Okay, hier die Logs - ich hoffe, es ist alles dabei... Code:
# AdwCleaner v3.207 - Bericht erstellt am 07/05/2014 um 14:56:49
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Anja - ANJA-HP
# Gestartet von : C:\Users\Anja\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\Toolbar Cleaner
Ordner Gelöscht : C:\Users\Anja\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Anja\AppData\Roaming\dvdvideosoftiehelpers
Datei Gelöscht : C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\invalidprefs.js
Datei Gelöscht : C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\a6dfdcbc38be40
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v29.0 (de)
[ Datei : C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "a01584b1000000000000c01885387ef6");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15862");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.510:16:14");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121562");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
-\\ Google Chrome v34.0.1847.131
[ Datei : C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtAzzyB0E0FyCzzyE0BtCtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0DyD0FyDtC0CtDtG0B0EtCyBtGyDzzyB0CtGtAtCtA0AtGyByD0DtBzyyEyB0E0F0ByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EtAzy0AyCzytG0DtB0CtDtG0BzzyCtCtGtA0DyEzztGtD0FyB0AyEzytCyB0CyB0AyC2Q&cr=2143095&ir=
Gelöscht [Search Provider] : hxxp://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasecuritytb&v=4_2&idate=2014-05-06&ent=ch_656&q={searchTerms}
Gelöscht [Startup_urls] : hxxp://pandasecurity.mystart.com/?pr=vmn&id=pandasecuritytb&v=4_2&utm_campaign=656&idate=2014-05-06&ent=hp_656&u=5733103BF68CD1A170DA43536934AB3E
Gelöscht [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=dvd_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtAzzyB0E0FyCzzyE0BtCtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0DyD0FyDtC0CtDtG0B0EtCyBtGyDzzyB0CtGtAtCtA0AtGyByD0DtBzyyEyB0E0F0ByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EtAzy0AyCzytG0DtB0CtDtG0BzzyCtCtGtA0DyEzztGtD0FyB0AyEzytCyB0CyB0AyC2Q&cr=2143095&ir=
Gelöscht [Homepage] : hxxp://pandasecurity.mystart.com/?pr=vmn&id=pandasecuritytb&v=4_2&utm_campaign=656&idate=2014-05-06&ent=hp_656&u=5733103BF68CD1A170DA43536934AB3E
Gelöscht [Extension] : pflphaooapbgpeakohlggbpidpppgdff
*************************
AdwCleaner[R0].txt - [9454 octets] - [07/05/2014 14:55:05]
AdwCleaner[S0].txt - [8372 octets] - [07/05/2014 14:56:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8432 octets] ########## Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 07.05.2014
Suchlauf-Zeit: 15:39:05
Logdatei:
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.05.07.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Anja
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 288950
Verstrichene Zeit: 33 Min, 5 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 0
(No malicious items detected)
Physische Sektoren: 0
(No malicious items detected)
(end) Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3efcde162c72b243b56eceb1170ee145
# engine=18168
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-07 04:59:22
# local_time=2014-05-07 06:59:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1791 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 85125 151111812 0 0
# scanned=226995
# found=0
# cleaned=0
# scan_time=10533
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by Anja (administrator) on ANJA-HP on 07-05-2014 19:31:51
Running from C:\Users\Anja\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(GARMIN Corp.) C:\Garmin\gStart.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Panda Security URL Filtering] => C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe [235072 2013-04-11] (Visicom Media Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32736 2013-10-19] (Panda Security, S.L.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\.DEFAULT\...\RunOnce: [panda4_0dn] - reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f
HKU\.DEFAULT\...\RunOnce: [panda4_0dn_XP] - reg.exe delete "HKCU\Software\panda4_0dn" /f
HKU\S-1-5-21-3998944448-901136628-637262599-1000\...\Run: [gStart] => C:\Garmin\gStart.exe [1891416 2008-08-13] (GARMIN Corp.)
HKU\S-1-5-21-3998944448-901136628-637262599-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3998944448-901136628-637262599-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtAzzyB0E0FyCzzyE0BtCtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0DyD0FyDtC0CtDtG0B0EtCyBtGyDzzyB0CtGtAtCtA0AtGyByD0DtBzyyEyB0E0F0ByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EtAzy0AyCzytG0DtB0CtDtG0BzzyCtCtGtA0DyEzztGtD0FyB0AyEzytCyB0CyB0AyC2Q&cr=2143095&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtAzzyB0E0FyCzzyE0BtCtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0DyD0FyDtC0CtDtG0B0EtCyBtGyDzzyB0CtGtAtCtA0AtGyByD0DtBzyyEyB0E0F0ByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EtAzy0AyCzytG0DtB0CtDtG0BzzyCtCtGtA0DyEzztGtD0FyB0AyEzytCyB0CyB0AyC2Q&cr=2143095&ir=
SearchScopes: HKLM - {88AEA96D-C839-4D40-9888-4DC0F37C806E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {88AEA96D-C839-4D40-9888-4DC0F37C806E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtAzzyB0E0FyCzzyE0BtCtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0DyD0FyDtC0CtDtG0B0EtCyBtGyDzzyB0CtGtAtCtA0AtGyByD0DtBzyyEyB0E0F0ByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0E0EtAzy0AyCzytG0DtB0CtDtG0BzzyCtCtGtA0DyEzztGtD0FyB0AyEzytCyB0CyB0AyC2Q&cr=2143095&ir=
SearchScopes: HKCU - {88AEA96D-C839-4D40-9888-4DC0F37C806E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll ()
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-11-04] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pandasecuritytb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Panda Security Toolbar - C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2014-05-06]
FF Extension: WEB.DE MailCheck - C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs972ayi.default\Extensions\toolbar@web.de.xpi [2013-03-09]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-04-29]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-03-20]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Docs) - C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (Website Logon) - C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmogjcijkfeahcajecmmegieipfbdcc [2014-04-14]
CHR Extension: (YouTube) - C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Google-Suche) - C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (Panda Security New Tab) - C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fknfdieimobmimhdkfkheeejenmdjhoe [2014-05-07]
CHR Extension: (Google Wallet) - C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]
CHR Extension: (Google Mail) - C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-06]
CHR HKLM-x32\...\Chrome\Extension: [bfmogjcijkfeahcajecmmegieipfbdcc] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-08-18]
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx [2014-02-21]
==================== Services (Whitelisted) =================
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140768 2013-10-03] (Panda Security, S.L.)
R2 panda_url_filteringService; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [237632 2014-02-18] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37344 2013-10-19] (Panda Security, S.L.)
==================== Drivers (Whitelisted) ====================
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-07] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [91368 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [122088 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109288 2013-05-29] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95464 2013-05-29] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69864 2013-05-29] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [119016 2013-05-29] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [305896 2013-05-29] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [118504 2013-05-29] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [246504 2013-05-29] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106216 2013-05-29] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [47704 2013-11-21] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [169192 2013-10-17] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [122600 2013-10-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [206056 2013-10-11] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124648 2013-10-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [137960 2013-10-11] (Panda Security, S.L.)
S3 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [105704 2013-10-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58808 2013-04-29] (Panda Security, S.L.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-07 15:52 - 2014-05-07 15:52 - 02347384 _____ (ESET) C:\Users\Anja\Desktop\esetsmartinstaller_deu.exe
2014-05-07 15:04 - 2014-05-07 15:04 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-07 15:04 - 2014-05-07 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-07 15:04 - 2014-05-07 15:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-07 15:04 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-07 15:04 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-07 15:04 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-07 14:58 - 2013-04-29 09:17 - 00058808 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-05-07 14:55 - 2014-05-07 14:56 - 00000000 ____D () C:\AdwCleaner
2014-05-07 14:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-07 14:54 - 2014-05-07 14:54 - 01316991 _____ () C:\Users\Anja\Desktop\adwcleaner.exe
2014-05-07 12:02 - 2014-05-07 12:03 - 00040498 _____ () C:\Users\Anja\Desktop\Addition.txt
2014-05-07 12:01 - 2014-05-07 19:32 - 00022022 _____ () C:\Users\Anja\Desktop\FRST.txt
2014-05-07 11:59 - 2014-05-07 19:31 - 00000000 ____D () C:\FRST
2014-05-07 11:58 - 2014-05-07 11:58 - 02063872 _____ (Farbar) C:\Users\Anja\Desktop\FRST64.exe
2014-05-07 00:10 - 2014-05-07 00:10 - 00000000 _____ () C:\Windows\SysWOW64\shoE499.tmp
2014-05-06 23:46 - 2014-05-07 17:00 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-06 23:46 - 2014-05-06 23:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-06 23:41 - 2014-05-06 23:42 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Anja\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-06 21:15 - 2014-05-06 21:15 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Search The Web
2014-05-06 21:15 - 2014-05-06 21:15 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2014-05-06 21:14 - 2014-05-06 21:15 - 00000000 ____D () C:\Program Files (x86)\pandasecuritytb
2014-05-06 21:14 - 2014-05-06 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
2014-05-06 19:12 - 2014-05-07 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-06 19:12 - 2014-05-06 19:12 - 00000000 _____ () C:\autoexec.bat
2014-05-06 19:11 - 2014-05-07 11:22 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-05 17:45 - 2014-05-02 17:32 - 01255598 ____R () C:\Users\Anja\Desktop\Roth-Vorbereitung~backup-140505.logbook
2014-05-02 23:09 - 2014-05-02 23:10 - 12681040 _____ (Microsoft Corporation) C:\Users\Anja\Downloads\mm20deu.exe
2014-05-02 22:35 - 2014-05-02 22:58 - 00046303 _____ () C:\Users\Anja\Desktop\Roth.wlmp
2014-05-02 22:25 - 2014-05-02 23:07 - 00000000 ____D () C:\Users\Anja\AppData\Local\Windows Live
2014-05-02 22:24 - 2014-05-02 22:25 - 00000000 ____D () C:\Users\Anja\AppData\Local\{C3B0C39E-62EF-4F20-A354-2EA5562F6B0D}
2014-05-02 22:14 - 2014-05-02 22:14 - 00000043 _____ () C:\Users\Anja\AppData\Roaming\WB.CFG
2014-05-02 21:25 - 2014-05-02 22:21 - 00000000 ____D () C:\Users\Anja\Desktop\Roth Bilder
2014-05-02 21:20 - 2014-05-02 21:20 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieUserList
2014-05-02 21:20 - 2014-05-02 21:20 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieSiteList
2014-05-02 11:55 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 11:55 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 11:55 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 11:55 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 10:10 - 2014-05-02 10:10 - 00000000 ____D () C:\Users\Anja\AppData\Local\{66C44658-4171-4C04-85B8-221E89C332C2}
2014-04-29 21:51 - 2014-04-29 21:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-29 08:47 - 2014-04-29 08:47 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-23 12:03 - 2014-04-23 12:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-23 10:19 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-23 10:19 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-19 11:31 - 2014-04-19 11:31 - 00001140 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
2014-04-19 11:31 - 2014-04-19 11:31 - 00001128 _____ () C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
2014-04-19 11:31 - 2014-04-19 11:31 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-19 11:31 - 2014-04-19 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Videoverwandte Programme
2014-04-19 11:30 - 2014-05-02 08:10 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\vlc
2014-04-19 11:30 - 2014-04-19 11:30 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-19 11:30 - 2014-04-19 11:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-04-19 11:29 - 2014-04-19 11:29 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-19 11:21 - 2014-04-19 11:26 - 24677393 _____ () C:\Users\Anja\Downloads\vlc-2.1.3-win32.exe
2014-04-15 10:47 - 2014-04-30 09:42 - 00265227 _____ () C:\Users\Anja\Desktop\Trainingsplan.xlsx
2014-04-14 12:18 - 2014-04-30 07:35 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-14 12:18 - 2014-04-14 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-14 09:54 - 2014-04-30 17:23 - 00000217 _____ () C:\Users\Anja\Desktop\Mündliche.txt
2014-04-13 18:58 - 2014-04-13 18:58 - 00013105 _____ () C:\Users\Anja\Desktop\Triathlon Stand 01.04.2014.xlsx
2014-04-10 21:16 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 21:16 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 21:16 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 21:16 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 21:16 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 21:16 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 21:16 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 21:16 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 21:16 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 21:16 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 21:16 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 21:16 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 21:16 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 21:16 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 21:16 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 21:16 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 21:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 21:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 21:16 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 21:16 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 21:16 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 21:16 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 21:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 21:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 21:16 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 21:16 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 21:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 21:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 21:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 21:16 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 21:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 21:16 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 21:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 21:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 21:16 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 21:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 21:16 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 21:16 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 21:16 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 21:16 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 21:16 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 21:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 21:16 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 21:16 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-10 15:33 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 15:33 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 15:33 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 15:33 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 15:33 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 15:33 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 15:33 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 15:33 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 15:33 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 15:33 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 15:33 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 15:33 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 15:33 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 15:33 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 15:33 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 15:33 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 15:33 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
==================== One Month Modified Files and Folders =======
2014-05-07 19:32 - 2014-05-07 12:01 - 00022022 _____ () C:\Users\Anja\Desktop\FRST.txt
2014-05-07 19:31 - 2014-05-07 11:59 - 00000000 ____D () C:\FRST
2014-05-07 18:46 - 2012-08-17 17:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 18:39 - 2013-08-12 18:05 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-07 17:00 - 2014-05-06 23:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-07 16:00 - 2011-11-04 21:53 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-05-07 16:00 - 2011-11-04 21:53 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-05-07 16:00 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 15:52 - 2014-05-07 15:52 - 02347384 _____ (ESET) C:\Users\Anja\Desktop\esetsmartinstaller_deu.exe
2014-05-07 15:07 - 2009-07-14 06:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-07 15:07 - 2009-07-14 06:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-07 15:04 - 2014-05-07 15:04 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-07 15:04 - 2014-05-07 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-07 15:04 - 2014-05-07 15:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-07 15:03 - 2011-12-12 02:33 - 01082761 _____ () C:\Windows\WindowsUpdate.log
2014-05-07 14:59 - 2012-11-08 06:57 - 00000000 ____D () C:\ProgramData\Panda Security URL Filtering
2014-05-07 14:58 - 2013-08-12 18:05 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-07 14:58 - 2013-07-18 15:07 - 00034330 _____ () C:\Windows\setupact.log
2014-05-07 14:58 - 2013-07-18 15:06 - 00533136 _____ () C:\Windows\PFRO.log
2014-05-07 14:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-07 14:56 - 2014-05-07 14:55 - 00000000 ____D () C:\AdwCleaner
2014-05-07 14:54 - 2014-05-07 14:54 - 01316991 _____ () C:\Users\Anja\Desktop\adwcleaner.exe
2014-05-07 14:47 - 2011-12-12 02:43 - 00000000 ____D () C:\ProgramData\Norton
2014-05-07 12:03 - 2014-05-07 12:02 - 00040498 _____ () C:\Users\Anja\Desktop\Addition.txt
2014-05-07 11:58 - 2014-05-07 11:58 - 02063872 _____ (Farbar) C:\Users\Anja\Desktop\FRST64.exe
2014-05-07 11:30 - 2014-05-06 19:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-07 11:22 - 2014-05-06 19:11 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-07 00:11 - 2009-07-14 06:45 - 00348816 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-07 00:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-05-07 00:10 - 2014-05-07 00:10 - 00000000 _____ () C:\Windows\SysWOW64\shoE499.tmp
2014-05-06 23:46 - 2014-05-06 23:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-06 23:42 - 2014-05-06 23:41 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Anja\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-06 23:33 - 2013-08-23 12:12 - 00000000 ____D () C:\Users\Anja\Desktop\HEX
2014-05-06 21:15 - 2014-05-06 21:15 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Search The Web
2014-05-06 21:15 - 2014-05-06 21:15 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2014-05-06 21:15 - 2014-05-06 21:14 - 00000000 ____D () C:\Program Files (x86)\pandasecuritytb
2014-05-06 21:14 - 2014-05-06 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
2014-05-06 21:14 - 2012-08-17 13:22 - 00064808 _____ () C:\Users\Anja\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-06 19:12 - 2014-05-06 19:12 - 00000000 _____ () C:\autoexec.bat
2014-05-05 17:45 - 2013-11-27 09:15 - 01257043 _____ () C:\Users\Anja\Desktop\Roth-Vorbereitung.logbook
2014-05-05 11:51 - 2013-02-03 20:28 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForAnja.job
2014-05-05 06:29 - 2012-12-09 22:23 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-05 06:29 - 2012-08-19 17:58 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-02 23:10 - 2014-05-02 23:09 - 12681040 _____ (Microsoft Corporation) C:\Users\Anja\Downloads\mm20deu.exe
2014-05-02 23:07 - 2014-05-02 22:25 - 00000000 ____D () C:\Users\Anja\AppData\Local\Windows Live
2014-05-02 22:58 - 2014-05-02 22:35 - 00046303 _____ () C:\Users\Anja\Desktop\Roth.wlmp
2014-05-02 22:25 - 2014-05-02 22:24 - 00000000 ____D () C:\Users\Anja\AppData\Local\{C3B0C39E-62EF-4F20-A354-2EA5562F6B0D}
2014-05-02 22:21 - 2014-05-02 21:25 - 00000000 ____D () C:\Users\Anja\Desktop\Roth Bilder
2014-05-02 22:14 - 2014-05-02 22:14 - 00000043 _____ () C:\Users\Anja\AppData\Roaming\WB.CFG
2014-05-02 21:20 - 2014-05-02 21:20 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieUserList
2014-05-02 21:20 - 2014-05-02 21:20 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieSiteList
2014-05-02 21:15 - 2013-06-06 10:15 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-02 21:15 - 2013-06-06 10:15 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-02 21:15 - 2012-09-17 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-02 21:14 - 2012-09-17 20:53 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\DVDVideoSoft
2014-05-02 17:32 - 2014-05-05 17:45 - 01255598 ____R () C:\Users\Anja\Desktop\Roth-Vorbereitung~backup-140505.logbook
2014-05-02 10:10 - 2014-05-02 10:10 - 00000000 ____D () C:\Users\Anja\AppData\Local\{66C44658-4171-4C04-85B8-221E89C332C2}
2014-05-02 08:10 - 2014-04-19 11:30 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\vlc
2014-04-30 19:01 - 2013-06-17 12:13 - 00000237 _____ () C:\Users\Anja\Desktop\Kaufliste.txt
2014-04-30 17:23 - 2014-04-14 09:54 - 00000217 _____ () C:\Users\Anja\Desktop\Mündliche.txt
2014-04-30 12:05 - 2012-08-17 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 09:42 - 2014-04-15 10:47 - 00265227 _____ () C:\Users\Anja\Desktop\Trainingsplan.xlsx
2014-04-30 07:35 - 2014-04-14 12:18 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 21:51 - 2014-04-29 21:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-29 16:01 - 2014-05-02 11:55 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-02 11:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-02 11:55 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-02 11:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 08:47 - 2014-04-29 08:47 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-29 08:47 - 2012-08-17 17:59 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 08:47 - 2011-11-04 13:29 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-27 05:59 - 2012-09-18 03:14 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-27 05:59 - 2012-09-18 03:14 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\NCH Software
2014-04-27 05:59 - 2012-09-18 03:14 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-23 12:03 - 2014-04-23 12:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-22 14:23 - 2013-01-19 14:31 - 00007605 _____ () C:\Windows\SysWOW64\SystemData.xml
2014-04-19 11:31 - 2014-04-19 11:31 - 00001140 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
2014-04-19 11:31 - 2014-04-19 11:31 - 00001128 _____ () C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
2014-04-19 11:31 - 2014-04-19 11:31 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-19 11:31 - 2014-04-19 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Videoverwandte Programme
2014-04-19 11:31 - 2012-09-18 03:14 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-19 11:30 - 2014-04-19 11:30 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-19 11:30 - 2014-04-19 11:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-04-19 11:29 - 2014-04-19 11:29 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-19 11:26 - 2014-04-19 11:21 - 24677393 _____ () C:\Users\Anja\Downloads\vlc-2.1.3-win32.exe
2014-04-16 10:06 - 2012-08-17 15:38 - 00000000 ____D () C:\Users\Anja\AppData\Local\Adobe
2014-04-14 12:18 - 2014-04-14 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-14 12:18 - 2013-08-12 18:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-14 12:18 - 2013-08-12 18:04 - 00000000 ____D () C:\Users\Anja\AppData\Local\Google
2014-04-14 04:24 - 2014-04-23 10:19 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-23 10:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 18:58 - 2014-04-13 18:58 - 00013105 _____ () C:\Users\Anja\Desktop\Triathlon Stand 01.04.2014.xlsx
2014-04-11 13:17 - 2013-08-14 09:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 06:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 21:16 - 2013-01-04 15:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 21:14 - 2012-08-20 19:19 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Anja\AppData\Local\Temp\Extract.exe
C:\Users\Anja\AppData\Local\Temp\prismsetup.exe
C:\Users\Anja\AppData\Local\Temp\Quarantine.exe
C:\Users\Anja\AppData\Local\Temp\SHSetup.exe
C:\Users\Anja\AppData\Local\Temp\SP55031.exe
C:\Users\Anja\AppData\Local\Temp\SP56750.exe
C:\Users\Anja\AppData\Local\Temp\SP56929.exe
C:\Users\Anja\AppData\Local\Temp\SP57538.exe
C:\Users\Anja\AppData\Local\Temp\SP60864.exe
C:\Users\Anja\AppData\Local\Temp\SP61152.exe
C:\Users\Anja\AppData\Local\Temp\uninst1.exe
C:\Users\Anja\AppData\Local\Temp\{1F336A12-876C-4180-B828-8861674E3DCD}.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-14 06:00
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014
Ran by Anja at 2014-05-07 19:32:21
Running from C:\Users\Anja\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Panda Cloud Antivirus (Disabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Cloud Antivirus (Disabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Cloud Antivirus Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{70F55D70-7E5F-6291-4924-2F7640F19BFE}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.139 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.0817.2216.38121 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0817.2216.38121 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0817.2216.38121 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0817.2216.38121 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0817.2216.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.0817.2215.38121 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.0817.2216.38121 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.4.0.2 - Swiss Academic Software)
Coollector (HKLM-x32\...\Coollector) (Version: - )
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.0.4528 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EMDB 1.99 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
EndNote X6 (HKLM-x32\...\{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}) (Version: 16.0.1.6599 - Thomson Reuters)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Training Center (HKLM-x32\...\{2A03B9F8-BE6D-43C6-A16A-B9998A194AF0}) (Version: 3.4.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GCstar 1.6.1 (HKLM-x32\...\GCstar) (Version: 1.6.1 - Tian)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{BC6CB499-9F29-4B41-8B8B-FA7248525256}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{562608FE-2051-4488-BF22-8CE4C03046AC}) (Version: 1.0.12 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{4741965C-AFD0-4D00-81D1-1039F96D4DC3}) (Version: 5.3.0.264 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Panda Cloud Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 02.03.00.0000 - Panda Security)
Panda Cloud Antivirus (Version: 6.06.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.2.0.4 - Panda Security and Visicom Media Inc.)
Panda Security URL Filtering (HKLM-x32\...\Panda Security URL Filtering) (Version: 2.0.0.16 - Panda Security)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version: - Tracker Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prism Videodatei-Konverter (HKLM-x32\...\Prism) (Version: 2.09 - NCH Software)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.13.0 - Ralink)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SportTracks 2.1 (HKLM-x32\...\{E6FA148F-1E7D-4A42-A9A2-7DFABC2C6A2B}) (Version: 2.1.3478 - Zone Five Software)
Switch Audiodatei-Konverter (HKLM-x32\...\Switch) (Version: - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_EXCEL_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_POWERPOINT_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_WORD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_EXCEL_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_POWERPOINT_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_WORD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VIP Access SDK (1.0.1.2) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.17 - WildTangent) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Restore Points =========================
10-04-2014 19:13:01 Windows Update
15-04-2014 17:01:41 Windows Update
22-04-2014 07:30:51 Windows Update
23-04-2014 10:02:41 Windows Update
29-04-2014 05:50:09 Windows Update
02-05-2014 09:55:08 Windows Update
06-05-2014 12:03:30 Windows Update
06-05-2014 17:11:54 Installed SpyHunter
06-05-2014 19:17:10 Removed SpyHunter
07-05-2014 09:20:23 Removed SpyHunter
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00639299-1381-45B6-AB51-83A90F8E5E0E} - \User_Feed_Synchronization-{5D322BF4-78E5-42C3-B904-7D03DCB1AD02} No Task File <==== ATTENTION
Task: {09B2C2B5-6199-4B04-9FEC-985DCBE6E56E} - \MirageAgent No Task File <==== ATTENTION
Task: {2E42AF4D-2253-48A9-BBFE-E10721B08795} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3F865D1E-728D-407A-A80D-639466ABB6A6} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {587C3414-216A-41DA-9226-7C9A4E68CCB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {81305E39-6BDC-4C2B-B15D-345E1C9C4456} - \HPCeeScheduleForAnja No Task File <==== ATTENTION
Task: {98AF74A3-D77D-4E58-8CD1-DFE3F8248C7A} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {B62AFC9E-12EF-4CEA-A7EB-D8289401686E} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {BCF787F3-54F8-41DC-BBCA-682503EC00E5} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {D503BDFA-8E47-451D-922E-3835E469AC50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {F0CCEA55-D108-491F-B74B-48FE0DFE3C35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {FBC93868-9157-4A30-9099-3C619B12FBF9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAnja.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-08-09 17:44 - 2011-08-09 17:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-08-17 23:14 - 2011-08-17 23:14 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-09-02 11:49 - 2011-09-02 11:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\SQLite3.dll
2014-04-29 21:51 - 2014-04-29 21:51 - 03845232 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-03-20 19:40 - 2013-03-20 19:40 - 00122880 _____ () C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll
2014-02-14 23:30 - 2014-02-14 23:30 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-12-12 02:32 - 2011-04-30 01:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-29 08:47 - 2014-04-29 08:47 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: MMReminderService => C:\Program Files (x86)\Mindjet\MindManager 11\MMReminderService.exe
MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/07/2014 07:26:41 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/07/2014 03:53:09 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/07/2014 03:53:04 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/07/2014 03:53:04 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/07/2014 03:52:59 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/07/2014 03:52:50 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/07/2014 03:08:51 PM) (Source: CVHSVC) (User: ) (EventID: 100)
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Error: (05/07/2014 02:59:01 PM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/07/2014 02:48:31 PM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/07/2014 02:37:04 PM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/05/2014 11:57:45 AM) (Source: bowser) (User: ) (EventID: 8003)
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ!NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{48A565F2-A795-46C3-805F-5279DA929E6A}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (05/05/2014 11:52:21 AM) (Source: NetBT) (User: ) (EventID: 4321)
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.27
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (05/02/2014 01:35:26 PM) (Source: Service Control Manager) (User: ) (EventID: 7022)
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (05/02/2014 11:55:32 AM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (04/30/2014 04:57:19 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/30/2014 04:57:19 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.
Error: (04/27/2014 05:50:21 AM) (Source: NetBT) (User: ) (EventID: 4321)
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.27
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (04/25/2014 09:25:52 AM) (Source: NetBT) (User: ) (EventID: 4321)
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.27
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (04/23/2014 10:10:43 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/23/2014 10:10:43 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 60%
Total physical RAM: 4043.86 MB
Available physical RAM: 1582.95 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 5306.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:273.32 GB) (Free:166.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:20.61 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.07 GB) FAT32
Drive g: (USB-HDD) (Fixed) (Total:1396.92 GB) (Free:1372.06 GB) FAT32
Drive h: (USB DISK) (Removable) (Total:3.72 GB) (Free:0.24 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 257422C2)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=273 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
========================================================
Disk: 1 (Size: 1397 GB) (Disk ID: AA43B183)
Partition 1: (Not Active) - (Size=-698723990528) - (Type=0C)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)
==================== End Of Log ============================ |