FRST.txt:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by start (administrator) on LAPTOP-PC on 10-10-2013 20:45:01
Running from C:\Users\start\Downloads
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Enigma Software Group USA, LLC.) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(cake bake) C:\Program Files (x86)\Tepfel\WebCakeDesktop.Updater.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI.exe
(Bake Cake) C:\Users\start\AppData\Roaming\Tepfel\WebCakeDesktop.exe
() C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\rct2.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Windows\System32\slui.exe
() D:\Autorun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [EKAIO2StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI.exe [3240448 2011-12-11] (Eastman Kodak Company)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [909824 2012-05-10] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [WebCake Desktop] - C:\Users\start\AppData\Roaming\Tepfel\WebCakeDesktop.exe [52504 2013-08-10] (Bake Cake)
HKCU\...\Run: [RDReminder] - C:\Program Files (x86)\PC Performer\PCPerformer.exe [7343616 2013-06-19] (PerformerSoft LLC)
MountPoints2: {a9473b63-782e-11e1-ba0e-806e6f6e6963} - D:\Autorun.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] - C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1895424 2012-05-01] (Dominik Reichl)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [591696 2008-05-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Iminent] - [x]
HKLM-x32\...\Run: [IminentMessenger] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-10-10] (Avira Operations GmbH & Co. KG)
HKU\Laptop\...\Run: [Connectify] - C:\Program Files (x86)\Connectify\Connectify.exe
HKU\Laptop\...\Run: [Badoo Desktop] - C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe [1051760 2011-10-05] (Badoo)
HKU\Laptop\...\Run: [Google Update] - C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-17] (Google Inc.)
HKU\Laptop\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Laptop\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKU\Laptop\...\Run: [EPSON SX600FW Series] - C:\Windows\TEMP\E_SB350.tmp [202 2012-07-26] ()
AppInit_DLLs: C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll C:\Windows\system32\nvinitx.dll [202 2012-07-26] ()
AppInit_DLLs-x32: C:\PROGRA~2\MOVIES~1\Datamngr\mgrldr.dll C:\Windows\SysWOW64\nvinit.dll [193128 2012-03-30] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=B22C485D60CBAEA9&affID=119357&tsp=4987
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x221DDBEA03A0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=n8811-87&apn_uid=3795102454664316&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=n8811-87&apn_uid=3795102454664316&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B22C485D60CBAEA9&affID=119357&tsp=4987
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=n8811-87&apn_uid=3795102454664316&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO-x32: Plus-HD-3.8 - {11111111-1111-1111-1111-110311901130} - C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll (Plus HD)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\Tepfel\WebCakeIEClient.dll (Let Them Eat Web-Cake LLC)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKCU - No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
FireFox:
========
FF ProfilePath: C:\Users\start\AppData\Roaming\Mozilla\Firefox\Profiles\l7mk4ly1.default
FF Homepage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-400&v=n8811-87&t=4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\start\AppData\Roaming\Mozilla\Firefox\Profiles\l7mk4ly1.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\start\AppData\Roaming\Mozilla\Firefox\Profiles\l7mk4ly1.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: vis - C:\Users\start\AppData\Roaming\Mozilla\Firefox\Profiles\l7mk4ly1.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: WebCake - C:\Users\start\AppData\Roaming\Mozilla\Firefox\Profiles\l7mk4ly1.default\Extensions\plugin@getwebcake.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-10-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-10-10] (Avira Operations GmbH & Co. KG)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [1025408 2013-07-17] (Enigma Software Group USA, LLC.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
S3 w7Svc; C:\Program Files (x86)\webcam 7\wService.exe [5094200 2012-03-26] (Moonware Studios)
R2 WebCakeUpdater; C:\Program Files (x86)\Tepfel\WebCakeDesktop.Updater.exe [51992 2013-08-10] (cake bake)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2012-05-10] (Sonix Technology Co., Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-10 20:44 - 2013-10-10 20:44 - 00000000 ____D C:\FRST
2013-10-10 20:43 - 2013-10-10 20:43 - 01954124 _____ (Farbar) C:\Users\start\Downloads\FRST64.exe
2013-10-10 20:41 - 2013-10-10 20:41 - 01087213 _____ (Farbar) C:\Users\start\Downloads\FRST.exe
2013-10-10 18:18 - 2013-10-10 18:20 - 00000000 ____D C:\Users\start\Desktop\MUSIK ISA
2013-10-10 18:18 - 2013-10-10 18:18 - 100305510 _____ C:\Windows\SysWOW64\⾋D
2013-10-10 18:17 - 2013-10-10 18:17 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-10 14:05 - 2013-10-10 14:05 - 00002094 _____ C:\Users\start\Desktop\Avira Free Antivirus Profil Local drives.LNK
2013-10-10 12:22 - 2013-10-10 12:22 - 00000000 ____D C:\Users\start\AppData\Roaming\Avira
2013-10-10 12:16 - 2013-10-10 12:16 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-10 12:16 - 2013-10-10 12:16 - 00000000 ____D C:\ProgramData\Avira
2013-10-10 12:16 - 2013-10-10 12:16 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-10 12:16 - 2013-10-10 12:15 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-10 12:16 - 2013-10-10 12:15 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-10 12:16 - 2013-10-10 12:15 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-10 12:00 - 2013-10-10 12:00 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-10-10 11:58 - 2013-10-10 18:03 - 00001828 _____ C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
2013-10-10 11:58 - 2013-10-10 17:58 - 00001290 _____ C:\Windows\Tasks\Plus-HD-3.8-updater.job
2013-10-10 11:58 - 2013-10-10 17:58 - 00001196 _____ C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job
2013-10-10 11:58 - 2013-10-10 17:58 - 00001094 _____ C:\Windows\Tasks\Plus-HD-3.8-enabler.job
2013-10-10 11:58 - 2013-10-10 11:58 - 00004320 _____ C:\Windows\System32\Tasks\Plus-HD-3.8-updater
2013-10-10 11:58 - 2013-10-10 11:58 - 00004226 _____ C:\Windows\System32\Tasks\Plus-HD-3.8-codedownloader
2013-10-10 11:58 - 2013-10-10 11:58 - 00004124 _____ C:\Windows\System32\Tasks\Plus-HD-3.8-enabler
2013-10-10 11:58 - 2013-10-10 11:58 - 00000000 ____D C:\Users\start\AppData\Roaming\Windows Net Data
2013-10-10 11:58 - 2013-10-10 11:58 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8
2013-10-10 11:28 - 2013-10-10 12:48 - 00000000 ____D C:\Users\start\AppData\Local\DownloadGuide
2013-10-10 11:26 - 2013-10-10 11:26 - 00460552 _____ C:\Users\start\Downloads\Avira-Free-AntiVir_Setup_Download.exe
2013-10-09 21:13 - 2013-10-09 21:13 - 00000000 _____ C:\autoexec.bat
2013-10-09 21:12 - 2013-10-09 21:12 - 00003328 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2013-10-09 21:12 - 2013-10-09 21:12 - 00002254 _____ C:\Users\start\Desktop\SpyHunter.lnk
2013-10-09 21:12 - 2013-10-09 21:12 - 00000000 ____D C:\Users\start\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-10-09 21:12 - 2013-10-09 21:12 - 00000000 ____D C:\sh4ldr
2013-10-09 21:12 - 2013-10-09 21:12 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-09 21:12 - 2012-06-22 12:01 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2013-10-09 21:11 - 2013-10-09 21:12 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-09 20:50 - 2013-10-09 20:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\start\Downloads\SpyHunter-Installer.exe
2013-10-09 20:38 - 2013-10-09 20:38 - 02347384 _____ (ESET) C:\Users\start\Downloads\esetsmartinstaller_enu.exe
2013-10-09 20:38 - 2013-10-09 20:38 - 00000000 ____D C:\Program Files (x86)\ESET
2013-10-09 19:04 - 2013-10-09 19:04 - 00001103 _____ C:\Users\start\Desktop\EINSATZWAGEN 20-20. Der Polizei-Simulator.lnk
2013-10-09 19:02 - 2013-10-09 19:03 - 00000000 ____D C:\Program Files (x86)\PolizeiSimulator
2013-10-09 18:41 - 2013-10-09 18:41 - 00002146 _____ C:\Users\Public\Desktop\RollerCoaster Tycoon 2.lnk
2013-10-09 18:41 - 2013-10-09 18:41 - 00000000 ____D C:\Users\start\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-09 18:32 - 2013-10-09 18:32 - 00000000 ____D C:\Program Files (x86)\Infogrames
2013-10-09 15:55 - 2013-10-09 15:55 - 00042492 _____ C:\Users\start\Downloads\Extras.Txt
2013-10-09 15:54 - 2013-10-09 15:54 - 00086788 _____ C:\Users\start\Downloads\OTL.Txt
2013-10-09 15:46 - 2013-10-09 15:46 - 00602112 _____ (OldTimer Tools) C:\Users\start\Downloads\OTL.exe
2013-10-09 15:37 - 2013-10-09 15:37 - 00000000 ____D C:\Users\start\AppData\Roaming\InstallShield
2013-10-09 15:33 - 2013-10-09 15:33 - 00002970 _____ C:\Windows\System32\Tasks\{F76968B7-B33A-4ADE-9C80-04A3EB0542B0}
2013-10-09 15:33 - 2013-10-09 15:33 - 00002970 _____ C:\Windows\System32\Tasks\{B06C6EAB-DD35-4AC5-B642-6160D06B6509}
2013-10-09 15:33 - 2013-10-09 15:33 - 00000000 ____D C:\Users\start\AppData\Local\Apps\2.0
2013-10-09 14:58 - 2013-10-09 14:58 - 00723280 _____ C:\Windows\Minidump\100913-19578-01.dmp
2013-10-08 20:12 - 2013-10-08 20:12 - 01160856 _____ C:\Users\start\Downloads\need for speed world setup(1).exe
2013-10-08 20:11 - 2013-10-08 20:11 - 01160856 _____ C:\Users\start\Downloads\need for speed world setup.exe
2013-10-08 19:53 - 2013-10-08 19:54 - 06397232 _____ (Electronic Arts ) C:\Users\start\Downloads\need-for-speed-world.exe
2013-10-05 15:28 - 2013-10-10 18:17 - 00000000 ____D C:\Users\start\Desktop\Musik
2013-10-02 12:19 - 2013-10-02 12:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-18 00:35 - 2013-09-18 00:35 - 01536828 _____ C:\Users\start\Downloads\1000spins(1).exe
2013-09-18 00:28 - 2013-09-18 00:28 - 01442140 _____ C:\Users\start\Downloads\1000spins.exe
==================== One Month Modified Files and Folders =======
2013-10-10 20:45 - 2012-05-17 16:35 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000UA.job
2013-10-10 20:44 - 2013-10-10 20:44 - 00000000 ____D C:\FRST
2013-10-10 20:43 - 2013-10-10 20:43 - 01954124 _____ (Farbar) C:\Users\start\Downloads\FRST64.exe
2013-10-10 20:41 - 2013-10-10 20:41 - 01087213 _____ (Farbar) C:\Users\start\Downloads\FRST.exe
2013-10-10 20:34 - 2009-07-14 06:45 - 00017040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-10 20:34 - 2009-07-14 06:45 - 00017040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-10 20:27 - 2012-03-27 19:27 - 01993360 _____ C:\Windows\WindowsUpdate.log
2013-10-10 19:54 - 2013-08-26 12:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-10 19:34 - 2010-11-21 08:22 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-10-10 19:34 - 2010-11-21 08:22 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-10-10 19:34 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 18:57 - 2013-08-27 16:31 - 00000000 ____D C:\Program Files (x86)\Tepfel
2013-10-10 18:26 - 2009-07-14 06:51 - 00070103 _____ C:\Windows\setupact.log
2013-10-10 18:20 - 2013-10-10 18:18 - 00000000 ____D C:\Users\start\Desktop\MUSIK ISA
2013-10-10 18:18 - 2013-10-10 18:18 - 100305510 _____ C:\Windows\SysWOW64\⾋D
2013-10-10 18:17 - 2013-10-10 18:17 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-10 18:17 - 2013-10-05 15:28 - 00000000 ____D C:\Users\start\Desktop\Musik
2013-10-10 18:09 - 2013-03-14 18:51 - 00000000 ____D C:\Users\start\AppData\Local\VirtualStore
2013-10-10 18:03 - 2013-10-10 11:58 - 00001828 _____ C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
2013-10-10 17:58 - 2013-10-10 11:58 - 00001290 _____ C:\Windows\Tasks\Plus-HD-3.8-updater.job
2013-10-10 17:58 - 2013-10-10 11:58 - 00001196 _____ C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job
2013-10-10 17:58 - 2013-10-10 11:58 - 00001094 _____ C:\Windows\Tasks\Plus-HD-3.8-enabler.job
2013-10-10 15:01 - 2013-08-27 16:31 - 00000276 _____ C:\Windows\Tasks\PC Performer_DEFAULT.job
2013-10-10 14:36 - 2013-08-27 16:31 - 00003118 _____ C:\Windows\System32\Tasks\PC Performer
2013-10-10 14:33 - 2010-11-21 05:47 - 00128150 _____ C:\Windows\PFRO.log
2013-10-10 14:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 14:05 - 2013-10-10 14:05 - 00002094 _____ C:\Users\start\Desktop\Avira Free Antivirus Profil Local drives.LNK
2013-10-10 12:48 - 2013-10-10 11:28 - 00000000 ____D C:\Users\start\AppData\Local\DownloadGuide
2013-10-10 12:22 - 2013-10-10 12:22 - 00000000 ____D C:\Users\start\AppData\Roaming\Avira
2013-10-10 12:16 - 2013-10-10 12:16 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-10 12:16 - 2013-10-10 12:16 - 00000000 ____D C:\ProgramData\Avira
2013-10-10 12:16 - 2013-10-10 12:16 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-10 12:15 - 2013-10-10 12:16 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-10 12:15 - 2013-10-10 12:16 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-10 12:15 - 2013-10-10 12:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-10 12:00 - 2013-10-10 12:00 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-10-10 11:58 - 2013-10-10 11:58 - 00004320 _____ C:\Windows\System32\Tasks\Plus-HD-3.8-updater
2013-10-10 11:58 - 2013-10-10 11:58 - 00004226 _____ C:\Windows\System32\Tasks\Plus-HD-3.8-codedownloader
2013-10-10 11:58 - 2013-10-10 11:58 - 00004124 _____ C:\Windows\System32\Tasks\Plus-HD-3.8-enabler
2013-10-10 11:58 - 2013-10-10 11:58 - 00000000 ____D C:\Users\start\AppData\Roaming\Windows Net Data
2013-10-10 11:58 - 2013-10-10 11:58 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8
2013-10-10 11:26 - 2013-10-10 11:26 - 00460552 _____ C:\Users\start\Downloads\Avira-Free-AntiVir_Setup_Download.exe
2013-10-09 21:29 - 2013-08-27 15:53 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-09 21:29 - 2013-03-14 18:51 - 00000000 ___RD C:\Users\start\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-09 21:13 - 2013-10-09 21:13 - 00000000 _____ C:\autoexec.bat
2013-10-09 21:12 - 2013-10-09 21:12 - 00003328 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2013-10-09 21:12 - 2013-10-09 21:12 - 00002254 _____ C:\Users\start\Desktop\SpyHunter.lnk
2013-10-09 21:12 - 2013-10-09 21:12 - 00000000 ____D C:\Users\start\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-10-09 21:12 - 2013-10-09 21:12 - 00000000 ____D C:\sh4ldr
2013-10-09 21:12 - 2013-10-09 21:12 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-09 21:12 - 2013-10-09 21:11 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-09 20:50 - 2013-10-09 20:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\start\Downloads\SpyHunter-Installer.exe
2013-10-09 20:38 - 2013-10-09 20:38 - 02347384 _____ (ESET) C:\Users\start\Downloads\esetsmartinstaller_enu.exe
2013-10-09 20:38 - 2013-10-09 20:38 - 00000000 ____D C:\Program Files (x86)\ESET
2013-10-09 20:22 - 2012-07-26 14:18 - 00000000 ____D C:\Program Files (x86)\epson
2013-10-09 19:04 - 2013-10-09 19:04 - 00001103 _____ C:\Users\start\Desktop\EINSATZWAGEN 20-20. Der Polizei-Simulator.lnk
2013-10-09 19:03 - 2013-10-09 19:02 - 00000000 ____D C:\Program Files (x86)\PolizeiSimulator
2013-10-09 18:41 - 2013-10-09 18:41 - 00002146 _____ C:\Users\Public\Desktop\RollerCoaster Tycoon 2.lnk
2013-10-09 18:41 - 2013-10-09 18:41 - 00000000 ____D C:\Users\start\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-09 18:32 - 2013-10-09 18:32 - 00000000 ____D C:\Program Files (x86)\Infogrames
2013-10-09 18:32 - 2012-03-30 13:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-09 17:57 - 2013-08-26 12:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 17:57 - 2013-08-26 12:46 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 17:57 - 2012-03-27 23:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 16:31 - 2013-08-27 16:31 - 00000284 _____ C:\Windows\Tasks\PC Performer_UPDATES.job
2013-10-09 15:55 - 2013-10-09 15:55 - 00042492 _____ C:\Users\start\Downloads\Extras.Txt
2013-10-09 15:54 - 2013-10-09 15:54 - 00086788 _____ C:\Users\start\Downloads\OTL.Txt
2013-10-09 15:46 - 2013-10-09 15:46 - 00602112 _____ (OldTimer Tools) C:\Users\start\Downloads\OTL.exe
2013-10-09 15:40 - 2013-08-27 16:31 - 00000000 ____D C:\Program Files (x86)\PC Performer
2013-10-09 15:37 - 2013-10-09 15:37 - 00000000 ____D C:\Users\start\AppData\Roaming\InstallShield
2013-10-09 15:33 - 2013-10-09 15:33 - 00002970 _____ C:\Windows\System32\Tasks\{F76968B7-B33A-4ADE-9C80-04A3EB0542B0}
2013-10-09 15:33 - 2013-10-09 15:33 - 00002970 _____ C:\Windows\System32\Tasks\{B06C6EAB-DD35-4AC5-B642-6160D06B6509}
2013-10-09 15:33 - 2013-10-09 15:33 - 00000000 ____D C:\Users\start\AppData\Local\Apps\2.0
2013-10-09 14:58 - 2013-10-09 14:58 - 00723280 _____ C:\Windows\Minidump\100913-19578-01.dmp
2013-10-09 14:58 - 2012-05-22 16:12 - 763881310 _____ C:\Windows\MEMORY.DMP
2013-10-09 14:58 - 2012-05-22 16:12 - 00000000 ____D C:\Windows\Minidump
2013-10-09 13:46 - 2013-08-27 21:27 - 00000000 ____D C:\Users\start\AppData\Roaming\Skype
2013-10-09 05:10 - 2012-05-17 16:35 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000Core.job
2013-10-08 20:12 - 2013-10-08 20:12 - 01160856 _____ C:\Users\start\Downloads\need for speed world setup(1).exe
2013-10-08 20:11 - 2013-10-08 20:11 - 01160856 _____ C:\Users\start\Downloads\need for speed world setup.exe
2013-10-08 19:54 - 2013-10-08 19:53 - 06397232 _____ (Electronic Arts ) C:\Users\start\Downloads\need-for-speed-world.exe
2013-10-08 17:44 - 2013-08-27 16:31 - 00000000 ____D C:\Users\start\AppData\Roaming\Tepfel
2013-10-06 20:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-06 12:36 - 2012-03-30 16:32 - 00000000 __SHD C:\Windows\SysWOW64\MPK
2013-10-05 11:18 - 2013-06-22 12:35 - 00000000 ____D C:\Users\start\AppData\Local\PokerStars.NET
2013-10-05 11:18 - 2012-06-19 11:20 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-05 11:18 - 2012-04-25 01:01 - 00000000 ____D C:\Program Files (x86)\PokerStars.NET
2013-10-05 11:17 - 2013-08-27 15:52 - 00000000 ____D C:\Users\start\AppData\Roaming\Systweak
2013-10-03 12:31 - 2012-05-02 12:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-02 19:03 - 2013-05-29 15:51 - 00000000 ____D C:\Users\start\AppData\Local\Mozilla
2013-10-02 12:19 - 2013-10-02 12:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-18 00:35 - 2013-09-18 00:35 - 01536828 _____ C:\Users\start\Downloads\1000spins(1).exe
2013-09-18 00:28 - 2013-09-18 00:28 - 01442140 _____ C:\Users\start\Downloads\1000spins.exe
Some content of TEMP:
====================
C:\Users\Laptop\AppData\Local\Temp\card_setup.exe
C:\Users\Laptop\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Laptop\AppData\Local\Temp\CT2438727_ie.exe
C:\Users\Laptop\AppData\Local\Temp\Shortcut_sweetimsetup.exe
C:\Users\Laptop\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Laptop\AppData\Local\Temp\xmlUpdater.exe
C:\Users\start\AppData\Local\Temp\BackupSetup.exe
C:\Users\start\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\start\AppData\Local\Temp\CmdLineExt01.dll
C:\Users\start\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\start\AppData\Local\Temp\MybabylonTB.exe
C:\Users\start\AppData\Local\Temp\propsys.dll
C:\Users\start\AppData\Local\Temp\SHSetup.exe
C:\Users\start\AppData\Local\Temp\SIntf16.dll
C:\Users\start\AppData\Local\Temp\SIntf32.dll
C:\Users\start\AppData\Local\Temp\SIntfNT.dll
C:\Users\start\AppData\Local\Temp\tbZyng.dll
C:\Users\start\AppData\Local\Temp\uninst1.exe
C:\Users\start\AppData\Local\Temp\vcredist_x64.exe
C:\Users\start\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-02 13:30
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
Addition.txt:FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by start at 2013-10-10 20:45:50
Running from C:\Users\start\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 1.5.3.9120)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Media Player (x32 Version: 1.8)
Adobe Reader X (10.1.3) - Deutsch (x32 Version: 10.1.3)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Badoo Desktop (x32 Version: 1.6.48.1082)
BlueGriffon version 1.5.2 (x32 Version: 1.5.2)
Druckerdeinstallation für EPSON SX600FW Series
EINSATZWAGEN 20/20. Der Polizei-Simulator (x32)
Epson Event Manager (x32 Version: 2.01.00)
ESET Online Scanner v3 (x32)
Exif-Viewer 2.51 (x32 Version: 2.51)
GNUmed-client 1.2.0 (x32 Version: 1.2.0)
GrabIt 1.7.2 Beta 6 (build 1008) (x32)
Iminent (x32 Version: 6.37.21.0)
Intel PROSet Wireless
Intel(R) Processor Graphics (x32 Version: 8.15.10.2291)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.1.0.0096)
Intel® PROSet/Wireless WiFi-Software (Version: 15.01.0000.0830)
KeePass Password Safe 2.19 (x32)
Med7 (x32 Version: 7.86.0004)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mobile Connection Manager (x32)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Notepad++ (x32 Version: 6.1.2)
NVIDIA Grafiktreiber 268.56 (Version: 268.56)
NVIDIA Install Application (Version: 2.265.41.0)
NVIDIA Optimus 1.0.22 (Version: 1.0.22)
NVIDIA Systemsteuerung 268.56 (Version: 268.56)
NVIDIA Update Components (Version: 1.0.22)
Paint.NET v3.5.10 (Version: 3.60.0)
PC Performer (x32 Version: 11.10)
Photomizer (x32 Version: 1.0.10.1236)
Picasa 3 (x32 Version: 3.8)
Plus-HD-3.8 (x32 Version: 1.27.153.11)
PokerStars.net (x32)
QuickPar 0.9 (x32 Version: 0.9)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10001)
RollerCoaster Tycoon 2 (x32)
Skype Click to Call (x32 Version: 6.1.10441)
Skype™ 6.6 (x32 Version: 6.6.106)
SpyHunter (Version: 4.15.1.4270)
UnLock Root 2.31 (x32 Version: 2.31)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
USB2.0 UVC VGA WebCam (Version: 5.8.55133.208)
VIS (x32)
Web-Cake 3.00 (Version: 3.00)
webcam 7 (x32 Version: 0.9.9.43)
WinHTTrack Website Copier 3.46-1 (x32 Version: 3.46.1)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
Wireshark 1.6.7 (32-bit) (x32 Version: 1.6.7)
ZTE USB Driver (Version: 1.0.1.25_TME)
==================== Restore Points =========================
28-08-2013 12:45:11 Removed 7-Zip 9.20 (x64 edition)
28-08-2013 13:29:11 Removed SweetIM for Messenger 3.7
11-09-2013 09:02:25 Geplanter Prüfpunkt
18-09-2013 09:11:23 Geplanter Prüfpunkt
26-09-2013 10:41:01 Geplanter Prüfpunkt
05-10-2013 09:16:00 Removed Internet Explorer Toolbar 4.6 by SweetPacks
05-10-2013 09:17:43 Removed Update Manager for SweetPacks 1.0
05-10-2013 09:18:09 Removed Update Manager for SweetPacks 1.0
06-10-2013 09:09:05 Windows Defender Checkpoint
09-10-2013 13:38:09 KingBill 2010 wird entfernt
09-10-2013 16:31:58 Installiert RollerCoaster Tycoon 2
09-10-2013 19:11:58 Installed SpyHunter
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {050A9596-B324-48B7-ADCA-785364EE1B83} - System32\Tasks\PC Performer_UPDATES => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {171B8802-8164-40DF-BB12-2A283EB8FB21} - System32\Tasks\PC Performer => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {17D60AEE-E40F-4A69-8B5E-F758A07313F4} - System32\Tasks\{B06C6EAB-DD35-4AC5-B642-6160D06B6509} => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {1E979F66-D8A7-428E-9D99-E8794C2A7250} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {271CF7CB-0A8F-4BE6-ABBD-6350470BA7D2} - System32\Tasks\Plus-HD-3.8-enabler => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe [2013-10-10] (Plus HD)
Task: {6B6BAD3F-C66E-4FBA-BFF7-67EF5F1F34FC} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {7FA55C85-6F01-45FC-9873-5CE10CD33D6F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000Core => C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-17] (Google Inc.)
Task: {936178D3-9A34-431D-ABDA-A76B1B084323} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000UA => C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-17] (Google Inc.)
Task: {A4D747F8-F660-49B0-A9BE-40FE61B6E4F8} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2013-07-17] (Enigma Software Group USA, LLC.)
Task: {A76C6FFA-9053-45AA-84D5-484A5D3F6CDE} - System32\Tasks\Plus-HD-3.8-updater => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe [2013-10-10] (Plus HD)
Task: {B870E2A5-BEF0-4124-A7E9-4C805DCA0FAE} - System32\Tasks\Plus-HD-3.8-firefoxinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe [2013-10-10] (Plus HD)
Task: {BCF28FCC-C2E0-4081-B225-DB9722069D44} - System32\Tasks\AdobeAAMUpdater-1.0-Laptop-PC-Laptop => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {D14D7A95-AA69-4F03-B2B4-359DB654EF0A} - System32\Tasks\{F76968B7-B33A-4ADE-9C80-04A3EB0542B0} => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {FB9D561B-0F19-41EC-AC23-2EB687A1B2AA} - System32\Tasks\Plus-HD-3.8-codedownloader => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe [2013-10-10] (Plus HD)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000Core.job => C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000UA.job => C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe
Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-enabler.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-updater.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe
==================== Loaded Modules (whitelisted) =============
2009-08-23 19:24 - 2009-08-23 19:24 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-01-27 08:11 - 2011-01-27 08:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-10 12:16 - 2013-10-10 12:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-02 12:19 - 2013-10-02 12:19 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 17:57 - 2013-10-09 17:57 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/10/2013 08:42:16 PM) (Source: Application Hang) (User: )
Description: Programm rct2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1260
Startzeit: 01cec5c002ecef8f
Endzeit: 9
Anwendungspfad: C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\rct2.exe
Berichts-ID:
Error: (10/10/2013 02:34:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 11:28:31 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/10/2013 11:20:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 09:02:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 09:58:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 09:56:37 PM) (Source: Winlogon) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
Error: (10/09/2013 09:56:37 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
0x8007043C
Error: (10/09/2013 09:55:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 08:38:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (10/10/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
Error: (10/10/2013 02:35:04 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (10/10/2013 02:33:29 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 10.10.2013 um 14:26:59 unerwartet heruntergefahren.
Error: (10/10/2013 11:21:33 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (10/10/2013 11:20:08 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 10.10.2013 um 11:18:04 unerwartet heruntergefahren.
Error: (10/10/2013 09:02:45 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (10/10/2013 09:01:15 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 09.10.2013 um 22:16:17 unerwartet heruntergefahren.
Error: (10/09/2013 10:11:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/09/2013 10:11:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/09/2013 10:11:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (10/10/2013 08:42:16 PM) (Source: Application Hang)(User: )
Description: rct2.exe0.0.0.0126001cec5c002ecef8f9C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\rct2.exe
Error: (10/10/2013 02:34:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 11:28:31 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\start\Downloads\esetsmartinstaller_enu.exe
Error: (10/10/2013 11:20:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 09:02:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 09:58:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 09:56:37 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001
Error: (10/09/2013 09:56:37 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8007043C
Error: (10/09/2013 09:55:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 08:38:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\start\Downloads\esetsmartinstaller_enu.exe
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 8103.77 MB
Available physical RAM: 5075.49 MB
Total Pagefile: 16205.73 MB
Available Pagefile: 12581.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.89 GB) (Free:130.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RCT2) (CDROM) (Total:0.67 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 49021280)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================ --- --- ---
Addition.txt:FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by start at 2013-10-10 20:45:50
Running from C:\Users\start\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 1.5.3.9120)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Media Player (x32 Version: 1.8)
Adobe Reader X (10.1.3) - Deutsch (x32 Version: 10.1.3)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Badoo Desktop (x32 Version: 1.6.48.1082)
BlueGriffon version 1.5.2 (x32 Version: 1.5.2)
Druckerdeinstallation für EPSON SX600FW Series
EINSATZWAGEN 20/20. Der Polizei-Simulator (x32)
Epson Event Manager (x32 Version: 2.01.00)
ESET Online Scanner v3 (x32)
Exif-Viewer 2.51 (x32 Version: 2.51)
GNUmed-client 1.2.0 (x32 Version: 1.2.0)
GrabIt 1.7.2 Beta 6 (build 1008) (x32)
Iminent (x32 Version: 6.37.21.0)
Intel PROSet Wireless
Intel(R) Processor Graphics (x32 Version: 8.15.10.2291)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.1.0.0096)
Intel® PROSet/Wireless WiFi-Software (Version: 15.01.0000.0830)
KeePass Password Safe 2.19 (x32)
Med7 (x32 Version: 7.86.0004)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mobile Connection Manager (x32)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Notepad++ (x32 Version: 6.1.2)
NVIDIA Grafiktreiber 268.56 (Version: 268.56)
NVIDIA Install Application (Version: 2.265.41.0)
NVIDIA Optimus 1.0.22 (Version: 1.0.22)
NVIDIA Systemsteuerung 268.56 (Version: 268.56)
NVIDIA Update Components (Version: 1.0.22)
Paint.NET v3.5.10 (Version: 3.60.0)
PC Performer (x32 Version: 11.10)
Photomizer (x32 Version: 1.0.10.1236)
Picasa 3 (x32 Version: 3.8)
Plus-HD-3.8 (x32 Version: 1.27.153.11)
PokerStars.net (x32)
QuickPar 0.9 (x32 Version: 0.9)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10001)
RollerCoaster Tycoon 2 (x32)
Skype Click to Call (x32 Version: 6.1.10441)
Skype™ 6.6 (x32 Version: 6.6.106)
SpyHunter (Version: 4.15.1.4270)
UnLock Root 2.31 (x32 Version: 2.31)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
USB2.0 UVC VGA WebCam (Version: 5.8.55133.208)
VIS (x32)
Web-Cake 3.00 (Version: 3.00)
webcam 7 (x32 Version: 0.9.9.43)
WinHTTrack Website Copier 3.46-1 (x32 Version: 3.46.1)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
Wireshark 1.6.7 (32-bit) (x32 Version: 1.6.7)
ZTE USB Driver (Version: 1.0.1.25_TME)
==================== Restore Points =========================
28-08-2013 12:45:11 Removed 7-Zip 9.20 (x64 edition)
28-08-2013 13:29:11 Removed SweetIM for Messenger 3.7
11-09-2013 09:02:25 Geplanter Prüfpunkt
18-09-2013 09:11:23 Geplanter Prüfpunkt
26-09-2013 10:41:01 Geplanter Prüfpunkt
05-10-2013 09:16:00 Removed Internet Explorer Toolbar 4.6 by SweetPacks
05-10-2013 09:17:43 Removed Update Manager for SweetPacks 1.0
05-10-2013 09:18:09 Removed Update Manager for SweetPacks 1.0
06-10-2013 09:09:05 Windows Defender Checkpoint
09-10-2013 13:38:09 KingBill 2010 wird entfernt
09-10-2013 16:31:58 Installiert RollerCoaster Tycoon 2
09-10-2013 19:11:58 Installed SpyHunter
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {050A9596-B324-48B7-ADCA-785364EE1B83} - System32\Tasks\PC Performer_UPDATES => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {171B8802-8164-40DF-BB12-2A283EB8FB21} - System32\Tasks\PC Performer => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {17D60AEE-E40F-4A69-8B5E-F758A07313F4} - System32\Tasks\{B06C6EAB-DD35-4AC5-B642-6160D06B6509} => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {1E979F66-D8A7-428E-9D99-E8794C2A7250} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {271CF7CB-0A8F-4BE6-ABBD-6350470BA7D2} - System32\Tasks\Plus-HD-3.8-enabler => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe [2013-10-10] (Plus HD)
Task: {6B6BAD3F-C66E-4FBA-BFF7-67EF5F1F34FC} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {7FA55C85-6F01-45FC-9873-5CE10CD33D6F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000Core => C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-17] (Google Inc.)
Task: {936178D3-9A34-431D-ABDA-A76B1B084323} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000UA => C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-17] (Google Inc.)
Task: {A4D747F8-F660-49B0-A9BE-40FE61B6E4F8} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2013-07-17] (Enigma Software Group USA, LLC.)
Task: {A76C6FFA-9053-45AA-84D5-484A5D3F6CDE} - System32\Tasks\Plus-HD-3.8-updater => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe [2013-10-10] (Plus HD)
Task: {B870E2A5-BEF0-4124-A7E9-4C805DCA0FAE} - System32\Tasks\Plus-HD-3.8-firefoxinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe [2013-10-10] (Plus HD)
Task: {BCF28FCC-C2E0-4081-B225-DB9722069D44} - System32\Tasks\AdobeAAMUpdater-1.0-Laptop-PC-Laptop => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {D14D7A95-AA69-4F03-B2B4-359DB654EF0A} - System32\Tasks\{F76968B7-B33A-4ADE-9C80-04A3EB0542B0} => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC)
Task: {FB9D561B-0F19-41EC-AC23-2EB687A1B2AA} - System32\Tasks\Plus-HD-3.8-codedownloader => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe [2013-10-10] (Plus HD)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000Core.job => C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2425894881-2670551537-515043146-1000UA.job => C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe
Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-enabler.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-updater.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe
==================== Loaded Modules (whitelisted) =============
2009-08-23 19:24 - 2009-08-23 19:24 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-01-27 08:11 - 2011-01-27 08:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-10 12:16 - 2013-10-10 12:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-02 12:19 - 2013-10-02 12:19 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 17:57 - 2013-10-09 17:57 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/10/2013 08:42:16 PM) (Source: Application Hang) (User: )
Description: Programm rct2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1260
Startzeit: 01cec5c002ecef8f
Endzeit: 9
Anwendungspfad: C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\rct2.exe
Berichts-ID:
Error: (10/10/2013 02:34:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 11:28:31 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/10/2013 11:20:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 09:02:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 09:58:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 09:56:37 PM) (Source: Winlogon) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
Error: (10/09/2013 09:56:37 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
0x8007043C
Error: (10/09/2013 09:55:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 08:38:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (10/10/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
Error: (10/10/2013 02:35:04 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (10/10/2013 02:33:29 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 10.10.2013 um 14:26:59 unerwartet heruntergefahren.
Error: (10/10/2013 11:21:33 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (10/10/2013 11:20:08 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 10.10.2013 um 11:18:04 unerwartet heruntergefahren.
Error: (10/10/2013 09:02:45 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (10/10/2013 09:01:15 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 09.10.2013 um 22:16:17 unerwartet heruntergefahren.
Error: (10/09/2013 10:11:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/09/2013 10:11:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (10/09/2013 10:11:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (10/10/2013 08:42:16 PM) (Source: Application Hang)(User: )
Description: rct2.exe0.0.0.0126001cec5c002ecef8f9C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\rct2.exe
Error: (10/10/2013 02:34:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 11:28:31 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\start\Downloads\esetsmartinstaller_enu.exe
Error: (10/10/2013 11:20:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 09:02:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 09:58:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 09:56:37 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001
Error: (10/09/2013 09:56:37 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8007043C
Error: (10/09/2013 09:55:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 08:38:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\start\Downloads\esetsmartinstaller_enu.exe
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 8103.77 MB
Available physical RAM: 5075.49 MB
Total Pagefile: 16205.73 MB
Available Pagefile: 12581.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.89 GB) (Free:130.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RCT2) (CDROM) (Total:0.67 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 49021280)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================ --- --- --- |