 2013-09-22 19:37 - 01956670 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-09-22 19:37 - 2009-07-14 06:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-22 19:37 - 2009-07-14 06:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-22 19:35 - 2013-09-20 17:49 - 00000000 ____D C:\Users\***\Desktop\Neuer Ordner
2013-09-22 19:33 - 2012-01-17 12:21 - 01421192 _____ C:\Windows\WindowsUpdate.log
2013-09-22 19:32 - 2012-02-14 22:14 - 00000000 ____D C:\Users\***\Documents\Outlook-Dateien
2013-09-22 19:30 - 2013-06-13 21:02 - 00003382 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3354904592-2679355235-2660027724-1000
2013-09-22 19:30 - 2012-02-16 18:08 - 00140306 _____ C:\ProgramData\dlecscan.log
2013-09-22 19:30 - 2012-01-17 13:07 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-09-22 19:30 - 2012-01-17 13:07 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-09-22 19:30 - 2012-01-17 12:42 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-09-22 19:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 19:29 - 2013-09-18 21:04 - 00000840 _____ C:\Windows\setupact.log
2013-09-22 19:29 - 2012-01-17 11:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-22 19:19 - 2013-09-22 19:19 - 00001439 _____ C:\Users\***\Desktop\JRT.txt
2013-09-22 19:18 - 2012-05-09 13:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-22 19:14 - 2013-09-22 19:14 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 19:12 - 2013-09-22 19:12 - 01030038 _____ (Thisisu) C:\Users\***\Desktop\JRT.exe
2013-09-22 19:06 - 2013-08-24 21:53 - 00003258 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3354904592-2679355235-2660027724-1000
2013-09-22 19:04 - 2013-09-22 19:01 - 00000000 ____D C:\AdwCleaner
2013-09-22 19:01 - 2013-09-22 19:00 - 01039554 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-09-22 18:53 - 2013-04-07 18:36 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3354904592-2679355235-2660027724-1000UA.job
2013-09-22 17:49 - 2012-02-09 14:29 - 00000000 ____D C:\Users\Hansulrich\AppData\Local\Nero
2013-09-22 16:53 - 2013-04-07 18:36 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3354904592-2679355235-2660027724-1000Core.job
2013-09-22 16:37 - 2012-03-07 10:41 - 00000656 _____ C:\Users\Hansulrich\Desktop\meteo.ch – Swiss Weather Portal.website
2013-09-22 16:18 - 2013-05-16 17:37 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C2FB5E82-8A0D-4224-BEE1-D9B54F21E70E}
2013-09-22 16:16 - 2012-01-17 12:59 - 00000000 ____D C:\ProgramData\Sonic
2013-09-20 17:31 - 2013-09-18 21:04 - 00001912 _____ C:\Windows\PFRO.log
2013-09-20 17:30 - 2013-09-20 17:30 - 00031923 _____ C:\ComboFix.txt
2013-09-20 17:30 - 2013-09-20 17:13 - 00000000 ____D C:\Qoobox
2013-09-20 17:29 - 2009-07-14 04:34 - 00000276 _____ C:\Windows\system.ini
2013-09-20 17:19 - 2013-09-20 17:19 - 00000000 ____D C:\Users\***\Documents\ProcAlyzer Dumps
2013-09-20 17:19 - 2013-08-26 08:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-20 17:06 - 2012-02-16 18:25 - 00000000 ____D C:\ProgramData\Dl_cats
2013-09-20 17:05 - 2012-02-10 09:59 - 00000000 ____D C:\Users\***\Geschäft
2013-09-20 17:04 - 2012-02-16 18:26 - 01712690 _____ C:\ProgramData\dlecJSW.log
2013-09-20 15:36 - 2012-01-17 13:00 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-09-20 15:05 - 2013-09-20 15:05 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-20 15:05 - 2013-09-20 15:05 - 00000000 ____D C:\Program Files\iTunes
2013-09-20 15:05 - 2013-09-20 15:05 - 00000000 ____D C:\Program Files\iPod
2013-09-20 13:56 - 2012-02-10 21:33 - 00002402 _____ C:\Users\Hansulrich\Desktop\Google Chrome.lnk
2013-09-20 12:18 - 2012-05-09 13:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 12:18 - 2012-05-09 13:02 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 12:18 - 2012-01-17 12:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 12:00 - 2012-02-10 19:36 - 00000000 ____D C:\Users\***\Desktop\Sicherheitsprogramme
2013-09-20 10:51 - 2013-09-20 10:51 - 00000000 ____D C:\FRST
2013-09-20 10:18 - 2013-05-22 15:45 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-09-19 19:33 - 2012-02-10 19:31 - 00000000 ____D C:\Program Files\Recuva
2013-09-19 18:47 - 2012-05-31 20:21 - 00000000 ____D C:\Users\***\AppData\Roaming\DVDVideoSoft
2013-09-18 21:04 - 2013-09-18 21:04 - 00000000 _____ C:\Windows\setuperr.log
2013-09-18 21:04 - 2009-07-14 06:45 - 00480048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-18 19:09 - 2012-07-31 21:48 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2013-09-18 17:53 - 2012-03-07 10:45 - 00000987 _____ C:\Users\***\Desktop\***.website
2013-09-18 15:28 - 2012-02-13 14:08 - 00000000 ___RD C:\Users\***\Desktop\Homepage
2013-09-18 14:37 - 2013-04-30 20:33 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multimedia
2013-09-18 14:34 - 2012-02-10 19:53 - 00017408 _____ C:\Users\***\AppData\Local\WebpageIcons.db
2013-09-18 14:33 - 2013-06-13 21:00 - 00003360 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3354904592-2679355235-2660027724-1000
2013-09-18 14:33 - 2013-06-13 21:00 - 00003236 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3354904592-2679355235-2660027724-1000
2013-09-18 14:32 - 2013-09-18 14:32 - 00000000 ____D C:\Users\Hansulrich\AppData\Roaming\RealNetworks
2013-09-18 14:32 - 2013-09-18 14:32 - 00000000 ____D C:\ProgramData\RealNetworks
2013-09-18 14:32 - 2013-09-18 14:32 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-09-18 14:32 - 2013-06-13 21:00 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2013-09-18 14:32 - 2013-06-13 20:59 - 00272896 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2013-09-18 14:32 - 2013-06-13 20:59 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2013-09-18 14:32 - 2013-06-13 20:59 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2013-09-18 14:32 - 2012-02-10 21:42 - 00000000 ____D C:\ProgramData\Real
2013-09-18 14:32 - 2012-02-10 21:42 - 00000000 ____D C:\Program Files (x86)\Real
2013-09-18 14:31 - 2013-06-13 20:59 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-09-18 14:19 - 2013-09-18 14:19 - 00000494 _____ C:\Users\***\Desktop\Curling Club Langenthal - clubmeisterschaft - Gruppe B.website
2013-09-18 14:15 - 2012-02-10 21:21 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-09-18 14:14 - 2012-02-10 21:21 - 00000864 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-18 14:11 - 2012-02-09 14:18 - 00127384 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-18 14:09 - 2012-02-10 22:29 - 00000000 ____D C:\Program Files (x86)\DivX
2013-09-18 14:09 - 2012-02-10 22:25 - 00000000 ____D C:\ProgramData\DivX
2013-09-18 14:08 - 2012-02-10 22:29 - 00000000 ____D C:\Program Files\DivX
2013-09-18 14:00 - 2012-02-10 19:34 - 00000000 ____D C:\Program Files\Speccy
2013-09-18 12:44 - 2010-11-21 08:50 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-09-18 12:44 - 2010-11-21 08:50 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-09-18 12:44 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-17 09:17 - 2013-05-22 15:45 - 00000000 ____D C:\Program Files\My Dell
2013-09-17 09:17 - 2012-02-09 15:13 - 00000000 ____D C:\ProgramData\PCDr
2013-09-15 16:05 - 2011-02-11 19:57 - 00000000 ____D C:\Windows\panther
2013-09-12 11:48 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-09-12 09:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 07:12 - 2012-02-09 14:19 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 07:12 - 2012-02-09 14:19 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 20:51 - 2012-02-10 16:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 20:50 - 2013-08-06 11:56 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 20:49 - 2012-02-09 18:54 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 07:40 - 2012-02-10 13:25 - 00000000 ____D C:\Users\***\Verschiedenes
2013-09-10 19:11 - 2009-07-14 04:34 - 00448635 ____R C:\Windows\system32\Drivers\etc\hosts.20130915-160739.backup
2013-09-10 12:07 - 2013-09-10 12:07 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-10 11:48 - 2013-09-10 11:49 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-10 11:48 - 2013-09-10 11:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-10 11:48 - 2013-09-10 11:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-10 11:48 - 2013-09-10 11:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-10 11:48 - 2012-06-15 21:56 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-09-10 11:48 - 2012-01-17 12:35 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-10 11:18 - 2012-01-17 12:35 - 00000000 ____D C:\Program Files\Java
2013-09-09 15:52 - 2009-07-14 04:34 - 00448635 ____R C:\Windows\system32\Drivers\etc\hosts.20130910-191130.backup
2013-09-09 11:44 - 2012-02-10 19:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-09 06:52 - 2012-01-17 13:00 - 00000000 ____D C:\Program Files\mcafee
2013-09-02 19:40 - 2009-07-14 04:34 - 00448635 ____R C:\Windows\system32\Drivers\etc\hosts.20130909-155239.backup
2013-08-26 18:39 - 2012-02-13 21:09 - 00000000 ____D C:\Users\***\Documents\Incomedia WebSite X5
2013-08-26 15:56 - 2013-08-26 15:56 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-08-26 11:13 - 2013-08-26 11:13 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2013-08-26 09:10 - 2009-07-14 04:34 - 00448635 ____R C:\Windows\system32\Drivers\etc\hosts.20130902-194014.backup
2013-08-26 08:31 - 2013-08-26 08:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-26 08:28 - 2013-08-26 08:28 - 00000000 ____D C:\Users\***\AppData\Roaming\NVIDIA
2013-08-26 08:24 - 2013-08-26 08:24 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-26 08:20 - 2013-08-26 08:20 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-26 08:11 - 2013-08-26 08:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Browser
2013-08-26 08:09 - 2013-04-30 20:32 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools
2013-08-26 07:55 - 2012-02-10 10:13 - 00000000 ____D C:\Users\***\Desktop\Verschiedenes
2013-08-26 07:50 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2013-08-26 07:48 - 2013-08-26 07:48 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-08-26 07:48 - 2013-08-26 07:48 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-08-26 07:48 - 2013-08-26 07:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-26 07:48 - 2012-01-17 11:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-26 07:42 - 2012-09-30 17:50 - 00000000 ____D C:\Windows\Minidump
2013-08-26 06:46 - 2013-08-26 07:48 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\SoftThinks
Files to move or delete:
====================
C:\ProgramData\dzofae.reg
Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-11 08:14
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013
Ran by *** at 2013-09-22 19:38:40
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.2146.41621)
Adobe AIR (x32 Version: 3.1.0.4880)
Adobe Community Help (x32 Version: 3.2.1)
Adobe Community Help (x32 Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0)
Adobe Premiere Elements 9 (x32 Version: 9.0)
Adobe Premiere Elements 9 (x32 Version: 9.0.1)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Bing Bar (x32 Version: 7.2.241.0)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.05)
CDDRV_Installer (Version: 4.60)
Creative Audio Control Panel (x32 Version: 3.00)
Creative Software AutoUpdate (x32 Version: 1.40)
Creative Sound Blaster Properties x64 Edition (x32)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.4418)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.61)
Dell DataSafe Local Backup (x32 Version: 9.4.61)
Dell DataSafe Online (x32 Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Dell MusicStage (x32 Version: 1.6.225.0)
Dell P713w
Dell PhotoStage (x32 Version: 1.5.0.65)
Dell Stage (x32 Version: 1.5.201.0)
Dell Stage Remote (x32 Version: 2.0.0.43)
Dell Symbolleiste (x32 Version: 1.8.12.0)
Dell VideoStage (x32 Version: 1.2.0.1719)
Der Übersetzungsprofi 7.0 Europa Edition (x32)
DesignPro 5 (x32 Version: 5.5.708)
DirectX 9 Runtime (x32 Version: 1.00.0000)
DivX-Setup (x32 Version: 2.6.1.84)
DW WLAN Card (Version: 5.60.48.35)
eBay (x32 Version: 1.4.0)
Elements 9 Organizer (x32 Version: 9.0)
Elements STI Installer (x32 Version: 1.0)
erLT (x32 Version: 1.20.0137)
ESET Online Scanner v3 (x32)
FastStone Capture 5.3 (x32 Version: 5.3)
FileZilla Client 3.7.3 (x32 Version: 3.7.3)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25))
Google Chrome (HKCU Version: 29.0.1547.76)
Google Earth (x32 Version: 6.2.0.5905)
Host OpenAL (x32 Version: 1.00)
iCloud (Version: 3.0.2.163)
ImageMixer VCD/DVD2 for OLYMPUS (x32 Version: 2.01.050.1)
Incomedia WebSite X5 Evolution (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002)
IrfanView (remove only) (x32 Version: 4.32)
iTunes (Version: 11.1.0.126)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
JURA IMPRESSA Z5 G2 (x32 Version: 1.0)
KhalInstallWrapper (Version: 2.00.0000)
Logitech SetPoint (x32 Version: 4.80)
Logitech Unifying-Software 2.10 (Version: 2.10.37)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee SecurityCenter (x32 Version: 11.6.511)
Memeo Backup (x32)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 10.0 (x86 de) (x32 Version: 10.0)
Mozilla Firefox 24.0 (x86 de) (HKCU Version: 24.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Multimedia Card Reader (x32 Version: 1.7.915.93)
My Dell (Version: 3.4.6308.28)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0)
Nero Blu-ray Player (x32 Version: 12.0.20014)
Nero Control Center 10 (x32 Version: 10.6.13000.0.11)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800)
Nero Core Components 10 (x32 Version: 2.0.20000.9.12)
Nero Update (x32 Version: 11.0.11800.31.0)
NVIDIA 3D Vision Treiber 320.78 (Version: 320.78)
NVIDIA Grafiktreiber 320.78 (Version: 320.78)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2078)
NVIDIA Systemsteuerung 320.78 (Version: 320.78)
NVIDIA Update 1.14.17 (Version: 1.14.17)
NVIDIA Update Components (Version: 1.14.17)
OLYMPUS Master (x32 Version: 1.00.8000)
OLYMPUS Master addin (x32 Version: 1.00.0000)
PhotoShowExpress (x32 Version: 2.0.063)
PopTray Plug-ins (beta 6) (x32 Version: (beta 6))
PVX Plus WindX Standalone V10 (build 9300.2) (x32 Version: 10.0.9300.2)
QuickTime (x32 Version: 7.74.80.86)
RBVirtualFolder64Inst (Version: 1.00.0000)
RealDownloader (x32 Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.3)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Recuva (Version: 1.48)
Roxio Activation Module (x32 Version: 1.0)
Roxio BackOnTrack (x32 Version: 1.3.3)
Roxio Burn (x32 Version: 1.8)
Roxio Creator Starter (x32 Version: 1.0.439)
Roxio Creator Starter (x32 Version: 12.1.77.0)
Roxio Creator Starter (x32 Version: 5.0.0)
Roxio Express Labeler 3 (x32 Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
SafeGuard® PrivateCrypto 2.31.1 (x32 Version: 2.31.1.2)
SereneScreen Marine Aquarium 3 (x32 Version: 3.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 5.10 (x32 Version: 5.10.116)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0)
Sound Blaster X-Fi (x32 Version: 1.0)
Speccy (Version: 1.23)
Spybot - Search & Destroy (x32 Version: 2.1.21)
SWFBanner (x32)
SyncUP (x32 Version: 1.12.12400.17.102)
SyncUP (x32 Version: 10.2.15400)
THX TruStudio PC (x32 Version: 1.0)
Translators (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553157) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
White Christmas 3D Screensaver and Animated Wallpaper 1.0 (x32 Version: 1.0)
WIDCOMM Bluetooth Software (Version: 6.3.0.6200)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
World of Tanks (x32)
Zattoo4 4.0.5 (x32 Version: 4.0.5)
Zinio Reader 4 (x32 Version: 4.2.4164)
ZyXEL NAS Starter Utility (x32 Version: 2.00.18)
ZyXEL NetUSB Share Center (x32 Version: 1.0.1.c)
==================== Restore Points =========================
11-09-2013 18:45:56 Windows Update
19-09-2013 13:31:27 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-09-20 17:29 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0C1F02CE-7F0C-4CAB-9E38-B3FAC1A6CBD6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3354904592-2679355235-2660027724-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {0E9C04BF-B99A-4155-96B3-BE4F30F4F371} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3354904592-2679355235-2660027724-1000UA => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-07] (Google Inc.)
Task: {12444129-DF73-4B3B-AF80-70D4C4372E95} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {12BCD626-B866-4EED-8648-84E413F59079} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1ED8EC9A-4750-4BED-9FDA-AC6085A6D836} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3354904592-2679355235-2660027724-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1F8B5F37-2C7B-403B-AF71-ADDA4D6AF1E8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3354904592-2679355235-2660027724-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {200C55F2-3559-4AAD-8F98-E745305144D7} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3354904592-2679355235-2660027724-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3B82F3E0-1BCE-4C76-BB25-B7ECC370D2D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {40F48374-FF80-48D6-98D2-2F9B77B1E57D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3354904592-2679355235-2660027724-1000
Task: {5C3A1CF3-713D-4861-A683-5D27D54D6387} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {5C548308-66C5-4EF2-9922-895B6D4617E6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {6730EC82-92E9-4B52-97CE-2C22A64E64E8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {7416F852-5512-45B3-BF93-8BF19DE6E6D7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3354904592-2679355235-2660027724-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C62FD5E-009A-47FE-94F4-55788F50E832} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7D6CE335-8BAE-4153-B9F2-67DC352466E7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {8E287E0D-63E7-4BC2-BBE1-E2B190CE1C0D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {9FF8F513-47D7-411D-A2F7-303AE40950E5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3354904592-2679355235-2660027724-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {A4B8D584-FFF0-4BEC-BC06-3FAEF4F3C82F} - System32\Tasks\User_Feed_Synchronization-{C2FB5E82-8A0D-4224-BEE1-D9B54F21E70E} => C:\Windows\system32\msfeedssync.exe [2013-06-04] (Microsoft Corporation)
Task: {A98B46B1-D86A-407A-9FF1-FD1CCF0D0E26} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {B605FC93-E9AD-4F46-9EFC-121157B8A1FE} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {CFE92416-BC4A-46C3-8262-C36B90136161} - System32\Tasks\AdobeAAMUpdater-1.0-Hansulrich-PC-*** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {D02CCBE4-45A8-491F-8DC8-C9D6CE4A5304} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {DCAC94A2-7DE5-4E12-BB3A-3C01EF10AFF2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3354904592-2679355235-2660027724-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {DEF5A94B-3788-448E-BCFB-079631B791D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3354904592-2679355235-2660027724-1000Core => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-07] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3354904592-2679355235-2660027724-1000Core.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3354904592-2679355235-2660027724-1000UA.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-04 01:09 - 2013-04-04 01:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2010-07-21 15:46 - 2010-07-21 15:46 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2012-02-10 22:54 - 2009-07-20 13:35 - 00096272 _____ (Logitech, Inc.) C:\Windows\system32\KemXML.dll
2012-02-10 22:54 - 2009-07-20 13:34 - 00235536 _____ (Logitech, Inc.) C:\Windows\system32\kemutb.dll
2012-02-10 22:54 - 2009-07-20 13:34 - 00235536 _____ (Logitech, Inc.) C:\Windows\system32\KemUtil.dll
2012-02-10 22:54 - 2009-07-20 13:34 - 00159248 _____ (Logitech, Inc.) C:\Windows\system32\KemWnd.dll
2012-02-10 22:54 - 2009-07-20 13:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2010-03-16 22:28 - 2010-03-16 22:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 17:52 - 2010-03-22 17:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 22:28 - 2010-03-16 22:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 22:28 - 2010-03-16 22:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-25 01:20 - 2011-06-25 01:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-27 21:25 - 2011-06-27 21:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-25 01:32 - 2011-06-25 01:32 - 00323136 _____ () C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll
2010-03-11 21:52 - 2010-03-11 21:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 17:07 - 2010-03-05 17:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 17:07 - 2010-03-05 17:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 21:52 - 2010-03-11 21:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2012-02-16 18:05 - 2009-11-26 10:53 - 00086180 _____ () C:\Program Files (x86)\Dell P713w\dleccfg.dll
2012-02-16 18:06 - 2010-04-01 19:23 - 00389120 _____ () C:\Program Files (x86)\Dell P713w\dlecscw.dll
2012-02-16 18:06 - 2009-03-25 17:10 - 00192512 _____ () C:\Program Files (x86)\Dell P713w\dlecdatr.dll
2012-02-16 18:06 - 2010-04-01 19:24 - 01159168 _____ () C:\Program Files (x86)\Dell P713w\dlecDRS.dll
2012-02-16 18:06 - 2009-03-10 07:43 - 00155648 _____ () C:\Program Files (x86)\Dell P713w\dleccaps.dll
2012-02-16 18:06 - 2009-03-05 19:55 - 00059904 _____ () C:\Program Files (x86)\Dell P713w\dleccnv4.dll
2012-02-16 18:06 - 2009-03-10 07:41 - 00966656 _____ (Corp.) C:\Program Files (x86)\Dell P713w\dlecmonr.dll
2012-02-16 18:06 - 2009-12-09 21:35 - 00802816 _____ ( ) C:\Program Files (x86)\Dell P713w\dleccomc.dll
2012-02-16 17:59 - 2009-02-12 13:33 - 00381952 _____ () C:\Windows\system32\dlecsm.dll
2012-02-16 17:59 - 2009-04-28 09:57 - 00032768 _____ () C:\Windows\system32\dlecsmr.dll
2012-02-16 18:06 - 2009-06-22 15:08 - 00708608 _____ () C:\Program Files (x86)\Dell P713w\Epwizard.DLL
2012-02-16 18:06 - 2009-06-22 15:06 - 00159744 _____ () C:\Program Files (x86)\Dell P713w\customui.dll
2012-02-16 18:06 - 2009-06-22 15:06 - 00114688 _____ () C:\Program Files (x86)\Dell P713w\Eputil.DLL
2012-02-16 18:06 - 2009-06-22 15:05 - 00139264 _____ () C:\Program Files (x86)\Dell P713w\Imagutil.DLL
2012-02-16 18:06 - 2009-06-22 15:06 - 00061440 _____ () C:\Program Files (x86)\Dell P713w\Epfunct.DLL
2012-02-16 18:06 - 2009-06-23 13:11 - 02203648 _____ () C:\Program Files (x86)\Dell P713w\EPWizRes.dll
2012-02-16 18:06 - 2009-06-23 13:13 - 00045056 _____ () C:\Program Files (x86)\Dell P713w\epstring.dll
2012-02-16 18:06 - 2009-06-23 13:13 - 00221184 _____ () C:\Program Files (x86)\Dell P713w\EPOEMDll.dll
2012-02-16 18:06 - 2009-04-07 21:25 - 00409600 _____ () C:\Program Files (x86)\Dell P713w\iptk.dll
2012-02-16 18:06 - 2010-04-01 19:18 - 00548864 _____ (PDFlib GmbH) C:\Program Files (x86)\Dell P713w\PdfLib.dll
2012-02-16 18:06 - 2009-03-02 16:25 - 00151552 _____ () C:\Program Files (x86)\Dell P713w\dlecptp.dll
2012-01-17 12:36 - 2009-12-29 18:50 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-01-17 12:36 - 2010-01-12 17:36 - 00177664 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 06:29 - 2009-08-26 06:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2013-08-15 07:38 - 2013-08-15 07:38 - 00492032 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\97ce162bb354fcf9c8d9eae8252ee216\IAStorUtil.ni.dll
2013-07-12 06:56 - 2013-07-12 06:56 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\22d36f517c7545fdb65ccddae680a3eb\IAStorCommon.ni.dll
2010-11-22 15:27 - 2010-11-22 15:27 - 00190960 _____ (Roxio, Inc.) c:\program files (x86)\common files\roxio shared\dllshared\rsl.dll
2010-11-25 00:44 - 2010-11-25 00:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2011-04-29 20:13 - 2011-04-29 20:13 - 18908672 _____ (Unlimited Realities) C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll
2011-04-29 20:13 - 2011-04-29 20:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2011-04-29 20:13 - 2011-04-29 20:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-11-21 05:25 - 2010-11-21 05:25 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2013-08-26 08:20 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-08-26 08:20 - 2013-05-16 10:55 - 03643800 _____ (Project JEDI) C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
2013-08-26 08:20 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-07-28 19:58 - 2010-07-28 19:58 - 01660128 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Utility.dll
2010-07-28 19:58 - 2010-07-28 19:58 - 00020704 _____ (Stan Schultes, VBNetExpert.com) C:\Program Files (x86)\Memeo\AutoBackup\XMLSettings.dll
2010-07-28 19:58 - 2010-07-28 19:58 - 00054496 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Interop.dll
2010-07-28 19:58 - 2010-07-28 19:58 - 01553632 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.DataClad.dll
2010-07-28 19:59 - 2010-07-28 19:59 - 00057344 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\de-DE\Tanagra.DataClad.resources.dll
2010-07-28 19:58 - 2010-07-28 19:58 - 02887904 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
2010-07-28 19:58 - 2010-07-28 19:58 - 00025824 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-07-28 19:59 - 2010-07-28 19:59 - 00094208 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\de-DE\MemeoBackup.resources.dll
2010-07-28 19:58 - 2010-07-28 19:58 - 00296160 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.DataClad.DataAccess.dll
2010-07-28 19:57 - 2010-07-28 19:57 - 02798816 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.BMU.dll
2010-04-05 20:52 - 2010-04-05 20:52 - 00013824 _____ ( ) C:\Program Files (x86)\Memeo\AutoBackup\Interop.eWebControl.dll
2009-08-19 20:56 - 2009-08-19 20:56 - 00143360 _____ (Digital River, Inc.) C:\Program Files (x86)\Common Files\Memeo\eWebControl365.dll
2010-07-28 19:58 - 2010-07-28 19:58 - 00025824 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Third-party.Security.dll
2010-07-28 19:57 - 2010-07-28 19:57 - 00074976 _____ (Finisar Corporation) C:\Program Files (x86)\Memeo\AutoBackup\SQLite.NET.dll
2010-04-05 20:52 - 2010-04-05 20:52 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL
2010-07-28 19:58 - 2010-07-28 19:58 - 00087264 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll
2010-07-28 19:59 - 2010-07-28 19:59 - 00036864 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\de-DE\Tanagra.Utility.resources.dll
2010-04-05 20:14 - 2010-04-05 20:14 - 00397312 _____ ( ) C:\Program Files (x86)\Memeo\AutoBackup\Interop.Outlook.dll
2010-07-28 19:57 - 2010-07-28 19:57 - 00067808 _____ (Newtonsoft) C:\Program Files (x86)\Memeo\AutoBackup\Newtonsoft.Json.dll
2010-07-28 19:59 - 2010-07-28 19:59 - 00114688 _____ () C:\Program Files (x86)\Memeo\AutoBackup\de-DE\Memeo.Client.UI.resources.dll
==================== Alternate Data Streams (whitelisted) ======
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/22/2013 07:30:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2013 07:30:07 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (09/22/2013 07:21:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2013 07:21:36 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
System errors:
=============
Error: (09/22/2013 07:31:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (09/22/2013 07:30:46 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (09/22/2013 07:30:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "dlecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/22/2013 07:30:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst dlecCATSCustConnectService erreicht.
Error: (09/22/2013 07:29:52 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/22/2013 07:29:52 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/22/2013 07:29:51 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/22/2013 07:21:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "dlecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/22/2013 07:21:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst dlecCATSCustConnectService erreicht.
Error: (09/22/2013 07:21:21 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
Error: (09/22/2013 07:30:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2013 07:30:07 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (09/22/2013 07:21:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2013 07:21:36 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
CodeIntegrity Errors:
===================================
Date: 2013-09-22 16:56:08.349
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-22 16:56:08.349
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-22 16:56:08.349
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-20 17:28:59.457
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-20 17:28:59.426
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-19 21:59:51.523
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-19 21:59:51.523
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-19 21:59:51.523
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-19 13:08:46.157
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-19 13:08:46.142
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 16366.45 MB
Available physical RAM: 13635.96 MB
Total Pagefile: 32731.07 MB
Available Pagefile: 29715.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:446.47 GB) (Free:312.02 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:931.51 GB) (Free:915.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 12501AB2)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 12501AAF)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |