Okay, ich hoffe ich hab dass hier richtig gemacht.
Nun gut!
(Ach ja, sorry das es so lange gedauert hat, ich hatte gestern noch einen Termin. Nun gut, hier bin ich jetzt).
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014
Ran by Evelyn (administrator) on CYGNET-PC on 24-04-2014 08:33:23
Running from C:\Users\Evelyn\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_63b9aeb0b2db5e8b\STacSV.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
() C:\Windows\jwpen.exe
() C:\Windows\Jwpen.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe
(Symantec Corporation) C:\Program Files\Norton Family\Engine\2.9.5.29\NF.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\system32\PSIService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Data Perceptions / PowerProgrammer) C:\Windows\system32\WebUpdateSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Symantec Corporation) C:\Program Files\Norton Family\Engine\2.9.5.29\NF.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\ProgramData\Codec\Codec.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Google) C:\Program Files\Google\Google Talk\googletalk.exe
() C:\Windows\System32\HWKeyPlus.exe
() C:\Windows\System32\HWTabTray.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Electronic Arts) C:\Program Files\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(汉王科技股份有限公司) C:\Program Files\Hanvon\HWSOFT\HWShell2U.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files\HTC\HTC Sync 3.0\adb.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-26] (ASUS)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495715 2009-11-27] (IDT, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HTC Sync Loader] => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [593920 2011-04-26] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [googletalk] => C:\Program Files\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
HKLM\...\Run: [HWTablet KeyPlus] => C:\Windows\system32\HWKeyPlus.exe [53248 2008-06-03] ()
HKLM\...\Run: [HWTablet Service] => C:\Windows\system32\HWTabTray.exe [184320 2009-03-05] ()
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [*TampMon] - C:\Program Files\Norton Family\Engine\2.9.5.29\tampmon.exe [61792 2014-02-10] (Symantec Corporation)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Evelyn\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3588952 2014-03-08] (Electronic Arts)
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\Run: [Google Update] => C:\Users\Evelyn\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-04] (Google Inc.)
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-11-16] (AMD)
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\MountPoints2: {69daf7a3-915a-11e3-bd4a-806e6f6e6963} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-698156655-3041474433-3874372325-1001\...\MountPoints2: {cc1fe0b6-72b3-11e3-b00a-485b39373aac} - E:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hanvon Soft.lnk
ShortcutTarget: Hanvon Soft.lnk -> C:\Program Files\Hanvon\HWSOFT\HWShell2U.exe (汉王科技股份有限公司)
Startup: C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files\simplitec\simplicheck\simplicheck.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/moy00362/tb_v1?searchsource=10&cc=&mi=b4d5cb370000000000001c4bd68c86f9
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE986A1197733CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=5VItzzZNCqsKNj6K8Uyy1A&ind=2012101210&n=77ee3a5a&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.soft-quick.info/?l=1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {485F8EB4-05D9-478B-A02D-1BBD7A0620D3} URL = hxxp://search.softonic.com/MOY00362/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=b4d5cb370000000000001c4bd68c86f9&r=431
SearchScopes: HKCU - {485F8EB4-05D9-478B-A02D-1BBD7A0620D3} URL = hxxp://search.softonic.com/MOY00362/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=b4d5cb370000000000001c4bd68c86f9&r=431
SearchScopes: HKCU - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=5VItzzZNCqsKNj6K8Uyy1A&ind=2012012209&n=77ecdeb1&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=DE&ver=18
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.soft-quick.info/?l=1&q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Norton Family BHO - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files\Norton Family\Engine\2.9.5.29\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.223.1 192.168.239.1
FireFox:
========
FF ProfilePath: C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\c0m5y4it.default
FF user.js: detected! => C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\c0m5y4it.default\user.js
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files\Roblox\Versions\version-77cb13cdf4414374\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Evelyn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Evelyn\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Evelyn\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Evelyn\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Evelyn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Evelyn\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Evelyn\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\c0m5y4it.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\c0m5y4it.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\c0m5y4it.default\searchplugins\WebSearch.xml
FF Extension: Codecv - C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\c0m5y4it.default\Extensions\501cf8456ffa3@501cf8456ffdd.info [2012-09-29]
FF Extension: continuetosave - C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\c0m5y4it.default\Extensions\50fc4b96aa0e9@50fc4b96aa122.com [2013-06-23]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\c0m5y4it.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-05-12]
FF HKLM\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.9.5.14\coFFFw\
FF Extension: Norton Family - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.9.5.14\coFFFw\ []
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-10-31]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-15]
CHR Extension: (Google Drive) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-15]
CHR Extension: (YouTube) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-15]
CHR Extension: (Adblock Plus) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-15]
CHR Extension: (Google-Suche) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-15]
CHR Extension: (AdBlock Premium) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-01-02]
CHR Extension: (AdBlock) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-15]
CHR Extension: (Norton Identity Protection) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-09-19]
CHR Extension: (Norton™ Family) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2013-09-19]
CHR Extension: (Google Wallet) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-19]
CHR Extension: (Google Mail) - C:\Users\Evelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-26]
CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files\Norton Family\Engine\2.9.5.29\Extensions\Chrome.crx [2014-02-12]
CHR HKLM\...\Chrome\Extension: [oclcjojjnkeionnajdimfdldkbbjifmf] - C:\ProgramData\Codecv\oclcjojjnkeionnajdimfdldkbbjifmf.crx [2012-08-04]
CHR StartMenuInternet: Google Chrome - C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-11-09] (ASUS)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [18432 2011-05-05] ()
R2 ezGOSvc; C:\Windows\system32\ezGOSvc.dll [73600 2011-05-28] ()
S2 gupdate1cb055562ebb685; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2010-06-06] (Google Inc.)
R2 HWSuperPowerTablet; C:\Windows\jwpen.exe [66560 2008-06-03] ()
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376 2014-03-12] (Symantec Corporation)
R2 NSM; C:\Program Files\Norton Family\Engine\2.9.5.29\NF.exe [570944 2014-02-10] (Symantec Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_63b9aeb0b2db5e8b\STacSV.exe [229465 2009-11-27] (IDT, Inc.)
R2 WebUpdate; C:\Windows\system32\WebUpdateSvc.exe [266240 2005-08-03] (Data Perceptions / PowerProgrammer)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
R2 ACEDRV05; C:\Windows\system32\drivers\ACEDRV05.sys [97792 2012-01-20] (Protect Software GmbH)
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2011-03-26] (Protect Software GmbH)
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2009-08-21] (Alcor Micro, Corp.)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-01-16] ()
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx86.sys [1098968 2014-03-19] (Symantec Corporation)
S3 CamDrL; C:\Windows\System32\DRIVERS\Camdrl.sys [1075360 2007-02-03] (Logitech Inc.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1502000.026\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 ccSet_NSM; C:\Windows\system32\drivers\NSM\0209050.01D\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-21] (Symantec Corporation)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [57800 2009-10-22] (FTDI Ltd.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140422.001\IDSvix86.sys [395992 2014-03-26] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41504 2007-02-03] (Logitech Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [32000 2012-01-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22400 2012-02-22] (ManyCam LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140423.003\NAVENG.SYS [93272 2013-10-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140423.003\NAVEX15.SYS [1612376 2013-10-31] (Symantec Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2011-01-04] (CACE Technologies)
S3 QCPro; C:\Windows\System32\DRIVERS\p35u.sys [116480 2002-12-10] (Logitech Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1759872 2009-08-12] ()
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1502000.026\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1502000.026\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1502000.026\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1502000.026\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-10-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1502000.026\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1502000.026\SYMNETS.SYS [447704 2014-02-18] (Symantec Corporation)
S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\Windows\System32\Drivers\NSM\0209050.01D\SymRdrS.SYS [203992 2013-12-18] (Symantec Corporation)
R3 VHWDrawing; C:\Windows\System32\DRIVERS\HWDrawing.sys [6400 2007-03-26] (Windows (R) Codename Longhorn DDK provider)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S2 HYRDBios; system32\DRIVERS\HYRDBios.sys [X]
U2 V2iMount;
S3 XDva387; \??\C:\Windows\system32\XDva387.sys [X]
S3 XDva392; \??\C:\Windows\system32\XDva392.sys [X]
S3 XDva396; \??\C:\Windows\system32\XDva396.sys [X]
S3 XDva400; \??\C:\Windows\system32\XDva400.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
==================== NetSvcs (Whitelisted) ===================
NETSVC: ezGOSvc -> C:\Windows\system32\ezGOSvc.dll ()
==================== One Month Created Files and Folders ========
2014-04-24 08:33 - 2014-04-24 08:34 - 00027585 _____ () C:\Users\Evelyn\Desktop\FRST.txt
2014-04-24 08:33 - 2014-04-24 08:33 - 00000000 ____D () C:\FRST
2014-04-24 08:32 - 2014-04-24 08:32 - 01048576 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST.exe
2014-04-23 16:18 - 2014-04-23 16:18 - 03081712 ____N (Symantec Corporation) C:\Users\Evelyn\Desktop\NPE.exe
2014-04-23 12:46 - 2014-04-23 12:46 - 00003664 ____N () C:\bootsqm.dat
2014-04-23 07:24 - 2014-04-23 07:24 - 00001285 _____ () C:\Users\Evelyn\Desktop\ROBLOX Player.lnk
2014-04-23 07:23 - 2014-04-23 07:24 - 00001104 _____ () C:\Users\Evelyn\Desktop\ROBLOX Studio 2013.lnk
2014-04-22 21:41 - 2014-04-22 21:41 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 21:09 - 2014-04-22 21:09 - 00253952 _____ () C:\Users\Evelyn\Desktop\New Canvas.sai
2014-04-13 16:27 - 2013-03-25 20:27 - 00000042 _____ () C:\Users\Evelyn\Documents\aionmemo_8f d76 7.bak
2014-04-09 12:47 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 12:47 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 12:47 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 12:47 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 12:47 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 12:47 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 12:47 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 12:47 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-05 09:41 - 2014-04-05 10:13 - 00002692 _____ () C:\shared.log
2014-03-30 14:35 - 2014-03-30 14:35 - 00000000 ____D () C:\Users\Evelyn\Documents\The Movies
==================== One Month Modified Files and Folders =======
2014-04-24 08:34 - 2014-04-24 08:33 - 00027585 _____ () C:\Users\Evelyn\Desktop\FRST.txt
2014-04-24 08:33 - 2014-04-24 08:33 - 00000000 ____D () C:\FRST
2014-04-24 08:32 - 2014-04-24 08:32 - 01048576 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST.exe
2014-04-24 08:32 - 2010-05-14 14:01 - 01343568 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 08:28 - 2010-06-06 10:51 - 00000000 ____D () C:\Users\Evelyn\AppData\Roaming\Skype
2014-04-24 08:27 - 2010-10-18 20:32 - 00000000 ____D () C:\ProgramData\Origin
2014-04-24 08:26 - 2011-07-27 07:15 - 00000000 ____D () C:\Users\Evelyn\AppData\Local\Htc
2014-04-24 08:26 - 2010-06-06 16:45 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-24 08:25 - 2012-08-04 12:25 - 00000334 ____H () C:\Windows\Tasks\CodecUpdaterTask{021B7108-D364-46A2-8F39-6B2ED6A0EBE3}.job
2014-04-24 08:25 - 2011-06-04 16:37 - 00000000 ____D () C:\Program Files\Origin
2014-04-24 08:25 - 2010-06-06 16:45 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 08:24 - 2013-11-03 21:35 - 00003116 _____ () C:\Windows\HWTablet.bin
2014-04-24 08:24 - 2012-06-23 20:23 - 00024169 _____ () C:\Windows\setupact.log
2014-04-24 08:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 23:37 - 2011-06-14 20:26 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-698156655-3041474433-3874372325-1001UA.job
2014-04-23 22:11 - 2011-02-13 21:07 - 00000000 ____D () C:\Users\Evelyn\AppData\Local\CrashDumps
2014-04-23 21:24 - 2009-07-14 04:04 - 00000430 _____ () C:\Windows\win.ini
2014-04-23 20:53 - 2011-02-12 17:46 - 00000000 ____D () C:\Users\Evelyn\AppData\Roaming\.minecraft
2014-04-23 20:44 - 2011-05-01 20:00 - 00000000 ____D () C:\Users\Evelyn\AppData\Local\NPE
2014-04-23 20:39 - 2009-07-14 06:34 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 20:39 - 2009-07-14 06:34 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 16:18 - 2014-04-23 16:18 - 03081712 ____N (Symantec Corporation) C:\Users\Evelyn\Desktop\NPE.exe
2014-04-23 13:40 - 2010-06-05 07:59 - 00000000 ____D () C:\Users\Evelyn\AppData\Roaming\Mozilla
2014-04-23 12:46 - 2014-04-23 12:46 - 00003664 ____N () C:\bootsqm.dat
2014-04-23 08:42 - 2010-07-14 16:04 - 01740460 _____ () C:\Windows\PFRO.log
2014-04-23 08:07 - 2010-06-05 07:48 - 00000000 ____D () C:\Users\Evelyn
2014-04-23 08:05 - 2011-02-09 17:33 - 00000000 ____D () C:\ProgramData\Sony
2014-04-23 07:58 - 2010-05-14 14:11 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-23 07:50 - 2012-01-20 21:24 - 00035328 ___SH () C:\Users\Evelyn\Thumbs.db
2014-04-23 07:24 - 2014-04-23 07:24 - 00001285 _____ () C:\Users\Evelyn\Desktop\ROBLOX Player.lnk
2014-04-23 07:24 - 2014-04-23 07:23 - 00001104 _____ () C:\Users\Evelyn\Desktop\ROBLOX Studio 2013.lnk
2014-04-23 07:24 - 2011-11-21 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2014-04-22 21:41 - 2014-04-22 21:41 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 21:09 - 2014-04-22 21:09 - 00253952 _____ () C:\Users\Evelyn\Desktop\New Canvas.sai
2014-04-22 17:48 - 2010-10-11 19:07 - 00000476 ____H () C:\Windows\Tasks\Norton Security Scan for Evelyn.job
2014-04-22 16:42 - 2010-06-06 10:49 - 00000000 ___RD () C:\Program Files\Skype
2014-04-22 12:54 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-22 10:35 - 2010-07-25 11:27 - 00000000 ____D () C:\Users\Evelyn\AppData\Local\Adobe
2014-04-20 17:37 - 2011-06-14 20:26 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-698156655-3041474433-3874372325-1001Core.job
2014-04-18 23:36 - 2010-06-19 13:25 - 00000000 ____D () C:\Program Files\Steam
2014-04-18 07:41 - 2011-06-14 20:26 - 00000000 ____D () C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-18 07:30 - 2014-02-11 00:23 - 00000000 ____D () C:\Users\Evelyn\Desktop\To be Sorted
2014-04-17 11:29 - 2010-07-05 13:50 - 00000000 ____D () C:\Users\Evelyn\.gimp-2.6
2014-04-17 09:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-17 08:44 - 2010-11-28 15:46 - 00000000 ____D () C:\Users\Evelyn\AppData\Roaming\gtk-2.0
2014-04-12 15:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-10 16:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-09 21:26 - 2013-08-09 23:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 21:22 - 2010-06-05 07:40 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-05 10:13 - 2014-04-05 09:41 - 00002692 _____ () C:\shared.log
2014-04-02 17:10 - 2010-05-14 14:09 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-02 17:04 - 2013-10-31 15:09 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-04-02 17:04 - 2011-02-12 14:54 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-03-31 02:13 - 2014-04-09 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 12:47 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-30 14:35 - 2014-03-30 14:35 - 00000000 ____D () C:\Users\Evelyn\Documents\The Movies
2014-03-30 14:35 - 2012-01-14 13:28 - 00000000 ____D () C:\Users\Evelyn\AppData\Roaming\Lionhead Studios
2014-03-29 20:24 - 2011-03-06 10:48 - 00000000 ____D () C:\Users\Evelyn\AppData\Roaming\Audacity
Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\ProgramData\sysqcl1129139270.dat
Some content of TEMP:
====================
C:\Users\Cygnet\AppData\Local\Temp\_is513B.exe
C:\Users\Evelyn\AppData\Local\Temp\AutoRun.exe
C:\Users\Evelyn\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Evelyn\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Evelyn\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\Evelyn\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Evelyn\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Evelyn\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Evelyn\AppData\Local\Temp\drm_dyndata_7380011.dll
C:\Users\Evelyn\AppData\Local\Temp\First15.exe
C:\Users\Evelyn\AppData\Local\Temp\rootsupd.exe
C:\Users\Evelyn\AppData\Local\Temp\ubi6A29.tmp.exe
C:\Users\Evelyn\AppData\Local\Temp\ubi9DA7.tmp.exe
C:\Users\Evelyn\AppData\Local\Temp\ubiA1FD.tmp.exe
C:\Users\Evelyn\AppData\Local\Temp\VP6Install.exe
C:\Users\Evelyn\AppData\Local\Temp\VP6VFW.dll
C:\Users\Evelyn\AppData\Local\Temp\_is7213.exe
C:\Users\Evelyn\AppData\Local\Temp\_is9397.exe
C:\Users\Evelyn\AppData\Local\Temp\_isA58E.exe
C:\Users\Evelyn\AppData\Local\Temp\_isDA48.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-20 19:58
==================== End Of Log ============================ --- --- ---
--- --- ---
Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2014
Ran by Evelyn at 2014-04-24 08:35:17
Running from C:\Users\Evelyn\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
2weistein-Training (HKLM\...\{0AA0EF07-5F55-47CA-B790-8AFB7BFEE159}_is1) (Version: - Brainmonster Studios)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CC (HKLM\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Professional CS5.5 (HKLM\...\{23E445D5-FD83-4C50-A211-EB26A2975317}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
AION Free-To-Play (HKLM\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (Version: 2.70.0000 - Gameforge) Hidden
Alice Madness Returns (HKLM\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Alter Ego DE (HKLM\...\Alter Ego DE_is1) (Version: - Future Games)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
Assassin's Creed Brotherhood (HKLM\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed II (HKLM\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Liberation HD (HKLM\...\Uplay Install 625) (Version: - Ubisoft)
Assassin's Creed Revelations 1.02 (HKLM\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.02 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
ASUS USB2.0 UVC VGA WebCam (HKLM\...\ASUS USB2.0 UVC VGA WebCam) (Version: 5.8.53120.202 - Sonix)
ATI AVIVO Codecs (Version: 10.12.0.00122 - ATI Technologies Inc.) Hidden
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
Audacity 1.3.12 (HKLM\...\Audacity 1.3 Beta_is1) (Version: - Audacity Team)
Blender (HKLM\...\Blender) (Version: 2.64a-release - Blender Foundation)
CamStudio (HKLM\...\CamStudio) (Version: - )
CamStudio OSS Desktop Recorder (HKLM\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0122.858.16002 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Codec Updater (HKLM\...\Codec) (Version: - )
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.2504 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.2504 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAZ Content Management Service (HKLM\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
DAZ Install Manager (HKLM\...\DAZ Install Manager 1.0.1.108) (Version: 1.0.1.108 - DAZ 3D)
Die Sims 2 (HKLM\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
Die Sims 2: Family Fun - Accessoires (HKLM\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version: - )
Die Sims 2: Nightlife (HKLM\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version: - )
Die Sims 2: Open For Business (HKLM\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - )
Die Sims 2: Wilde Campus-Jahre (HKLM\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version: - )
Die Sims™ 2 Apartment-Leben (HKLM\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts)
Die Sims™ 2 Freizeit-Spaß (HKLM\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts)
Die Sims™ 2 Gute Reise (HKLM\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
Die Sims™ 2 H&M®-Fashion-Accessoires (HKLM\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
Die Sims™ 2 Haustiere (HKLM\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
Die Sims™ 2 IKEA® Home-Accessoires (HKLM\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires (HKLM\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version: - Electronic Arts)
Die Sims™ 2 Party-Accessoires (HKLM\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version: - )
Die Sims™ 2 Teen Style-Accessoires (HKLM\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version: - Electronic Arts)
Die Sims™ 2 Vier Jahreszeiten (HKLM\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
Die Sims™ 2 Villen- und Garten-Accessoires (HKLM\...\{1A2A15C2-6780-49c1-B296-503230E9DE00}) (Version: - Electronic Arts)
Die Sims™ 2: Glamour-Accessoires (HKLM\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - )
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
ffdshow [rev 3055] [2009-08-16] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Forte 3 - Free Edition (HKLM\...\Forte 3 Free) (Version: 3 - Lugert Verlag)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.6.9 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.9 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM\...\{6080787C-8D8A-3334-B79E-FFDC020FA0A1}) (Version: 5.3.0.18358 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Hanvon Soft 3.0 (HKLM\...\{73BD1CE5-F278-4540-B667-7F7D86488236}) (Version: 3.00.2100 - Hanwang Technology Co.,Ltd )
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM\...\{DD8D87E5-C372-462F-B168-94612B1D9451}) (Version: 3.0.5551 - HTC Corporation)
HydraVision (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6259.0 - IDT)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
ISScript (Version: 3.00.185 - InstallShield Software Corp.) Hidden
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Kingdoms of Amalur: Reckoning (HKLM\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
LEGO MARVEL Super Heroes (HKLM\...\Steam App 249130) (Version: - Traveller's Tales)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MySims™ (HKLM\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version: - NCsoft)
Norton Family (HKLM\...\NSM) (Version: 2.9.5.29 - Symantec Corporation)
Norton Internet Security (HKLM\...\NIS) (Version: 21.2.0.38 - Symantec Corporation)
Norton Security Scan (HKLM\...\NSS) (Version: 2.7.3.34 - Symantec Corporation)
NVIDIA GAME System Software 2.8.1 (HKLM\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
openCanvas 5.1.04 (HKLM\...\{E00F999C-80D1-460F-BCE1-CD0140215CBC}}_is1) (Version: 5.1.04 - portalgraphics.net)
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pflanzen gegen Zombies (HKLM\...\Pflanzen gegen Zombies) (Version: - PopCap Games)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Poser 10 (HKLM\...\Poser 10 English_is1) (Version: 10.0.0 - Smith Micro Software, Inc.)
PoserContent2014 (HKLM\...\Poser Pro 2014_is1) (Version: 10.0.0 - Smith Micro Software, Inc.)
PrimoPDF (HKLM\...\PrimoPDF4.0.2.5) (Version: 4.0.2.5 - activePDF)
ProtectDisc Helper Driver 10 (HKLM\...\ProtectDisc Driver 10) (Version: 10.0.0.3 - )
PxMergeModule (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
QuickTime (HKLM\...\QuickTime) (Version: - )
ROBLOX Player (HKLM\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio 2013 (HKLM\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
RollerCoaster Tycoon 3 (HKLM\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
SimCity™ (HKLM\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
simplitec simplicheck (HKLM\...\{F04F6CE6-ABEC-4B12-81CA-87EB238E0C6D}) (Version: 1.2.2.0 - simplitec GmbH)
Sims 3 UIC (HKLM\...\{5726F077-5643-4B62-8E50-C40BC97275F1}) (Version: 2.0 - Zindas Golden Sims)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smith Micro Download Manager version 1.0 (HKLM\...\{89816111-4490-46FB-B141-63EA77077A94}_is1) (Version: 1.0 - Smith Micro Software, Inc.)
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.02.0000 - Electronic Arts)
SPORE™ Süß & Schrecklich Ergänzungs-Pack (HKLM\...\{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tablet Driver (HKLM\...\{ACD21A44-4EF9-4461-B1F3-45786E395032}) (Version: 2.05.0000 - Hanwang technolgy)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
TI Connect 1.6 (HKLM\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Inc)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Web Update Wizard Version 3.00 (HKLM\...\Web Update Wizard_is1) (Version: - Power Programmer / Data Perceptions)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4038.0 - Microsoft Corporation)
Zipeg (HKCU\...\Zipeg) (Version: 2.9.3.1253 - hxxp://zipeg.com)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:04 - 2013-08-10 09:13 - 00000950 ____N C:\Windows\system32\Drivers\etc\hosts
216.98.48.18 127.0.0.1
216.98.48.53 127.0.0.1
216.98.48.57 127.0.0.1
216.98.48.133 127.0.0.1
216.98.48.134 127.0.0.1
==================== Scheduled Tasks (whitelisted) =============
Task: {003ED7F7-B4FA-4AE2-BC5C-F81E8AE1BA74} - System32\Tasks\{553A252D-CB84-4865-8256-9F7740C9141B} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.exe
Task: {0A8789F7-FFDB-4AF3-A10F-D4E4331BDFF9} - System32\Tasks\229B350D-034F-4c01-BAF2-3EA03DCAE0B9
Task: {114DF27B-E83E-449D-8532-CB20722586B0} - System32\Tasks\AdobeAAMUpdater-1.0-Cygnet-PC-Cygnet => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {22FAA7E3-4E88-4903-9030-EFC34DBE4493} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06] (Google Inc.)
Task: {2A2D6C00-7D5E-4FEA-9861-AB5E4331D41C} - System32\Tasks\Norton Family\Norton Error Analyzer => C:\Program Files\Norton Family\Engine\2.9.5.29\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {32436105-DC56-47B4-8EFF-A1CDDC150136} - System32\Tasks\{69022D20-9A44-4FEB-A412-E4CDA802E7D0} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.exe
Task: {38E2738E-8A2C-4189-BDE2-17FDB4295864} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {3F1D3A8D-455F-45C8-9359-C7AB34502B22} - System32\Tasks\Norton Family\Norton Error Processor => C:\Program Files\Norton Family\Engine\2.9.5.29\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {4804EB47-21B9-4FCB-BF8C-8CD1240DDDBC} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5083188F-0A25-477D-BE6F-0E5CA3630617} - System32\Tasks\{105502DC-2BE3-47AF-AF9A-B8526AC5E5B7} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.exe
Task: {5573935E-5C5A-4212-A1D3-09FD87A4E482} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {5C0AD8A4-8C6C-486B-BB3E-A1D56DC2B386} - System32\Tasks\AdobeAAMUpdater-1.0-Cygnet-PC-Evelyn => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {626E0A79-E1C9-4D6B-B05F-2A48BE69848D} - System32\Tasks\{0ECC387D-0889-405C-9FA8-8B40A7B4184C} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.exe
Task: {6BCB1F78-94C1-45C4-8AA3-11F5F17300EB} - System32\Tasks\Norton Security Scan for Evelyn => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-06-28] (Symantec Corporation)
Task: {8A210395-C8A5-42EA-8061-58893FCF2436} - System32\Tasks\{5F0CB38C-E975-42EE-B3B3-BA641946C72F} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.exe
Task: {9D12A1D1-391D-4319-8D24-0EE459A24FD8} - System32\Tasks\wp_update => C:\Users\Evelyn\AppData\Roaming\~yvlbqot.exe <==== ATTENTION
Task: {AA54ECF9-44B1-4B25-BF31-FE5048846BE4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06] (Google Inc.)
Task: {AB24BAB5-2974-4C8B-BA99-D258900AD9FF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-698156655-3041474433-3874372325-1001UA => C:\Users\Evelyn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04] (Google Inc.)
Task: {ACE94F79-EF00-4F7A-B283-5FA7EAC03F9B} - System32\Tasks\{E601A75A-C41E-45B2-8350-D96D40CC5D2A} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.exe
Task: {B929F191-4B68-4AB6-8A40-94940809039E} - System32\Tasks\{1173B09B-A561-408D-B1F9-0D7341C35FF9} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.old..exe
Task: {BAE8AC42-5369-43CF-BC44-FDC2FEAEB67E} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-04-26] ()
Task: {CAF27052-BC28-4D6D-88BF-2035A0E0EA91} - System32\Tasks\CodecUpdaterTask{021B7108-D364-46A2-8F39-6B2ED6A0EBE3} => C:\ProgramData\Codec\Codec.exe [2012-08-04] ()
Task: {CF55CD86-4170-46AA-9562-17B7F8D1329C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-698156655-3041474433-3874372325-1001Core => C:\Users\Evelyn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04] (Google Inc.)
Task: {D4161478-3966-4374-B4EE-8FC9BEF644F0} - System32\Tasks\{9FB0FA46-AAE8-4EB3-9A55-99479BCEF7A3} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.exe
Task: {D9E41400-5BC6-4149-BDE7-A3B640C78FD5} - System32\Tasks\{A0DCB95C-34C8-4C95-B339-E905A16DCDA0} => C:\Program Files\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {DD54B0C3-E9B4-415E-BD3F-4ACE2A0AC285} - System32\Tasks\{9C13D0E7-CAF7-4C47-95BD-477A51E6398F} => C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3.exe
Task: {DDC9A13A-F0B2-4621-A8A5-E13203D3806B} - System32\Tasks\{1212E8A9-F391-45DA-8BB8-A23EB3EDA20B} => D:\Autorun.exe
Task: {F0C3D0E5-B2A3-40B6-BE79-CC861D52674A} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\Windows\Tasks\CodecUpdaterTask{021B7108-D364-46A2-8F39-6B2ED6A0EBE3}.job => C:\ProgramData\Codec\Codec.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-698156655-3041474433-3874372325-1001Core.job => C:\Users\Evelyn\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-698156655-3041474433-3874372325-1001UA.job => C:\Users\Evelyn\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Evelyn.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
==================== Loaded Modules (whitelisted) =============
2013-12-17 17:42 - 2006-12-11 23:12 - 00176235 _____ () C:\Windows\System32\Primomonnt.dll
2013-12-06 21:14 - 2011-05-05 22:36 - 00018432 _____ () C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
2013-12-06 21:14 - 2011-05-05 22:36 - 01221120 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace.dll
2013-12-06 21:14 - 2011-05-05 22:36 - 00791040 _____ () C:\Program Files\DAZ 3D\Content Management Service\VServer_x86.dll
2013-12-06 21:14 - 2011-05-05 22:36 - 00838656 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_ssl.dll
2013-12-06 21:14 - 2011-05-05 22:36 - 00129536 _____ () C:\Program Files\DAZ 3D\Content Management Service\asnmp.dll
2011-05-29 12:22 - 2011-05-28 06:34 - 00073600 _____ () c:\windows\system32\ezgosvc.dll
2013-11-03 21:35 - 2008-06-03 17:18 - 00066560 _____ () C:\Windows\jwpen.exe
2013-11-03 21:35 - 2008-06-03 17:18 - 00066560 _____ () C:\Windows\Jwpen.exe
2013-11-03 21:35 - 2010-04-07 16:43 - 00029184 _____ () C:\Windows\system32\JWPEN.dll
2014-02-12 10:57 - 2012-05-29 21:21 - 00699280 ____R () C:\Program Files\Norton Family\Engine\2.9.5.29\wincfi39.dll
2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2014-02-11 04:20 - 2014-02-11 04:20 - 00597360 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2011-03-06 14:28 - 2010-08-19 18:43 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2012-08-04 12:25 - 2012-08-04 12:25 - 00210944 _____ () C:\ProgramData\Codec\Codec.exe
2011-04-26 17:22 - 2011-04-26 17:22 - 00593920 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
2011-04-26 17:22 - 2011-04-26 17:22 - 00516599 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
2011-04-26 17:22 - 2011-04-26 17:22 - 00094208 _____ () C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
2011-04-26 17:22 - 2011-04-26 17:22 - 00385024 _____ () C:\Program Files\HTC\HTC Sync 3.0\HtcDetect.dll
2011-04-26 17:22 - 2011-04-26 17:22 - 00139264 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
2011-04-26 17:22 - 2011-04-26 17:22 - 00139264 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
2011-04-26 17:22 - 2011-04-26 17:22 - 00559244 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll
2011-04-26 17:22 - 2011-04-26 17:22 - 01515520 _____ () C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll
2013-11-03 21:35 - 2008-06-03 17:16 - 00053248 _____ () C:\Windows\System32\HWKeyPlus.exe
2013-11-03 21:35 - 2009-02-26 16:22 - 00073728 _____ () C:\Windows\System32\JWkey.dll
2013-11-03 21:35 - 2009-03-05 15:54 - 00184320 _____ () C:\Windows\System32\HWTabTray.exe
2014-02-11 16:09 - 2014-02-11 16:09 - 32733080 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-01-29 17:34 - 2014-03-08 11:35 - 00962560 _____ () C:\Program Files\Origin\platforms\qwindows.dll
2014-01-29 17:34 - 2014-03-08 11:35 - 00024064 _____ () C:\Program Files\Origin\imageformats\qgif.dll
2014-01-29 17:34 - 2014-03-08 11:35 - 00025088 _____ () C:\Program Files\Origin\imageformats\qico.dll
2014-01-29 17:34 - 2014-03-08 11:35 - 00217088 _____ () C:\Program Files\Origin\imageformats\qjpeg.dll
2014-01-29 17:34 - 2014-03-08 11:35 - 00261632 _____ () C:\Program Files\Origin\imageformats\qmng.dll
2014-01-29 17:34 - 2014-03-08 11:35 - 00019968 _____ () C:\Program Files\Origin\imageformats\qtga.dll
2014-01-29 17:34 - 2014-03-08 11:35 - 00302592 _____ () C:\Program Files\Origin\imageformats\qtiff.dll
2014-01-29 17:34 - 2014-03-08 11:35 - 00018944 _____ () C:\Program Files\Origin\imageformats\qwbmp.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2011-04-26 17:22 - 2011-04-26 17:22 - 02530671 _____ () C:\Program Files\HTC\HTC Sync 3.0\adb.exe
2013-06-18 16:49 - 2013-06-18 16:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-30 00:08 - 2013-04-30 00:08 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-04-11 17:41 - 2014-04-02 03:57 - 00065352 _____ () C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-11 17:41 - 2014-04-02 03:57 - 00674632 _____ () C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-11 17:41 - 2014-04-02 03:57 - 00093000 _____ () C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-11 17:41 - 2014-04-02 03:57 - 04081480 _____ () C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-11 17:41 - 2014-04-02 03:58 - 00390472 _____ () C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-11 17:41 - 2014-04-02 03:57 - 01647432 _____ () C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-11 17:41 - 2014-04-02 03:58 - 13691720 _____ () C:\Users\Evelyn\AppData\Local\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\system32\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\system32\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\system32\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Generic Mount Control Device
Description: Generic Mount Control Device
Class Guid: {d27c1f2e-cf2d-4fdc-ad2a-0dddbeab92f0}
Manufacturer: Symantec Corporation
Service: GenericMount
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/23/2014 10:11:50 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Sims2Launcher.exe, Version: 1.0.0.1, Zeitstempel: 0x48f12e72
Name des fehlerhaften Moduls: Sims2Launcher.exe, Version: 1.0.0.1, Zeitstempel: 0x48f12e72
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002167
ID des fehlerhaften Prozesses: 0x19dc
Startzeit der fehlerhaften Anwendung: 0xSims2Launcher.exe0
Pfad der fehlerhaften Anwendung: Sims2Launcher.exe1
Pfad des fehlerhaften Moduls: Sims2Launcher.exe2
Berichtskennung: Sims2Launcher.exe3
Error: (04/23/2014 01:45:16 PM) (Source: Application Hang) (User: )
Description: Programm RobloxPlayerBeta.exe, Version 0.146.0.45615 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1890
Startzeit: 01cf5ee4b91b99fb
Endzeit: 143
Anwendungspfad: C:\Program Files\Roblox\Versions\version-77cb13cdf4414374\RobloxPlayerBeta.exe
Berichts-ID: a3b1f155-cadc-11e3-ba14-485b39373aac
Error: (04/23/2014 07:21:45 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {3e061357-3148-4373-870d-b2e147ad5a02}
Error: (04/21/2014 01:56:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/21/2014 01:55:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/20/2014 08:00:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/20/2014 07:59:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/18/2014 09:31:02 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/18/2014 09:30:03 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/17/2014 01:54:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (04/24/2014 08:29:43 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (04/24/2014 08:27:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (04/24/2014 08:27:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (04/24/2014 08:27:29 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801
Error: (04/24/2014 08:27:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (04/24/2014 08:27:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (04/24/2014 08:27:27 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801
Error: (04/24/2014 08:27:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (04/24/2014 08:27:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (04/24/2014 08:27:18 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801
Microsoft Office Sessions:
=========================
Error: (04/23/2014 10:11:50 PM) (Source: Application Error)(User: )
Description: Sims2Launcher.exe1.0.0.148f12e72Sims2Launcher.exe1.0.0.148f12e72c00000050000216719dc01cf5f302aeaf201C:\Program Files\EA GAMES\Die Sims 2 Villen- und Garten-Accessoires\TSBin\Sims2Launcher.exeC:\Program Files\EA GAMES\Die Sims 2 Villen- und Garten-Accessoires\TSBin\Sims2Launcher.exe809d3155-cb23-11e3-99a6-485b39373aac
Error: (04/23/2014 01:45:16 PM) (Source: Application Hang)(User: )
Description: RobloxPlayerBeta.exe0.146.0.45615189001cf5ee4b91b99fb143C:\Program Files\Roblox\Versions\version-77cb13cdf4414374\RobloxPlayerBeta.exea3b1f155-cadc-11e3-ba14-485b39373aac
Error: (04/23/2014 07:21:45 AM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {3e061357-3148-4373-870d-b2e147ad5a02}
Error: (04/21/2014 01:56:52 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
Error: (04/21/2014 01:55:58 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\HTC\HTC Sync 3.0\FDAgentForOutlook64.exe
Error: (04/20/2014 08:00:41 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
Error: (04/20/2014 07:59:44 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\HTC\HTC Sync 3.0\FDAgentForOutlook64.exe
Error: (04/18/2014 09:31:02 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
Error: (04/18/2014 09:30:03 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\HTC\HTC Sync 3.0\FDAgentForOutlook64.exe
Error: (04/17/2014 01:54:43 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
==================== Memory info ===========================
Percentage of memory in use: 77%
Total physical RAM: 3052.54 MB
Available physical RAM: 689.76 MB
Total Pagefile: 6103.38 MB
Available Pagefile: 2982.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:138.5 GB) NTFS
Drive e: (HTC Sync Manager) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 76692CA8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Okay :P
Hier.
Glaube das war richtig :P |