Hallo und Danke für die Antwort..
Ich habe mal die oberste Log-File Datei geöffnet denke mal das ist die aktuellste weil ich sehr viele habe.. :o Ja im letzten scan ergaben sich 4-5 Pfunde so weit ich mich erinnern kann und in meiner Quarantäne sind auch schon einige drinne..
Malwarebytes: Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.07.23.05
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Hülya :: HILAL [Administrator]
Schutz: Aktiviert
23.07.2013 17:22:21
mbam-log-2013-07-23 (17-22-21).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 255766
Laufzeit: 4 Minute(n), 58 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\fcn (Rogue.Residue) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\Users\Hülya\AppData\Local\Temp\is1832903999\LyricsWoofer_1060-2021_v116.exe (PUP.LyricsAd) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\ADOBEFLASH\update.xml (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Avira: Code:
Exportierte Ereignisse:
26.12.2013 17:55 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Hülya\AppData\Roaming\eIntaller\96C9059F443440d58A5839C2A4FE6328\eXQ.e
xe'
wurde ein Virus oder unerwünschtes Programm 'TR/Kazy.271964' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2013 01
Ran by Hülya (administrator) on HILAL on 28-12-2013 14:05:14
Running from C:\Users\Hülya\Documents\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
() C:\Users\Hülya\Documents\Downloads\ASF Tool v2.2\phConnector\phConnector.exe
() C:\Users\Hülya\Documents\Downloads\ASF Tool v2.2\ASF Tool v2.2.exe
() C:\Users\Hülya\Documents\Downloads\ASF Tool v2.2\EDX Loader\edxSilkroadLoader5.exe
() C:\Users\Hülya\Documents\Downloads\QSRO_FULL_CLIENT_FUN\QSRO_FULL_CLIENT_FUN\sro_client.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3478392 2013-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\RunOnce: [Application Restart #1] - C:\Users\Hülya\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --enable-full-history-sync --sync-keystore-encryption --flag-switches-end --restore-last-session hxxp://www.qvo6.com/?utm_source=b&utm_medium=vtt&from=vtt&uid=3219913727_67191_A449BC1C&ts=1370507438 [863184 2013-12-04] (Google Inc.)
MountPoints2: L - L:\autorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_0e1c0cda7ae740a2a46449a4e78501fe_39_1006_20131030_DE_ie_sp_
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://www.facebook.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://de.rd.yahoo.com/customize/ie/defaults/su/msgr9/*hxxp://de.search.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://de.search.yahoo.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU - No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_0e1c0cda7ae740a2a46449a4e78501fe_39_1006_20131030_DE_ff_sp_
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Hülya\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Hülya\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Hülya\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyProxy Standard - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\foxyproxy@eric.h.jung
FF Extension: ProxTube - Unblock YouTube - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\ich@maltegoetz.de
FF Extension: Movie2kDownloader - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\movie2kdownloader@movie2kdownloader.com
FF Extension: MaggniPic - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\sxz9smga@wmiuuiaftp.edu
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Flashblock - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF Extension: Snap.Do - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\{9c17b02e-f132-42cf-af8d-7cf4429bc96f}
FF Extension: Tamper Data - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
FF Extension: WEB.DE MailCheck - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\toolbar@web.de.xpi
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: Tamper Data - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Adblock Plus - C:\Users\Hülya\AppData\Roaming\Mozilla\Firefox\Profiles\q4dh5nth.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
Chrome:
=======
CHR HomePage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_0e1c0cda7ae740a2a46449a4e78501fe_39_1006_20131030_DE_cr_sp_
CHR RestoreOnStartup: "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_0e1c0cda7ae740a2a46449a4e78501fe_39_1006_20131030_DE_cr_sp_"
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\H\u00FClya\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\H\u00FClya\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\H\u00FClya\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (AdobeExManDetect) - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Picasa) - C:\Program Files (x86)\Picasa2\npPicasa3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\H\u00FClya\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Facebook Plugin) - C:\Users\H\u00FClya\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Hülya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\31.8_0
CHR Extension: (WOT) - C:\Users\Hülya\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.4.4_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Hülya\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0
CHR Extension: (AdBlock) - C:\Users\Hülya\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (DVDVideoSoft) - C:\Users\Hülya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Google Wallet) - C:\Users\Hülya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Hülya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-25] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1ca2757c70758c8; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2009-08-27] (Google Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-16] (Nero AG)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4303928 2011-04-24] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [79872 2010-09-07] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-25] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-03] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-01-10] (Anchorfree Inc.)
S3 dump_wmimmc; \??\C:\Users\Hülya\Desktop\EliteSRO_Client_v1.037\NewEliteSRO\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 Netaapl; system32\DRIVERS\netaapl64.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-28 14:03 - 2013-12-28 14:03 - 00000674 _____ C:\Users\Hülya\Documents\Ereignisse.txt
2013-12-26 18:41 - 2013-12-26 18:41 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-26 18:41 - 2013-12-26 18:41 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-26 18:41 - 2013-12-26 18:41 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-26 18:41 - 2013-12-26 18:41 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-26 18:36 - 2013-12-26 18:41 - 00000000 ____D C:\ProgramData\Oracle
2013-12-26 18:35 - 2013-12-26 18:36 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-12-26 18:25 - 2013-12-26 18:26 - 00009272 _____ C:\Windows\PFRO.log
2013-12-26 17:25 - 2013-12-26 17:25 - 00041788 _____ C:\Users\Hülya\Documents\cc_20131226_172534.reg
2013-12-26 16:55 - 2013-12-26 16:55 - 00003202 _____ C:\Windows\System32\Tasks\{7959D8E5-E327-4047-BF9C-D8511CABF2C5}
2013-12-16 16:10 - 2013-12-26 17:08 - 00000000 ____D C:\Program Files (x86)\Wondershare
2013-12-16 16:10 - 2013-12-16 16:10 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2013-12-16 16:10 - 2013-12-16 16:10 - 00000000 ____D C:\Users\Hülya\AppData\Local\Wondershare
2013-12-16 16:10 - 2013-12-16 16:10 - 00000000 ____D C:\ProgramData\Wondershare
2013-12-16 00:00 - 2013-11-15 03:09 - 17847296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-16 00:00 - 2013-11-15 02:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-16 00:00 - 2013-11-15 02:37 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-16 00:00 - 2013-11-15 02:29 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-16 00:00 - 2013-11-15 02:29 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-16 00:00 - 2013-11-15 02:28 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-16 00:00 - 2013-11-15 02:28 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-16 00:00 - 2013-11-15 02:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-16 00:00 - 2013-11-15 02:22 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-16 00:00 - 2013-11-15 02:20 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-16 00:00 - 2013-11-15 02:20 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-16 00:00 - 2013-11-15 02:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-16 00:00 - 2013-11-15 02:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-16 00:00 - 2013-11-15 02:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-16 00:00 - 2013-11-15 02:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-16 00:00 - 2013-11-15 02:12 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-16 00:00 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-16 00:00 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-16 00:00 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-16 00:00 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-16 00:00 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-16 00:00 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-16 00:00 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-16 00:00 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-16 00:00 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-16 00:00 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-16 00:00 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-16 00:00 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-16 00:00 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-16 00:00 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-16 00:00 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-16 00:00 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-15 23:07 - 2013-10-30 03:10 - 02776064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-15 23:07 - 2013-10-22 10:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-15 23:07 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-15 23:07 - 2013-10-11 05:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-15 23:07 - 2013-10-11 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-15 23:07 - 2013-10-11 03:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-15 23:07 - 2013-10-11 03:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-15 23:07 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-15 23:07 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-15 23:07 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2013-12-15 23:07 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-15 23:07 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-15 23:06 - 2013-10-30 05:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-15 23:06 - 2013-10-30 04:55 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-15 23:06 - 2013-10-30 03:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 20:48 - 2013-12-10 20:48 - 00000000 ____D C:\Users\Hülya\AppData\Local\Flash Player
==================== One Month Modified Files and Folders =======
2013-12-28 14:03 - 2013-12-28 14:03 - 00000674 _____ C:\Users\Hülya\Documents\Ereignisse.txt
2013-12-28 13:55 - 2009-08-27 22:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-28 13:53 - 2011-05-23 04:31 - 00003678 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{73FBE19C-22A9-493B-922F-A6254C6FC367}
2013-12-28 13:30 - 2012-08-02 05:44 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855266115-2364823348-2159012807-1000UA.job
2013-12-28 13:19 - 2012-08-08 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-28 13:10 - 2006-11-02 16:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-28 13:10 - 2006-11-02 16:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-28 12:29 - 2009-06-02 16:34 - 01536770 _____ C:\Windows\WindowsUpdate.log
2013-12-28 12:25 - 2013-06-25 13:19 - 00000080 _____ C:\Users\Hülya\AppData\Roaming\mBot.ini
2013-12-28 11:10 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 01:28 - 2009-06-20 07:49 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-28 01:28 - 2006-11-02 16:42 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-27 23:30 - 2012-08-02 05:44 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855266115-2364823348-2159012807-1000Core.job
2013-12-26 18:41 - 2013-12-26 18:41 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-26 18:41 - 2013-12-26 18:41 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-26 18:41 - 2013-12-26 18:41 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-26 18:41 - 2013-12-26 18:41 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-26 18:41 - 2013-12-26 18:36 - 00000000 ____D C:\ProgramData\Oracle
2013-12-26 18:41 - 2009-06-25 20:00 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-26 18:36 - 2013-12-26 18:35 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-12-26 18:26 - 2013-12-26 18:25 - 00009272 _____ C:\Windows\PFRO.log
2013-12-26 18:26 - 2006-11-02 16:21 - 04917216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-26 17:34 - 2010-03-09 12:28 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\vlc
2013-12-26 17:33 - 2009-06-02 19:27 - 00155136 _____ C:\Users\Hülya\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-26 17:33 - 2008-01-21 12:10 - 01560216 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-26 17:33 - 2008-01-21 12:09 - 00671440 _____ C:\Windows\system32\perfh007.dat
2013-12-26 17:33 - 2008-01-21 12:09 - 00144608 _____ C:\Windows\system32\perfc007.dat
2013-12-26 17:30 - 2013-02-04 15:09 - 00000000 ____D C:\Users\Hülya\Desktop\Kerim
2013-12-26 17:25 - 2013-12-26 17:25 - 00041788 _____ C:\Users\Hülya\Documents\cc_20131226_172534.reg
2013-12-26 17:23 - 2010-01-26 15:50 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\uTorrent
2013-12-26 17:18 - 2013-06-03 19:33 - 00000778 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-26 17:18 - 2013-06-03 19:33 - 00000000 ____D C:\Program Files\CCleaner
2013-12-26 17:15 - 2013-06-11 20:48 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 17:12 - 2013-10-30 13:51 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\Systweak
2013-12-26 17:12 - 2009-01-26 11:51 - 00000000 ____D C:\Program Files (x86)\MAGIX
2013-12-26 17:09 - 2013-10-30 13:52 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-26 17:09 - 2009-06-02 16:41 - 00000000 ___RD C:\Users\Hülya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-26 17:08 - 2013-12-16 16:10 - 00000000 ____D C:\Program Files (x86)\Wondershare
2013-12-26 17:08 - 2009-06-02 16:41 - 00072464 _____ C:\Users\Hülya\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-26 17:08 - 2009-06-02 16:39 - 00000000 ____D C:\Users\Hülya
2013-12-26 17:04 - 2009-10-17 05:44 - 00000000 ____D C:\ProgramData\VistaCodecs
2013-12-26 17:03 - 2009-06-02 16:41 - 00000000 ____D C:\Users\Hülya\AppData\Local\Google
2013-12-26 17:03 - 2009-01-26 11:51 - 00000000 ____D C:\Windows\SysWOW64\MAGIX
2013-12-26 17:01 - 2011-11-20 10:56 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\Apple Computer
2013-12-26 16:55 - 2013-12-26 16:55 - 00003202 _____ C:\Windows\System32\Tasks\{7959D8E5-E327-4047-BF9C-D8511CABF2C5}
2013-12-26 16:55 - 2011-03-05 11:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-26 16:53 - 2009-06-02 17:38 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\Adobe
2013-12-26 16:52 - 2009-01-26 11:50 - 00000000 ____D C:\ProgramData\Adobe
2013-12-26 16:44 - 2009-09-11 20:13 - 00000000 ____D C:\Program Files (x86)\DivX
2013-12-26 16:43 - 2013-10-20 09:17 - 00000000 ____D C:\Users\UpdatusUser\Desktop\DigitalAudioCenter 5
2013-12-26 16:43 - 2013-10-20 09:17 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DigitalAudioCenter 5
2013-12-26 16:43 - 2013-10-20 09:17 - 00000000 ____D C:\DAC5
2013-12-26 16:39 - 2013-10-30 13:53 - 00000000 ____D C:\Program Files (x86)\Amazon
2013-12-26 02:00 - 2009-06-05 19:35 - 00000000 ____D C:\Users\Hülya\AppData\Local\Adobe
2013-12-25 20:25 - 2013-08-10 00:59 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-25 20:25 - 2013-08-10 00:59 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-25 20:25 - 2013-08-10 00:59 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-16 16:38 - 2009-06-07 12:48 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\dvdcss
2013-12-16 16:29 - 2013-04-06 13:55 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\WindSolutions
2013-12-16 16:29 - 2013-04-06 13:55 - 00000000 ____D C:\ProgramData\WindSolutions
2013-12-16 16:10 - 2013-12-16 16:10 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2013-12-16 16:10 - 2013-12-16 16:10 - 00000000 ____D C:\Users\Hülya\AppData\Local\Wondershare
2013-12-16 16:10 - 2013-12-16 16:10 - 00000000 ____D C:\ProgramData\Wondershare
2013-12-16 15:16 - 2009-01-26 11:47 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-16 07:48 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-16 07:48 - 2006-11-02 14:33 - 00000000 __RSD C:\Windows\Media
2013-12-16 07:48 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\registration
2013-12-16 07:48 - 2006-11-02 13:33 - 84672512 _____ C:\Windows\system32\config\software_previous
2013-12-16 07:48 - 2006-11-02 13:33 - 29360128 _____ C:\Windows\system32\config\system_previous
2013-12-16 07:33 - 2006-11-02 13:33 - 56360960 _____ C:\Windows\system32\config\components_previous
2013-12-16 07:33 - 2006-11-02 13:33 - 00057344 _____ C:\Windows\system32\config\sam_previous
2013-12-16 00:00 - 2013-07-22 14:52 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 23:58 - 2006-11-02 13:35 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-15 23:25 - 2012-08-02 05:44 - 00004004 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2855266115-2364823348-2159012807-1000UA
2013-12-15 23:25 - 2012-08-02 05:44 - 00003608 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2855266115-2364823348-2159012807-1000Core
2013-12-15 22:25 - 2006-11-02 13:33 - 00524288 _____ C:\Windows\system32\config\default_previous
2013-12-15 22:25 - 2006-11-02 13:33 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-12-10 21:27 - 2012-08-02 05:45 - 00002040 _____ C:\Users\Hülya\Desktop\Google Chrome.lnk
2013-12-10 21:19 - 2012-08-08 12:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 21:19 - 2012-08-08 12:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 21:19 - 2012-08-08 12:07 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 20:55 - 2010-03-11 17:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ca6e9e9fbca2ec.job
2013-12-10 20:50 - 2010-03-11 17:56 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1ca6e9e9fbca2ec
2013-12-10 20:50 - 2009-08-27 22:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-10 20:48 - 2013-12-10 20:48 - 00000000 ____D C:\Users\Hülya\AppData\Local\Flash Player
2013-12-08 22:45 - 2010-09-10 20:20 - 00000000 ____D C:\ProgramData\Skype
2013-12-08 22:28 - 2010-09-10 20:22 - 00000000 ____D C:\Users\Hülya\AppData\Roaming\Skype
Files to move or delete:
====================
C:\Users\Hülya\AppData\Roaming\mBot.ini
C:\Users\Hülya\steam.REG
C:\Users\Public\AlexaNSISPlugin.1604.dll
Some content of TEMP:
====================
C:\Users\Hülya\AppData\Local\Temp\0WKkl3ynen0SEuP4.dll
C:\Users\Hülya\AppData\Local\Temp\1iT3Mv90MGX2UTyc.dll
C:\Users\Hülya\AppData\Local\Temp\8VbP864U58N41JI8.dll
C:\Users\Hülya\AppData\Local\Temp\aFYkZ0z2499xKA4o.dll
C:\Users\Hülya\AppData\Local\Temp\avgnt.exe
C:\Users\Hülya\AppData\Local\Temp\Dts1boJ66dKh55U5.dll
C:\Users\Hülya\AppData\Local\Temp\IgF30Ksm9X4f3rnm.dll
C:\Users\Hülya\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Hülya\AppData\Local\Temp\oaI6WaU2TiQDiUHV.dll
C:\Users\Hülya\AppData\Local\Temp\pR192I5hVDJ93bq4.dll
C:\Users\Hülya\AppData\Local\Temp\pX686zoTBGRytZqu.dll
C:\Users\Hülya\AppData\Local\Temp\TdwtazkHWRKVWMc6.dll
C:\Users\Hülya\AppData\Local\Temp\unwise.exe
C:\Users\Hülya\AppData\Local\Temp\X6L64710bBd21D4R.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-28 11:17
==================== End Of Log ============================ --- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2013 01
Ran by Hülya at 2013-12-28 14:07:50
Running from C:\Users\Hülya\Documents\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (HKCU Version: 3.3.1.30017)
Adobe Acrobat XI Pro (x32 Version: 11.0.05)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Download Assistant (x32 Version: 1.2.6)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Advertising Center (x32 Version: 0.0.0.1)
AllMedia Grabber (x32 Version: 3.0)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)
AVS Update Manager 1.0 (x32)
AVS Video Converter 6 (x32)
CCleaner (Version: 4.09)
Cheat Engine 6.2 (x32)
CPUID CPU-Z 1.65.0
DivX-Setup (x32 Version: 2.6.1.9)
Favorit (x32)
FileHippo.com Update Checker (x32)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.0.1.13)
FoxyTunes for Firefox (x32)
Free YouTube Download version 3.2.14.1022 (x32 Version: 3.2.14.1022)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Update Helper (x32 Version: 1.3.22.3)
HiJackThis (x32 Version: 1.0.0)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 3.0.0.003)
HTC Sync (x32 Version: 3.0.5439)
ImgBurn (x32 Version: 2.5.5.0)
IrfanView (remove only) (x32 Version: 4.36)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
MAGIX Media Suite 1.12.0.89 (D) (x32 Version: 1.12.0.89)
MAGIX Online Druck Service 2.3.2.0 (D) (x32 Version: 2.3.2.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Corporation (x32 Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Silverlight (x32 Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 14.0.1468.721)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 8 Essentials (x32 Version: 8.0.287)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero Installer (x32 Version: 2.0.0.1)
Nero Move it (x32 Version: 1.2.0.0)
Nero Move it Essentials (x32)
Nero Move it Help (x32 Version: 1.0.0.0)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.37)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA Drivers
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
PhotoScape (x32)
PowerISO (x32 Version: 5.6)
Ralink Wireless LAN (x32 Version: 1.00.0000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5772)
Serif PhotoPlus X2 (x32 Version: 12.0.3.013)
Snap.Do (x32 Version: 1.6.1.936)
StarOffice 8 (x32 Version: 8.00.9073)
swMSM (x32 Version: 12.0.0.1)
System Requirements Lab CYRI (x32 Version: 6.0.3.0)
TeamSpeak 3 Client (Version: 3.0.13)
Uniblue DriverScanner (x32 Version: 4.0.9.10)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 1.0.1 (x32 Version: 1.0.1)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR (x32)
WinRAR archiver
==================== Restore Points =========================
25-12-2013 18:38:18 Geplanter Prüfpunkt
26-12-2013 15:39:58 Removed Apple Application Support
26-12-2013 15:42:11 Removed Apple Mobile Device Support
26-12-2013 15:43:02 Removed Bonjour
26-12-2013 15:44:36 Removed Energy Settings
26-12-2013 15:44:56 Removed Facebook Video Calling 1.2.0.159
26-12-2013 15:57:20 OpenOffice.org 3.4.1 wird entfernt
26-12-2013 16:04:30 Removed Vista Codec Package.
26-12-2013 16:07:04 Steam wird entfernt
26-12-2013 16:09:58 Removed Snap.Do
26-12-2013 16:10:40 Removed SystemDiagnostics
26-12-2013 16:12:54 Removed Snap.Do
26-12-2013 16:16:38 O&O UnErase wurde entfernt.
26-12-2013 17:34:41 Installed Java 7 Update 45
26-12-2013 17:39:58 Removed Java 7 Update 45
26-12-2013 17:40:51 Installed Java 7 Update 45
27-12-2013 16:33:04 Geplanter Prüfpunkt
28-12-2013 10:25:27 Installed Microsoft Fix it 50131
==================== Hosts content: ==========================
2006-11-02 13:34 - 2013-07-22 18:42 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {060212D7-02DB-4F1C-975B-EFE0B52CD204} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {14A0A077-ADC5-49E7-8C77-30D5D4DEA9FF} - System32\Tasks\EPUpdater => C:\Users\HLYA~1\AppData\Roaming\BabSolution\Shared\BabMaint.exe <==== ATTENTION
Task: {373261AC-0B17-488C-8C44-9B2BF414530F} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-09-08] ()
Task: {3DDA11AC-8C84-46A3-9C0A-BF9E01231B87} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {4133E96C-A2FA-44D5-B401-2FB1671FB1E8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe
Task: {4AC9B8B1-7B49-4508-886D-4DF2971628E4} - System32\Tasks\Funmoods => C:\Users\HLYA~1\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: {62C5D1D7-64AC-46A2-891F-B2EB7E46B1FA} - System32\Tasks\GoogleUpdateTaskMachineCore1ca6e9e9fbca2ec => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-08-27] (Google Inc.)
Task: {65800F57-2E6A-4524-88DC-71C20E3453CE} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe
Task: {66813B4D-BC3A-4027-8507-15C307CF9260} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2855266115-2364823348-2159012807-1000UA => C:\Users\Hülya\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-26] (Google Inc.)
Task: {6F9F0EF4-E4E8-4256-8D10-5519A44DC782} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {98A7553D-4865-488D-BC53-78D8B9C6E0C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2855266115-2364823348-2159012807-1000Core => C:\Users\Hülya\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-26] (Google Inc.)
Task: {A42FDD8B-D460-48AE-9A08-D62BDA9EDC2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-08-27] (Google Inc.)
Task: {BF303D69-5124-46F9-A389-1263007CAA9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {E1BC9206-EEC8-485B-8DEA-7AE64879C91D} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F4643434-77A7-4651-B93B-6949EB4BC4B0} - System32\Tasks\{F519264A-125C-481E-A737-846CD80B4039} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ca6e9e9fbca2ec.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855266115-2364823348-2159012807-1000Core.job => C:\Users\Hülya\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855266115-2364823348-2159012807-1000UA.job => C:\Users\Hülya\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-01-15 16:57 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRARr\rarext.dll
2013-08-10 00:59 - 2013-08-08 22:06 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2013-12-10 21:27 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\Hülya\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-10 21:27 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\Hülya\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-10 21:27 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\Hülya\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-10 21:27 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\Hülya\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-10 21:27 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\Hülya\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-27 16:19 - 2010-08-24 21:48 - 00295936 _____ () C:\Users\Hülya\Documents\Downloads\ASF Tool v2.2\EDX Loader\edxSilkroadDll5.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Hülya:zylomtest
AlternateDataStreams: C:\Users\Hülya:zylomtr{00013KEU-UKQE-K6V0-9MH3-29NVUQ9IEVUE}
AlternateDataStreams: C:\Users\Hülya:zylomtr{000HQ7FF-AD7A-3FG1-1VH8-28I0EFCC2VP0}
AlternateDataStreams: C:\Users\Hülya:zylomtr{000HQ7FF-AD7A-3FG1-1VH8-28I0EFCC2VST}
AlternateDataStreams: C:\Users\Hülya:zylomtr{000HQ7FF-AD7A-3FG3-1EMN-28M5NPU00VPF}
AlternateDataStreams: C:\Users\Hülya:zylomtr{000HQ7FF-AD7A-3FG3-8AT4-258NF6K78VST}
AlternateDataStreams: C:\Users\Hülya:zylomtr{000HQ7FF-AD7A-3FG4-5TO3-2831TOKLCVUL}
AlternateDataStreams: C:\Users\Hülya:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVIG}
AlternateDataStreams: C:\Users\Hülya:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVVG}
AlternateDataStreams: C:\Users\Hülya:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-28A45N46SVTT}
AlternateDataStreams: C:\ProgramData\TEMP:5F538558
AlternateDataStreams: C:\ProgramData\TEMP:9B750A13
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/28/2013 11:11:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2013 06:45:08 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 1325. "{DefaultProfilesFolder}" ist kein gültiger kurzer Dateiname.
Error: (12/27/2013 04:18:04 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung phConnector.exe, Version 0.0.0.0, Zeitstempel 0x51817110, fehlerhaftes Modul MSVCP100D.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e00, Ausnahmecode 0xc0000135, Fehleroffset 0x0006f52f,
Prozess-ID 0x438, Anwendungsstartzeit phConnector.exe0.
Error: (12/27/2013 04:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung phConnector.exe, Version 0.0.0.0, Zeitstempel 0x51817110, fehlerhaftes Modul MSVCP100D.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e00, Ausnahmecode 0xc0000135, Fehleroffset 0x0006f52f,
Prozess-ID 0x644, Anwendungsstartzeit phConnector.exe0.
Error: (12/27/2013 11:00:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/26/2013 06:44:16 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 1325. "{DefaultProfilesFolder}" ist kein gültiger kurzer Dateiname.
Error: (12/26/2013 06:28:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/26/2013 06:28:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/26/2013 06:28:29 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (12/26/2013 06:28:29 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
System errors:
=============
Error: (12/28/2013 11:10:03 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: 2147942402
Error: (12/27/2013 10:59:09 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: 2147942402
Error: (12/26/2013 06:26:17 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: 2147942402
Error: (12/26/2013 04:53:43 PM) (Source: DCOM) (User: )
Description: {3C5E2B20-B911-44E2-A2DD-9F05E7B5E775}
Error: (12/26/2013 04:42:05 PM) (Source: Service Control Manager) (User: )
Description: Apple Mobile Device%%1053
Error: (12/26/2013 04:42:05 PM) (Source: Service Control Manager) (User: )
Description: 30000Apple Mobile Device
Error: (12/26/2013 04:35:24 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "HILAL" auf Transport "NetBT_Tcpip_{ED0AD528-8918-45F6-A371-C5AAF664B1A4}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (12/26/2013 04:35:16 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "HILAL" auf Transport "NetBT_Tcpip_{ED0AD528-8918-45F6-A371-C5AAF664B1A4}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (12/26/2013 04:35:04 PM) (Source: Service Control Manager) (User: )
Description: Computer Backup (MyPC Backup)%%1053
Error: (12/26/2013 04:35:04 PM) (Source: Service Control Manager) (User: )
Description: 30000Computer Backup (MyPC Backup)
Microsoft Office Sessions:
=========================
Error: (12/28/2013 11:11:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2013 06:45:08 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 1325. "{DefaultProfilesFolder}" ist kein gültiger kurzer Dateiname.(NULL)(NULL)(NULL)(NULL)
Error: (12/27/2013 04:18:04 PM) (Source: Application Error)(User: )
Description: phConnector.exe0.0.0.051817110MSVCP100D.dll6.0.6002.1888151da3e00c00001350006f52f43801cf0316d53ef129
Error: (12/27/2013 04:18:00 PM) (Source: Application Error)(User: )
Description: phConnector.exe0.0.0.051817110MSVCP100D.dll6.0.6002.1888151da3e00c00001350006f52f64401cf0316d14d92b9
Error: (12/27/2013 11:00:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/26/2013 06:44:16 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 1325. "{DefaultProfilesFolder}" ist kein gültiger kurzer Dateiname.(NULL)(NULL)(NULL)(NULL)
Error: (12/26/2013 06:28:31 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (12/26/2013 06:28:31 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (12/26/2013 06:28:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe
Error: (12/26/2013 06:28:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe
CodeIntegrity Errors:
===================================
Date: 2013-06-07 14:33:34.248
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\HLYA~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-07 14:33:33.881
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\HLYA~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-07 14:33:33.527
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-07 14:33:33.158
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-04 11:30:11.316
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\HLYA~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-04 11:30:10.968
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\HLYA~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-04 11:30:10.531
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-04 11:30:10.091
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-01-28 12:56:43.333
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Fraps\fraps64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-28 12:56:42.989
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Fraps\fraps64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 73%
Total physical RAM: 4094.32 MB
Available physical RAM: 1090.85 MB
Total Pagefile: 8407.93 MB
Available Pagefile: 5252.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:327.54 GB) (Free:108.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:592.25 GB) (Free:561.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: C347115F)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=328 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=592 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |