MaKenobby | 20.05.2014 08:57 | Hi Schrauber,
schön das Du mir noch einmal hilfst.
Hier die FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Martina (administrator) on MARTINA-PC on 20-05-2014 09:52:42
Running from C:\Users\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-690356491-1174369309-2236414189-1000\...\Run: [] => [X]
HKU\S-1-5-21-690356491-1174369309-2236414189-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-690356491-1174369309-2236414189-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Martina\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=9427094b7add47d39ca80919a0d8b530-e0c1b7bcbd5fbcb6eb432da5ca2d2cff55523c66 /CMPID=1213b
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386605906&from=tugs&uid=TOSHIBAXDT01ACA100_X384KT6NSXXX384KT6NSX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1386605906&from=tugs&uid=TOSHIBAXDT01ACA100_X384KT6NSXXX384KT6NSX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1386605906&from=tugs&uid=TOSHIBAXDT01ACA100_X384KT6NSXXX384KT6NSX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386605906&from=tugs&uid=TOSHIBAXDT01ACA100_X384KT6NSXXX384KT6NSX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {FC739C94-F44E-4EBA-9B70-87AB45DFD999} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 - {FC739C94-F44E-4EBA-9B70-87AB45DFD999} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\..\Interfaces\{0F245E3B-7DC2-4299-BED7-9089C5A77AA1}: [NameServer]62.109.121.2 62.109.121.1
Tcpip\..\Interfaces\{441E04CD-6116-4027-919E-D2D34375EACE}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default
FF NewTab: hxxp://www.nationzoom.com/newtab/?type=nt&ts=1386605906&from=tugs&uid=TOSHIBAXDT01ACA100_X384KT6NSXXX384KT6NSX
FF Homepage: about:blank
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2013-12-25]
FF Extension: Noia 4 Theme Manager - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\Noia4Options@ArisT2.xpi [2013-11-03]
FF Extension: Noia Fox options - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2013-11-03]
FF Extension: Personas Plus - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\personas@christopher.beard.xpi [2013-11-03]
FF Extension: No Name - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\savedpasswordeditor@daniel.dawson.xpi [2013-11-03]
FF Extension: AniWeather - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2013-11-03]
FF Extension: KOLOBOK Smiles - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\{5CEFD22F-9A9E-4544-9BFC-C4F2FBCA87D6}.xpi [2013-11-03]
FF Extension: eCleaner - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi [2013-11-03]
FF Extension: Ecosia - The search engine that plants trees - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2013-11-03]
FF Extension: Adblock Plus - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-03]
FF Extension: BetterPrivacy - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-12-09]
FF Extension: Extended Statusbar - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\wcyk0en5.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi [2013-11-03]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-11-16] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-11-16] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 DIRECTIO; \??\UNC\srv1c027.wds8.intern\reminst\Test\BitPro64\DirectIo.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-20 09:52 - 2014-05-20 09:52 - 00010911 _____ () C:\Users\Martina\Desktop\FRST.txt
2014-05-20 09:52 - 2014-05-20 09:52 - 00000000 ____D () C:\FRST
2014-05-20 09:51 - 2014-05-20 09:51 - 02067456 _____ (Farbar) C:\Users\Martina\Desktop\FRST64.exe
2014-05-20 07:38 - 2014-05-20 07:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 15:52 - 2014-05-17 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tradewinds Caravans
2014-05-16 20:03 - 2014-05-16 20:03 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Up
2014-05-16 20:03 - 2014-05-16 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farm Up
2014-05-16 19:48 - 2014-05-16 19:48 - 00001743 _____ () C:\Users\Public\Desktop\The Snow Fable.lnk
2014-05-16 19:48 - 2014-05-16 19:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Snow Fable
2014-05-16 19:48 - 2014-05-16 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Snow Fable
2014-05-15 18:42 - 2014-05-15 18:42 - 00001888 _____ () C:\Users\Martina\Desktop\Mystika 2 - The Sanctuary.lnk
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\unikgame
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystika 2 - The Sanctuary
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystika 2 - The Sanctuary
2014-05-14 23:24 - 2014-05-15 00:39 - 00000000 ____D () C:\Users\Martina\Documents\Big Bang West
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-13 00:36 - 2014-05-13 00:36 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\GameInvest
2014-05-13 00:34 - 2014-05-13 00:34 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Zellians - Kingdom Builder
2014-05-13 00:34 - 2014-05-13 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Zellians - Kingdom Builder
2014-05-11 09:46 - 2014-05-11 09:46 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Forgotten Books - The Enchanted Crown Collectors Edition
2014-05-11 09:46 - 2014-05-11 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forgotten Books - The Enchanted Crown Collectors Edition
2014-05-07 13:01 - 2014-05-07 13:01 - 00017047 _____ () C:\Users\Martina\Documents\Mietvertrag Wohnungsbörse.odt
2014-05-04 16:54 - 2014-05-04 16:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-03 08:27 - 2014-05-03 08:30 - 00000000 ____D () C:\ProgramData\Emberwind
2014-05-03 08:25 - 2014-05-03 08:25 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-03 08:25 - 2014-05-03 08:25 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-03 08:25 - 2014-05-03 08:25 - 00133632 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-03 08:25 - 2014-05-03 08:25 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-03 08:25 - 2014-05-03 08:25 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-02 12:23 - 2014-05-02 12:23 - 00000000 ____D () C:\ProgramData\Magic-Heroes
2014-05-02 12:06 - 2014-05-02 12:06 - 00001923 _____ () C:\Users\Public\Desktop\Magic Heroes - Save Our Park.lnk
2014-05-02 12:06 - 2014-05-02 12:06 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Heroes - Save Our Park
2014-05-02 12:06 - 2014-05-02 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Heroes - Save Our Park
2014-05-01 13:19 - 2014-05-03 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2014-05-01 13:19 - 2014-05-03 08:34 - 00000000 ____D () C:\Program Files (x86)\RealArcade
2014-04-30 18:55 - 2014-05-01 13:20 - 00000000 ____D () C:\ProgramData\Trymedia
2014-04-30 18:55 - 2014-04-30 18:55 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-04-30 18:55 - 2014-04-30 18:55 - 00000000 ____D () C:\Program Files (x86)\Online Games Manager
2014-04-30 18:52 - 2014-04-30 18:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\WinRAR
2014-04-27 18:54 - 2014-04-27 18:54 - 00000000 ____D () C:\Users\Martina\Documents\PassionFruit Games
2014-04-26 21:36 - 2014-04-26 21:36 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\LDW
2014-04-26 21:11 - 2014-05-11 17:00 - 00000000 ____D () C:\Users\Martina\Documents\LDW
2014-04-26 21:06 - 2014-04-26 21:06 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tiger Eye - Part I - Curse of the Riddle Box
2014-04-26 21:06 - 2014-04-26 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tiger Eye - Part I - Curse of the Riddle Box
2014-04-23 18:52 - 2014-04-23 18:52 - 00000000 ____D () C:\ProgramData\Beanbag Studios
2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\ProgramData\Brainiversity2
2014-04-23 17:47 - 2014-04-23 17:47 - 00000000 ____D () C:\ProgramData\MisteryRiddles
2014-04-23 17:45 - 2014-04-23 17:45 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brain Training for Dummies
2014-04-23 17:45 - 2014-04-23 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brain Training for Dummies
2014-04-23 17:43 - 2014-04-23 17:43 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Riddles
2014-04-23 17:43 - 2014-04-23 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Riddles
2014-04-20 09:01 - 2014-04-20 09:01 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Archie - Riverdale Rescue
2014-04-20 09:01 - 2014-04-20 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Archie - Riverdale Rescue
==================== One Month Modified Files and Folders =======
2014-05-20 09:52 - 2014-05-20 09:52 - 00010911 _____ () C:\Users\Martina\Desktop\FRST.txt
2014-05-20 09:52 - 2014-05-20 09:52 - 00000000 ____D () C:\FRST
2014-05-20 09:51 - 2014-05-20 09:51 - 02067456 _____ (Farbar) C:\Users\Martina\Desktop\FRST64.exe
2014-05-20 08:35 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-20 08:35 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-20 08:34 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-05-20 08:34 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-05-20 08:34 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-20 08:32 - 2013-11-03 20:32 - 02058373 _____ () C:\Windows\WindowsUpdate.log
2014-05-20 08:28 - 2013-11-17 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 08:28 - 2013-11-03 22:26 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-20 08:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-20 08:28 - 2009-07-14 06:51 - 00072919 _____ () C:\Windows\setupact.log
2014-05-20 08:26 - 2014-04-04 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-20 07:38 - 2014-05-20 07:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-18 20:32 - 2013-11-13 15:35 - 00000000 ___RD () C:\Users\Martina\Desktop\Mieter & Verträge
2014-05-18 06:28 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-17 18:23 - 2013-11-17 22:37 - 00000000 ___RD () C:\Users\Martina\Desktop\Games
2014-05-17 15:52 - 2014-05-17 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tradewinds Caravans
2014-05-17 15:52 - 2013-12-11 01:00 - 00000000 ____D () C:\Spiele (Programme)
2014-05-17 15:52 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-17 15:50 - 2013-12-10 12:02 - 00000000 ____D () C:\BigFishCache
2014-05-16 20:04 - 2014-02-13 01:47 - 00001722 _____ () C:\Users\Public\Desktop\Farm Up.lnk
2014-05-16 20:03 - 2014-05-16 20:03 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Up
2014-05-16 20:03 - 2014-05-16 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farm Up
2014-05-16 19:59 - 2013-11-18 16:15 - 00000000 ___RD () C:\MaBluEden
2014-05-16 19:59 - 2013-11-04 23:18 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Realore
2014-05-16 19:48 - 2014-05-16 19:48 - 00001743 _____ () C:\Users\Public\Desktop\The Snow Fable.lnk
2014-05-16 19:48 - 2014-05-16 19:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Snow Fable
2014-05-16 19:48 - 2014-05-16 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Snow Fable
2014-05-16 19:40 - 2013-11-17 18:20 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-05-15 18:42 - 2014-05-15 18:42 - 00001888 _____ () C:\Users\Martina\Desktop\Mystika 2 - The Sanctuary.lnk
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\unikgame
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystika 2 - The Sanctuary
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystika 2 - The Sanctuary
2014-05-15 00:39 - 2014-05-14 23:24 - 00000000 ____D () C:\Users\Martina\Documents\Big Bang West
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-13 00:36 - 2014-05-13 00:36 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\GameInvest
2014-05-13 00:34 - 2014-05-13 00:34 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Zellians - Kingdom Builder
2014-05-13 00:34 - 2014-05-13 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Zellians - Kingdom Builder
2014-05-11 21:27 - 2013-11-06 08:46 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\AlawarEntertainment
2014-05-11 17:12 - 2013-12-24 23:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\ERS Game Studios
2014-05-11 17:00 - 2014-04-26 21:11 - 00000000 ____D () C:\Users\Martina\Documents\LDW
2014-05-11 09:46 - 2014-05-11 09:46 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Forgotten Books - The Enchanted Crown Collectors Edition
2014-05-11 09:46 - 2014-05-11 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forgotten Books - The Enchanted Crown Collectors Edition
2014-05-08 08:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-07 13:01 - 2014-05-07 13:01 - 00017047 _____ () C:\Users\Martina\Documents\Mietvertrag Wohnungsbörse.odt
2014-05-04 16:55 - 2014-05-04 16:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-03 08:34 - 2014-05-01 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2014-05-03 08:34 - 2014-05-01 13:19 - 00000000 ____D () C:\Program Files (x86)\RealArcade
2014-05-03 08:30 - 2014-05-03 08:27 - 00000000 ____D () C:\ProgramData\Emberwind
2014-05-03 08:25 - 2014-05-03 08:25 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-03 08:25 - 2014-05-03 08:25 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-03 08:25 - 2014-05-03 08:25 - 00133632 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-03 08:25 - 2014-05-03 08:25 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-03 08:25 - 2014-05-03 08:25 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-02 12:23 - 2014-05-02 12:23 - 00000000 ____D () C:\ProgramData\Magic-Heroes
2014-05-02 12:06 - 2014-05-02 12:06 - 00001923 _____ () C:\Users\Public\Desktop\Magic Heroes - Save Our Park.lnk
2014-05-02 12:06 - 2014-05-02 12:06 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Heroes - Save Our Park
2014-05-02 12:06 - 2014-05-02 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Heroes - Save Our Park
2014-05-01 13:46 - 2013-11-17 16:18 - 00000000 ____D () C:\Users\Martina\AppData\Local\VirtualStore
2014-05-01 13:20 - 2014-04-30 18:55 - 00000000 ____D () C:\ProgramData\Trymedia
2014-05-01 13:19 - 2013-11-03 20:34 - 00000000 ____D () C:\Users\Martina
2014-04-30 18:55 - 2014-04-30 18:55 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-04-30 18:55 - 2014-04-30 18:55 - 00000000 ____D () C:\Program Files (x86)\Online Games Manager
2014-04-30 18:55 - 2013-11-13 17:01 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\PlayFirst
2014-04-30 18:52 - 2014-04-30 18:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\WinRAR
2014-04-27 18:54 - 2014-04-27 18:54 - 00000000 ____D () C:\Users\Martina\Documents\PassionFruit Games
2014-04-26 21:36 - 2014-04-26 21:36 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\LDW
2014-04-26 21:06 - 2014-04-26 21:06 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tiger Eye - Part I - Curse of the Riddle Box
2014-04-26 21:06 - 2014-04-26 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tiger Eye - Part I - Curse of the Riddle Box
2014-04-23 18:52 - 2014-04-23 18:52 - 00000000 ____D () C:\ProgramData\Beanbag Studios
2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\ProgramData\Brainiversity2
2014-04-23 17:47 - 2014-04-23 17:47 - 00000000 ____D () C:\ProgramData\MisteryRiddles
2014-04-23 17:45 - 2014-04-23 17:45 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brain Training for Dummies
2014-04-23 17:45 - 2014-04-23 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brain Training for Dummies
2014-04-23 17:43 - 2014-04-23 17:43 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Riddles
2014-04-23 17:43 - 2014-04-23 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Riddles
2014-04-20 09:02 - 2014-04-05 15:17 - 00001890 _____ () C:\Users\Public\Desktop\Archie - Riverdale Rescue.lnk
2014-04-20 09:01 - 2014-04-20 09:01 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Archie - Riverdale Rescue
2014-04-20 09:01 - 2014-04-20 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Archie - Riverdale Rescue
Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\AlawarGameBoxSetup.exe
C:\Users\Martina\AppData\Local\Temp\bfguni.exe
C:\Users\Martina\AppData\Local\Temp\bstrapInstall.exe
C:\Users\Martina\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Martina\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\tempmessage.bfg
C:\Users\Martina\AppData\Local\Temp\uninstall.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-19 10:00
==================== End Of Log ============================ --- --- ---
und die Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Martina at 2014-05-20 09:53:12
Running from C:\Users\Martina\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
4 Elements (HKLM-x32\...\BFG-4 Elements) (Version: - )
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Album Shaper 2.1 (HKLM-x32\...\AlbumShaper_2.1) (Version: - )
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AMD Catalyst Install Manager (HKLM\...\{F87F5A36-43B2-F8CD-F601-AED5D064DD4C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD USB 3.0 Device Detector (Version: 2.1.29.0 - Advanced Micro Devices, Inc.) Hidden
Archie: Riverdale Rescue (HKLM-x32\...\BFG-Archie - Riverdale Rescue) (Version: - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
Awakening: Moonfell Wood (HKLM-x32\...\BFG-Awakening - Moonfell Wood) (Version: - )
Awakening: Schloss ohne Träume (HKLM-x32\...\BFG-Awakening - Schloss ohne Traeume) (Version: - )
Azada: Elementa (HKLM-x32\...\BFG-Azada - Elementa) (Version: - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Botanica: Into the Unknown Collector's Edition (HKLM-x32\...\BFG-Botanica - Into the Unknown Collector's Edition) (Version: - )
Brain Training for Dummies (HKLM-x32\...\BFG-Brain Training for Dummies) (Version: - )
Brunhilda and the Dark Crystal (HKLM-x32\...\BFG-Brunhilda and the Dark Crystal) (Version: - )
Buku Kakuro (HKLM-x32\...\BFG-Buku Kakuro) (Version: - )
Canon iP7200 series Benutzerregistrierung (HKLM-x32\...\Canon iP7200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.)
Christmas Tales: Fellina's Journey (HKLM-x32\...\BFG-Christmas Tales - Fellina's Journey) (Version: - )
Corel Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Death at Cape Porto: A Dana Knightstone Novel Collector’s Edition (HKLM-x32\...\BFG-Death at Cape Porto - A Dana Knightstone Novel Collectors Edition) (Version: - )
Delicious Promo (HKLM-x32\...\8b567f6f25e6a3d6abf028aeb1d36a31) (Version: - Zylom)
Dream Hills: Captured Magic (HKLM-x32\...\BFG-Dream Hills - Captured Magic) (Version: - )
Druid Kingdom (HKLM-x32\...\BFG-Druid Kingdom) (Version: - )
Elven Mists (HKLM-x32\...\BFG-Elven Mists) (Version: - )
Experiment (HKLM-x32\...\BFG-Experiment) (Version: - )
Fairy Jewels 2 (HKLM-x32\...\BFG-Fairy Jewels 2) (Version: - )
Farm Up (HKLM-x32\...\BFG-Farm Up) (Version: - )
Farmington Tales (HKLM-x32\...\BFG-Farmington Tales) (Version: - )
Farmington Tales 2: Winter Crop (HKLM-x32\...\BFG-Farmington Tales 2 - Winter Crop) (Version: - )
Flights of Fancy: Two Doves Collector's Edition (HKLM-x32\...\BFG-Flights of Fancy - Two Doves Collectors Edition) (Version: - )
Forgotten Books: The Enchanted Crown Collector's Edition (HKLM-x32\...\BFG-Forgotten Books - The Enchanted Crown Collectors Edition) (Version: - )
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gardenscapes 2 (HKLM-x32\...\BFG-Gardenscapes 2) (Version: - )
Gemini Lost(TM) (HKLM-x32\...\ed32be8786d48de6888566889c3be6eb) (Version: - Zylom)
Great Adventures: Lost in Mountains (HKLM-x32\...\BFG-Great Adventures - Lost in Mountains) (Version: - )
Green City (HKLM-x32\...\BFG-Green City) (Version: - )
Green City 2 (HKLM-x32\...\BFG-Green City 2) (Version: - )
Inbetween Land (HKLM-x32\...\BFG-Inbetween Land) (Version: - )
Island Tribe 5 (HKLM-x32\...\BFG-Island Tribe 5) (Version: - )
Jack of All Tribes (HKLM-x32\...\BFG-Jack of All Tribes) (Version: - )
Jewel Master - Cradle Of Rome (HKLM-x32\...\{BD11E3C6-065E-40BB-A129-435C4530A159}_is1) (Version: - cerasus.media GmbH)
Journey: The Heart of Gaia (HKLM-x32\...\BFG-Journey - The Heart of Gaia) (Version: - )
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Keepsake (HKLM-x32\...\Keepsake) (Version: - )
Kingdom Chronicles (HKLM-x32\...\BFG-Kingdom Chronicles) (Version: - )
Kingdom Tales (HKLM-x32\...\BFG-Kingdom Tales) (Version: - )
Kingdom's Heyday (HKLM-x32\...\BFG-Kingdom's Heyday) (Version: - )
LibreOffice 4.1.0.4 (HKLM-x32\...\{F8478020-D98E-49FB-BA14-07A534AED99C}) (Version: 4.1.0.4 - The Document Foundation)
Love Story: The Way Home (HKLM-x32\...\BFG-Love Story - The Way Home) (Version: - )
Magic Encyclopedia: Illusions (HKLM-x32\...\BFG-Magic Encyclopedia - Illusions) (Version: - )
Magic Heroes: Save Our Park (HKLM-x32\...\BFG-Magic Heroes - Save Our Park) (Version: - )
Mahjong Holidays 2006 (HKLM-x32\...\BFG-Mahjong Holidays 2006) (Version: - )
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 FRA Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Moai: Build Your Dream (HKLM-x32\...\BFG-Moai - Build Your Dream) (Version: - )
Module linguistique de Microsoft .NET Framework 4.5 - FRA (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50709 - Microsoft Corporation)
Mosaics Galore (HKLM-x32\...\BFG-Mosaics Galore) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Kingdom for the Princess IV (HKLM-x32\...\BFG-My Kingdom for the Princess IV) (Version: - )
Mystery Riddles (HKLM-x32\...\BFG-Mystery Riddles) (Version: - )
Mystika 2: The Sanctuary (HKLM-x32\...\BFG-Mystika 2 - The Sanctuary) (Version: - )
Mythic Mahjong (HKLM-x32\...\BFG-Mythic Mahjong) (Version: - )
Nearwood Collector's Edition (HKLM-x32\...\BFG-Nearwood Collector's Edition) (Version: - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Northern Tale 2 (HKLM-x32\...\BFG-Northern Tale 2) (Version: - )
Northern Tale 3 (HKLM-x32\...\BFG-Northern Tale 3) (Version: - )
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Otherworld: Omens of Summer Collector's Edition (HKLM-x32\...\BFG-Otherworld - Omens of Summer Collector's Edition) (Version: - )
Otherworld: Shades of Fall Collector's Edition (HKLM-x32\...\BFG-Otherworld - Shades of Fall Collectors Edition) (Version: - )
Patchworkz™ (HKLM-x32\...\BFG-Patchworkz) (Version: - )
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Revived Legends: Road of the Kings Collector's Edition (HKLM-x32\...\BFG-Revived Legends - Road of the Kings Collectors Edition) (Version: - )
Royal Envoy 3 Collector's Edition (HKLM-x32\...\Royal Envoy 3 Collector's Edition_is1) (Version: 1.0 - Playrix Entertainment)
Royal Envoy Campaign for the Crown Collector's Edition (HKLM-x32\...\Royal Envoy Campaign for the Crown Collector's Edition_is1) (Version: 1.0 - Playrix Entertainment)
Royal Trouble (HKLM-x32\...\BFG-Royal Trouble) (Version: - )
Rush for Gold: California (HKLM-x32\...\BFG-Rush for Gold - California) (Version: - )
Settlement: Colossus (HKLM-x32\...\BFG-Settlement - Colossus) (Version: - )
Shaolin Mystery: Tale of the Jade Dragon Staff (HKLM-x32\...\BFG-Shaolin Mystery - Tale of the Jade Dragon Staff) (Version: - )
Snark Busters: Welcome to the Club (HKLM-x32\...\BFG-Snark Busters - Welcome to the Club) (Version: - )
Space Mahjong (HKLM-x32\...\BFG-Space Mahjong) (Version: - )
Spirits of Mystery: The Dark Minotaur Collector's Edition (HKLM-x32\...\BFG-Spirits of Mystery - The Dark Minotaur Collector's Edition) (Version: - )
Spirits of Mystery: The Silver Arrow Collector's Edition (HKLM-x32\...\BFG-Spirits of Mystery - The Silver Arrow Collectors Edition) (Version: - )
Summer Mahjong (HKLM-x32\...\BFG-Summer Mahjong) (Version: - )
Tales of Lagoona 2: Peril at Poseidon Park (HKLM-x32\...\BFG-Tales of Lagoona 2 - Peril at Poseidon Park) (Version: - )
Tales of Lagoona: Orphans of the Ocean (HKLM-x32\...\BFG-Tales of Lagoona - Orphans of the Ocean) (Version: - )
The Enchanting Islands (HKLM-x32\...\BFG-The Enchanting Islands) (Version: - )
The Far Kingdoms (HKLM-x32\...\BFG-The Far Kingdoms) (Version: - )
The Golden Years: Way Out West (HKLM-x32\...\BFG-The Golden Years - Way Out West) (Version: - )
The Island: Castaway (HKLM-x32\...\BFG-The Island - Castaway) (Version: - )
The Promised Land (HKLM-x32\...\BFG-The Promised Land) (Version: - )
The Snow Fable (HKLM-x32\...\BFG-The Snow Fable) (Version: - )
The Tiny Bang Story (HKLM-x32\...\BFG-The Tiny Bang Story) (Version: - )
The Whispered World (HKLM-x32\...\{BD009869-6498-4CF9-9016-E9EA6E3742B2}) (Version: 1.00 - Deep Silver)
Tiger Eye - Part I: Curse of the Riddle Box (HKLM-x32\...\BFG-Tiger Eye - Part I - Curse of the Riddle Box) (Version: - )
Tradewinds Caravans (HKLM-x32\...\BFG-Tradewinds Caravans) (Version: - )
Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805221) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805226) (Version: 1 - Microsoft Corporation)
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Viking Saga: New World (HKLM-x32\...\BFG-Viking Saga - New World) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Wonderburg (HKLM-x32\...\BFG-Wonderburg) (Version: - )
World of Zellians: Kingdom Builder ™ (HKLM-x32\...\BFG-World of Zellians - Kingdom Builder) (Version: - )
ZenGems (HKLM-x32\...\BFG-ZenGems) (Version: - )
==================== Restore Points =========================
24-04-2014 10:41:08 Geplanter Prüfpunkt
29-04-2014 19:24:41 Installed AVG 2014
03-05-2014 06:24:57 DirectX wurde installiert
10-05-2014 09:17:26 Geplanter Prüfpunkt
17-05-2014 15:37:28 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-12-09 21:02 - 00000860 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {6DF46B77-9479-4A12-AE04-B60AAE2761BE} - System32\Tasks\{FA308BDD-39C6-447C-B946-04EDB95DF9CA} => C:\Program Files (x86)\LibreOffice 4\program\soffice.exe [2013-07-23] (The Document Foundation)
==================== Loaded Modules (whitelisted) =============
2013-10-02 21:29 - 2013-10-02 21:29 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-10-02 21:30 - 2013-10-02 21:30 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 14:26 - 2013-04-15 14:26 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 14:26 - 2013-04-15 14:26 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-10-02 21:28 - 2013-10-02 21:28 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-10-02 21:28 - 2013-10-02 21:28 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-10-02 21:30 - 2013-10-02 21:30 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2014-05-20 07:38 - 2014-05-20 07:38 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:00F3978A
AlternateDataStreams: C:\ProgramData\TEMP:07D64CD9
AlternateDataStreams: C:\ProgramData\TEMP:08B7D3D2
AlternateDataStreams: C:\ProgramData\TEMP:0AF6266B
AlternateDataStreams: C:\ProgramData\TEMP:0BF4DA47
AlternateDataStreams: C:\ProgramData\TEMP:0CDF8C3D
AlternateDataStreams: C:\ProgramData\TEMP:0D0F6CE7
AlternateDataStreams: C:\ProgramData\TEMP:0EBD727C
AlternateDataStreams: C:\ProgramData\TEMP:0F3F6B1E
AlternateDataStreams: C:\ProgramData\TEMP:124B94C0
AlternateDataStreams: C:\ProgramData\TEMP:12A012A1
AlternateDataStreams: C:\ProgramData\TEMP:132714FA
AlternateDataStreams: C:\ProgramData\TEMP:14362DF8
AlternateDataStreams: C:\ProgramData\TEMP:16F42F1F
AlternateDataStreams: C:\ProgramData\TEMP:18345E10
AlternateDataStreams: C:\ProgramData\TEMP:19C541B5
AlternateDataStreams: C:\ProgramData\TEMP:1CDEDE11
AlternateDataStreams: C:\ProgramData\TEMP:206470A5
AlternateDataStreams: C:\ProgramData\TEMP:213AFE42
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:32AA69ED
AlternateDataStreams: C:\ProgramData\TEMP:4111E573
AlternateDataStreams: C:\ProgramData\TEMP:413177C4
AlternateDataStreams: C:\ProgramData\TEMP:4149A170
AlternateDataStreams: C:\ProgramData\TEMP:425759C6
AlternateDataStreams: C:\ProgramData\TEMP:432EC713
AlternateDataStreams: C:\ProgramData\TEMP:43DA85AC
AlternateDataStreams: C:\ProgramData\TEMP:45335F0B
AlternateDataStreams: C:\ProgramData\TEMP:4AA2F6A9
AlternateDataStreams: C:\ProgramData\TEMP:4C16B46B
AlternateDataStreams: C:\ProgramData\TEMP:4C3504B5
AlternateDataStreams: C:\ProgramData\TEMP:4F7D133D
AlternateDataStreams: C:\ProgramData\TEMP:5106F19A
AlternateDataStreams: C:\ProgramData\TEMP:52329B88
AlternateDataStreams: C:\ProgramData\TEMP:52A22573
AlternateDataStreams: C:\ProgramData\TEMP:54531C7D
AlternateDataStreams: C:\ProgramData\TEMP:5607B58C
AlternateDataStreams: C:\ProgramData\TEMP:5C02B7AF
AlternateDataStreams: C:\ProgramData\TEMP:5C9A6C78
AlternateDataStreams: C:\ProgramData\TEMP:5E209A50
AlternateDataStreams: C:\ProgramData\TEMP:5E9E3A14
AlternateDataStreams: C:\ProgramData\TEMP:60C897F3
AlternateDataStreams: C:\ProgramData\TEMP:60F5A2F7
AlternateDataStreams: C:\ProgramData\TEMP:61C6B926
AlternateDataStreams: C:\ProgramData\TEMP:6352F3F9
AlternateDataStreams: C:\ProgramData\TEMP:663B62CA
AlternateDataStreams: C:\ProgramData\TEMP:67396145
AlternateDataStreams: C:\ProgramData\TEMP:6765A8A9
AlternateDataStreams: C:\ProgramData\TEMP:691F4D97
AlternateDataStreams: C:\ProgramData\TEMP:6D65CED0
AlternateDataStreams: C:\ProgramData\TEMP:71112705
AlternateDataStreams: C:\ProgramData\TEMP:7687A3E3
AlternateDataStreams: C:\ProgramData\TEMP:78739EC9
AlternateDataStreams: C:\ProgramData\TEMP:7EC01D6D
AlternateDataStreams: C:\ProgramData\TEMP:865F21BF
AlternateDataStreams: C:\ProgramData\TEMP:86A7B7DD
AlternateDataStreams: C:\ProgramData\TEMP:8967C154
AlternateDataStreams: C:\ProgramData\TEMP:89A5891E
AlternateDataStreams: C:\ProgramData\TEMP:8AED9359
AlternateDataStreams: C:\ProgramData\TEMP:8B3C3098
AlternateDataStreams: C:\ProgramData\TEMP:8C12CFCD
AlternateDataStreams: C:\ProgramData\TEMP:8CCDAB14
AlternateDataStreams: C:\ProgramData\TEMP:8DC85A87
AlternateDataStreams: C:\ProgramData\TEMP:8DD20B4A
AlternateDataStreams: C:\ProgramData\TEMP:91FF95D8
AlternateDataStreams: C:\ProgramData\TEMP:928DF32E
AlternateDataStreams: C:\ProgramData\TEMP:96838F8A
AlternateDataStreams: C:\ProgramData\TEMP:9A88B65D
AlternateDataStreams: C:\ProgramData\TEMP:9D0A16E4
AlternateDataStreams: C:\ProgramData\TEMP:9D2DE4B4
AlternateDataStreams: C:\ProgramData\TEMP:A43B789A
AlternateDataStreams: C:\ProgramData\TEMP:A479BCC9
AlternateDataStreams: C:\ProgramData\TEMP:A6A65B80
AlternateDataStreams: C:\ProgramData\TEMP:A6CDBCAC
AlternateDataStreams: C:\ProgramData\TEMP:A8369371
AlternateDataStreams: C:\ProgramData\TEMP:A899E64E
AlternateDataStreams: C:\ProgramData\TEMP:AA18FA3A
AlternateDataStreams: C:\ProgramData\TEMP:AA93EFD3
AlternateDataStreams: C:\ProgramData\TEMP:AAAAEECA
AlternateDataStreams: C:\ProgramData\TEMP:AB03533D
AlternateDataStreams: C:\ProgramData\TEMP:B01EC114
AlternateDataStreams: C:\ProgramData\TEMP:B4530133
AlternateDataStreams: C:\ProgramData\TEMP:B8408597
AlternateDataStreams: C:\ProgramData\TEMP:BACC4A79
AlternateDataStreams: C:\ProgramData\TEMP:BAFAD1DF
AlternateDataStreams: C:\ProgramData\TEMP:BD932D90
AlternateDataStreams: C:\ProgramData\TEMP:C46848E8
AlternateDataStreams: C:\ProgramData\TEMP:C5340FA1
AlternateDataStreams: C:\ProgramData\TEMP:C69BA1D0
AlternateDataStreams: C:\ProgramData\TEMP:CAF8DAC8
AlternateDataStreams: C:\ProgramData\TEMP:CB959782
AlternateDataStreams: C:\ProgramData\TEMP:CBAB74CB
AlternateDataStreams: C:\ProgramData\TEMP:CD5D93E7
AlternateDataStreams: C:\ProgramData\TEMP:CE707633
AlternateDataStreams: C:\ProgramData\TEMP:D01ACC06
AlternateDataStreams: C:\ProgramData\TEMP:D418CF95
AlternateDataStreams: C:\ProgramData\TEMP:D61EB62D
AlternateDataStreams: C:\ProgramData\TEMP:D64DD961
AlternateDataStreams: C:\ProgramData\TEMP:D750EF68
AlternateDataStreams: C:\ProgramData\TEMP:D7C0213D
AlternateDataStreams: C:\ProgramData\TEMP:D8D58038
AlternateDataStreams: C:\ProgramData\TEMP:E1ABC2C7
AlternateDataStreams: C:\ProgramData\TEMP:E266F325
AlternateDataStreams: C:\ProgramData\TEMP:E446CB48
AlternateDataStreams: C:\ProgramData\TEMP:E96A2658
AlternateDataStreams: C:\ProgramData\TEMP:EC769091
AlternateDataStreams: C:\ProgramData\TEMP:ED6B6C83
AlternateDataStreams: C:\ProgramData\TEMP:ED92736E
AlternateDataStreams: C:\ProgramData\TEMP:EFECABA9
AlternateDataStreams: C:\ProgramData\TEMP:F123F8B9
AlternateDataStreams: C:\ProgramData\TEMP:F2AF86D9
AlternateDataStreams: C:\ProgramData\TEMP:F2E878EB
AlternateDataStreams: C:\ProgramData\TEMP:F4362715
AlternateDataStreams: C:\ProgramData\TEMP:F6910DB1
AlternateDataStreams: C:\ProgramData\TEMP:FC414D14
AlternateDataStreams: C:\ProgramData\TEMP:FD786DCA
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
HKU\S-1-5-21-690356491-1174369309-2236414189-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-690356491-1174369309-2236414189-1000\Software\Classes\exefile: <===== ATTENTION!
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/20/2014 08:30:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2014 08:29:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/20/2014 08:29:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/20/2014 07:00:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2014 06:58:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/20/2014 06:58:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/19/2014 08:54:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/19/2014 08:53:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/19/2014 08:53:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/19/2014 04:39:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/20/2014 08:28:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/20/2014 06:58:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/19/2014 08:52:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/19/2014 04:38:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/19/2014 07:23:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/18/2014 06:28:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/17/2014 02:44:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/17/2014 11:34:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/17/2014 08:24:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/16/2014 02:54:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (05/20/2014 08:30:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2014 08:29:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (05/20/2014 08:29:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (05/20/2014 07:00:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2014 06:58:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (05/20/2014 06:58:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (05/19/2014 08:54:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/19/2014 08:53:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (05/19/2014 08:53:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (05/19/2014 04:39:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 7369.05 MB
Available physical RAM: 5638.48 MB
Total Pagefile: 14736.27 MB
Available Pagefile: 12921.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:920.13 GB) (Free:840.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: EC7BDCE1)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)
==================== End Of Log ============================ Danke schon mal im Voraus.
LG
Martina |