abendstern63 | 28.05.2014 08:32 | Bei mir öffnen sich, aber keine Werbeseiten, vielleicht weil ich Adblock habe? Zitat:
Zitat von abendstern63
(Beitrag 1306464)
Hi ich habe es runtergeladen und scannen lassen. Mit dem Html code konnte ich nichts anfangen, daher habe ich es angehängt | Hallo Schrauber, hast du dir die FRST.text etc. anschauen können`? Zitat:
Zitat von abendstern63
(Beitrag 1306468)
Bei mir öffnen sich, aber keine Werbeseiten, vielleicht weil ich Adblock habe?
Ich glaube jetzt weiß ich wie es geht |
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by menekse (administrator) on MENEKSE-PC on 27-05-2014 11:18:05
Running from C:\Users\menekse\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-12-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-12-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-03] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-2819111738-3698541298-223272285-1001\...\Run: [EPSON Stylus DX4400 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [211456 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2819111738-3698541298-223272285-1001\...\Run: [Google Update] => C:\Users\menekse\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-11] (Google Inc.)
HKU\S-1-5-21-2819111738-3698541298-223272285-1001\...\RunOnce: [Uninstall C:\Users\menekse\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\menekse\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2819111738-3698541298-223272285-1001\...\RunOnce: [Uninstall C:\Users\menekse\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\menekse\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKU\S-1-5-21-2819111738-3698541298-223272285-1001\...\RunOnce: [Uninstall C:\Users\menekse\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\menekse\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2819111738-3698541298-223272285-1001\...\RunOnce: [Uninstall C:\Users\menekse\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217_1\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\menekse\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217_1\amd64"
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP16866613-A6D1-4FEA-ADD7-7D6D88858D5E&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\menekse\AppData\Roaming\Mozilla\Firefox\Profiles\zvxn1znt.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\menekse\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\menekse\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\menekse\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\menekse\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\menekse\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\menekse\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\menekse\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: ImTranslator - C:\Users\menekse\AppData\Roaming\Mozilla\Firefox\Profiles\zvxn1znt.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2012-02-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-02-23]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\menekse\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\menekse\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\menekse\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll No File
CHR Extension: (Google Docs) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-15]
CHR Extension: (Google Drive) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-15]
CHR Extension: (YouTube) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-15]
CHR Extension: (HIFANA X W+K TOKYO LAB) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhjjmolopikkbigemoocmebohfpnmkj [2013-09-07]
CHR Extension: (Google-Suche) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-15]
CHR Extension: (Kingdoms Of Camelot) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadejngfdiifodimfhejphllfecigmm [2014-02-22]
CHR Extension: (Video Downloader professional) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-02-22]
CHR Extension: (Stupeflix Video Maker) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem [2013-11-02]
CHR Extension: (Picditor Photo Editor) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdplhaiiohpkafnlhlfikiomnboacoi [2013-11-02]
CHR Extension: (AdBlock) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-16]
CHR Extension: (Reise durch Mittelerde) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2014-02-22]
CHR Extension: (World of Solitaire) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn [2013-09-07]
CHR Extension: (Tom In Halloween) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\mieehkoieohafnghglmdhkjgidpelnpe [2014-02-22]
CHR Extension: (Spider Solitaire) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngheobgcnknahnindpcnhgciglkgihjb [2013-09-07]
CHR Extension: (Google Wallet) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Google Mail) - C:\Users\menekse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-15]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-15]
CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-08-15]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-08-15]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-12-09] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-21] (Avira Operations GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
U4 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-10-16] (GFI Software)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-27 11:18 - 2014-05-27 11:18 - 00021469 _____ () C:\Users\menekse\Downloads\FRST.txt
2014-05-27 11:17 - 2014-05-27 11:18 - 00000000 ____D () C:\FRST
2014-05-27 11:17 - 2014-05-27 11:17 - 02066944 _____ (Farbar) C:\Users\menekse\Downloads\FRST64.exe
2014-05-26 19:54 - 2014-05-27 10:18 - 325966144 _____ () C:\Users\menekse\Documents\norden 067.AVI
2014-05-24 22:46 - 2014-05-24 22:46 - 00011116 _____ () C:\Users\menekse\Desktop\hijackthis.log
2014-05-24 22:41 - 2014-05-24 22:41 - 00011116 _____ () C:\Users\menekse\Downloads\hijackthis.log
2014-05-24 22:35 - 2014-05-24 22:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\menekse\Downloads\HiJackThis204.exe
2014-05-24 15:52 - 2014-05-24 16:01 - 00000000 ____D () C:\Users\menekse\Documents\Überarbeitungen
2014-05-23 22:46 - 2014-05-23 22:46 - 12589848 _____ (Malwarebytes Corp.) C:\Users\menekse\Downloads\mbar-1.07.0.1009 (1).exe
2014-05-23 22:20 - 2014-05-23 22:20 - 00021839 _____ () C:\Users\menekse\Downloads\Korrekturtext Shahiqa und die Taube überarbeitet (1).odt
2014-05-23 22:19 - 2014-05-23 22:19 - 00022497 _____ () C:\Users\menekse\Downloads\die Yemenitin überarbeitet (1).odt
2014-05-23 13:23 - 2014-05-23 14:43 - 00026134 _____ () C:\Users\menekse\Downloads\Korrekturtext Shahiqa und die Taube überarbeitet.odt
2014-05-23 00:56 - 2014-05-24 20:19 - 00000000 ____D () C:\Users\menekse\Downloads\samara das mädchen aus jemen word970.doc.backups
2014-05-23 00:54 - 2014-05-24 20:19 - 00827165 _____ () C:\Users\menekse\Downloads\samara das mädchen aus jemen word970.doc.pap
2014-05-22 19:23 - 2014-05-27 00:59 - 00000000 ____D () C:\Users\menekse\Documents\Samia aus Yemen
2014-05-22 09:46 - 2014-05-25 21:08 - 00240732 _____ () C:\Users\menekse\Desktop\Die Verborgenen.pap
2014-05-22 09:46 - 2014-05-22 12:41 - 00000000 ____D () C:\Users\menekse\Desktop\Die Verborgenen Recherche
2014-05-21 18:00 - 2014-05-21 18:00 - 00085577 _____ () C:\Users\menekse\Desktop\Shahiqa und die weiße Taub.pap
2014-05-20 15:57 - 2014-05-27 09:46 - 00000672 _____ () C:\Windows\setupact.log
2014-05-20 15:57 - 2014-05-20 15:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-19 17:51 - 2014-05-19 17:51 - 00525587 _____ () C:\Users\menekse\Documents\Hundefotos2.odt
2014-05-15 22:47 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 22:47 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 22:47 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 22:47 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 22:47 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 22:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 09:48 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 09:48 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 09:48 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 09:48 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 09:47 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 09:47 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 09:47 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 09:47 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 09:47 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 09:47 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 09:47 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 09:47 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 09:47 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 09:47 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 09:47 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 09:47 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 09:47 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 09:47 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 09:47 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 09:47 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 09:47 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 09:47 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 09:47 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 09:47 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 09:47 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 09:47 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 09:47 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 09:47 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 09:47 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 09:47 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 09:47 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 09:47 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 09:47 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 09:47 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-11 22:49 - 2014-05-11 22:49 - 00000000 ____D () C:\Windows\de
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\sl
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\pl
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\nl
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\it
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\hu
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\fr
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\es
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\en
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\el
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\da
2014-05-11 22:46 - 2014-05-11 22:46 - 00001269 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-11 22:46 - 2014-05-11 22:46 - 00000000 ____D () C:\Windows\tr
2014-05-10 21:02 - 2014-05-10 21:02 - 00000000 __SHD () C:\Users\menekse\AppData\Local\EmieUserList
2014-05-10 21:02 - 2014-05-10 21:02 - 00000000 __SHD () C:\Users\menekse\AppData\Local\EmieSiteList
2014-05-07 16:00 - 2014-05-07 16:00 - 00000000 ____D () C:\Users\menekse\Documents\Die Auserwählte
2014-05-07 15:30 - 2014-05-21 23:43 - 00163675 _____ () C:\Users\menekse\Desktop\Dies ist der Titel meines Romans.pap
2014-05-07 15:30 - 2014-05-21 21:10 - 00000000 ____D () C:\Users\menekse\Desktop\Dies ist der Titel meines Romans Recherche
2014-05-07 15:26 - 2014-05-25 21:08 - 00000000 ____D () C:\Users\menekse\Documents\Papyrus Backups
2014-05-07 15:01 - 2014-05-10 22:57 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Papyrus Autor
2014-05-07 15:01 - 2014-05-07 15:01 - 00001091 _____ () C:\Users\menekse\Desktop\Papyrus Autor Demo.lnk
2014-05-07 15:01 - 2014-05-07 15:01 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papyrus Autor Demo
2014-05-07 15:00 - 2014-05-07 15:01 - 00000000 ____D () C:\Program Files (x86)\Papyrus Autor Demo
2014-05-07 14:54 - 2014-05-07 14:58 - 223900107 _____ () C:\Users\menekse\Downloads\Papyrus Autor 7 Win Demo Install.exe
2014-05-07 13:57 - 2014-05-07 14:20 - 00003864 _____ () C:\Users\menekse\Documents\MyProject.bak
2014-05-07 13:48 - 2014-05-07 14:22 - 00003864 _____ () C:\Users\menekse\Documents\MyProject.yw5
2014-05-07 13:48 - 2014-05-07 14:17 - 00000000 ____D () C:\Users\menekse\Documents\Export
2014-05-07 13:48 - 2014-05-07 13:48 - 00000000 ____D () C:\Users\menekse\Documents\RTF5
2014-05-07 13:48 - 2014-05-07 13:48 - 00000000 ____D () C:\Users\menekse\Documents\Images
2014-05-07 13:48 - 2014-05-07 13:48 - 00000000 ____D () C:\Users\menekse\Documents\Autobackups
2014-05-07 13:45 - 2014-05-07 14:22 - 00000000 ____D () C:\Users\menekse\Documents\yWriter Projects
2014-05-07 13:39 - 2014-05-07 13:39 - 00000971 _____ () C:\Users\menekse\Desktop\yWriter5.lnk
2014-05-07 13:39 - 2014-05-07 13:39 - 00000000 ____D () C:\Users\menekse\Documents\yWriter5 Sample
2014-05-07 13:39 - 2014-05-07 13:39 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Spacejock Software
2014-05-07 13:39 - 2014-05-07 13:39 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spacejock Software
2014-05-07 13:39 - 2014-05-07 13:39 - 00000000 ____D () C:\Program Files (x86)\yWriter5
2014-05-07 13:38 - 2014-05-07 13:38 - 02046840 _____ (Spacejock Software ) C:\Users\menekse\Downloads\ywriter5full.exe
2014-05-06 23:48 - 2014-05-16 10:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 12:48 - 2014-05-06 12:48 - 00033223 _____ () C:\Users\menekse\Downloads\Renk_AG.doc.odt
2014-05-06 12:48 - 2014-05-06 12:48 - 00008632 _____ () C:\Users\menekse\Downloads\Lebenslauf_(2).odt
2014-05-06 12:28 - 2014-05-06 12:28 - 00008632 _____ () C:\Users\menekse\Desktop\Lebenslauf (2).odt
2014-05-06 12:14 - 2014-05-06 12:14 - 00033223 _____ () C:\Users\menekse\Desktop\Renk AG.doc.odt
2014-05-06 12:10 - 2014-05-06 12:10 - 00030917 _____ () C:\Users\menekse\Downloads\Funke alfeld (4).odt
==================== One Month Modified Files and Folders =======
2014-05-27 11:18 - 2014-05-27 11:18 - 00021469 _____ () C:\Users\menekse\Downloads\FRST.txt
2014-05-27 11:18 - 2014-05-27 11:17 - 00000000 ____D () C:\FRST
2014-05-27 11:17 - 2014-05-27 11:17 - 02066944 _____ (Farbar) C:\Users\menekse\Downloads\FRST64.exe
2014-05-27 11:04 - 2013-01-01 11:36 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Skype
2014-05-27 11:02 - 2013-06-30 11:17 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001UA.job
2014-05-27 10:59 - 2012-04-05 16:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 10:52 - 2012-09-04 18:38 - 01141248 ___SH () C:\Users\menekse\Documents\Thumbs.db
2014-05-27 10:50 - 2011-10-07 15:24 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 10:50 - 2011-10-07 15:24 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 10:25 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 10:25 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 10:18 - 2014-05-26 19:54 - 325966144 _____ () C:\Users\menekse\Documents\norden 067.AVI
2014-05-27 09:57 - 2012-03-04 18:04 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001UA.job
2014-05-27 09:51 - 2013-12-02 23:58 - 01243513 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 09:46 - 2014-05-20 15:57 - 00000672 _____ () C:\Windows\setupact.log
2014-05-27 09:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 01:00 - 2011-10-19 10:03 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\SoftGrid Client
2014-05-27 00:59 - 2014-05-22 19:23 - 00000000 ____D () C:\Users\menekse\Documents\Samia aus Yemen
2014-05-26 20:42 - 2011-10-29 13:58 - 00000000 ____D () C:\Users\menekse\Skripte 2
2014-05-26 20:40 - 2011-10-07 15:28 - 00000000 ____D () C:\Users\menekse
2014-05-26 20:38 - 2012-04-27 15:48 - 00000000 ____D () C:\Users\menekse\Documents\Kitaplarim
2014-05-26 20:37 - 2013-01-01 14:44 - 00000000 ____D () C:\Users\menekse\Documents\kitaplar aktuell
2014-05-26 18:00 - 2014-01-25 22:55 - 00560640 ___SH () C:\Users\menekse\Desktop\Thumbs.db
2014-05-26 18:00 - 2011-10-07 15:29 - 00058400 _____ () C:\Users\menekse\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-25 21:08 - 2014-05-22 09:46 - 00240732 _____ () C:\Users\menekse\Desktop\Die Verborgenen.pap
2014-05-25 21:08 - 2014-05-07 15:26 - 00000000 ____D () C:\Users\menekse\Documents\Papyrus Backups
2014-05-25 12:57 - 2012-03-04 18:04 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001Core.job
2014-05-25 12:02 - 2013-06-30 11:17 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001Core.job
2014-05-24 22:46 - 2014-05-24 22:46 - 00011116 _____ () C:\Users\menekse\Desktop\hijackthis.log
2014-05-24 22:41 - 2014-05-24 22:41 - 00011116 _____ () C:\Users\menekse\Downloads\hijackthis.log
2014-05-24 22:35 - 2014-05-24 22:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\menekse\Downloads\HiJackThis204.exe
2014-05-24 20:19 - 2014-05-23 00:56 - 00000000 ____D () C:\Users\menekse\Downloads\samara das mädchen aus jemen word970.doc.backups
2014-05-24 20:19 - 2014-05-23 00:54 - 00827165 _____ () C:\Users\menekse\Downloads\samara das mädchen aus jemen word970.doc.pap
2014-05-24 19:11 - 2012-09-06 13:51 - 06203392 ___SH () C:\Users\menekse\Downloads\Thumbs.db
2014-05-24 16:01 - 2014-05-24 15:52 - 00000000 ____D () C:\Users\menekse\Documents\Überarbeitungen
2014-05-23 23:04 - 2014-04-04 11:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-23 23:04 - 2014-04-04 11:32 - 00000000 ____D () C:\Users\menekse\Desktop\mbar
2014-05-23 22:47 - 2014-04-04 11:32 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-23 22:46 - 2014-05-23 22:46 - 12589848 _____ (Malwarebytes Corp.) C:\Users\menekse\Downloads\mbar-1.07.0.1009 (1).exe
2014-05-23 22:20 - 2014-05-23 22:20 - 00021839 _____ () C:\Users\menekse\Downloads\Korrekturtext Shahiqa und die Taube überarbeitet (1).odt
2014-05-23 22:19 - 2014-05-23 22:19 - 00022497 _____ () C:\Users\menekse\Downloads\die Yemenitin überarbeitet (1).odt
2014-05-23 14:43 - 2014-05-23 13:23 - 00026134 _____ () C:\Users\menekse\Downloads\Korrekturtext Shahiqa und die Taube überarbeitet.odt
2014-05-22 22:10 - 2011-10-07 15:24 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 12:41 - 2014-05-22 09:46 - 00000000 ____D () C:\Users\menekse\Desktop\Die Verborgenen Recherche
2014-05-21 23:43 - 2014-05-07 15:30 - 00163675 _____ () C:\Users\menekse\Desktop\Dies ist der Titel meines Romans.pap
2014-05-21 21:10 - 2014-05-07 15:30 - 00000000 ____D () C:\Users\menekse\Desktop\Dies ist der Titel meines Romans Recherche
2014-05-21 18:00 - 2014-05-21 18:00 - 00085577 _____ () C:\Users\menekse\Desktop\Shahiqa und die weiße Taub.pap
2014-05-21 16:20 - 2014-02-27 10:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-21 16:20 - 2013-01-01 11:36 - 00000000 ____D () C:\ProgramData\Skype
2014-05-21 16:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-21 14:02 - 2012-02-20 22:05 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Mozilla
2014-05-20 15:57 - 2014-05-20 15:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-19 17:51 - 2014-05-19 17:51 - 00525587 _____ () C:\Users\menekse\Documents\Hundefotos2.odt
2014-05-16 10:16 - 2011-10-07 15:29 - 00000000 ___RD () C:\Users\menekse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 10:16 - 2011-10-07 15:29 - 00000000 ___RD () C:\Users\menekse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 10:12 - 2014-05-06 23:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 22:46 - 2013-08-14 22:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 22:44 - 2010-12-02 10:51 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 22:37 - 2014-03-08 18:33 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-14 17:59 - 2012-04-05 16:09 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 17:59 - 2012-04-05 16:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 17:59 - 2011-10-07 17:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 19:25 - 2012-02-15 16:48 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Applian FLV and Media Player
2014-05-11 22:49 - 2014-05-11 22:49 - 00000000 ____D () C:\Windows\de
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\sl
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\pl
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\nl
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\it
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\hu
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\fr
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\es
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\en
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\el
2014-05-11 22:47 - 2014-05-11 22:47 - 00000000 ____D () C:\Windows\da
2014-05-11 22:47 - 2011-03-04 20:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-05-11 22:46 - 2014-05-11 22:46 - 00001269 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-11 22:46 - 2014-05-11 22:46 - 00000000 ____D () C:\Windows\tr
2014-05-11 22:46 - 2013-01-04 14:39 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-05-11 22:44 - 2014-03-20 12:55 - 00001454 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-05-11 22:41 - 2014-03-20 12:53 - 00002498 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-05-11 22:40 - 2011-03-04 20:02 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-05-11 22:40 - 2011-03-04 20:00 - 00000000 ____D () C:\Program Files\Windows Live
2014-05-11 22:36 - 2014-03-02 23:10 - 00002206 _____ () C:\Users\menekse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-05-10 22:57 - 2014-05-07 15:01 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Papyrus Autor
2014-05-10 21:02 - 2014-05-10 21:02 - 00000000 __SHD () C:\Users\menekse\AppData\Local\EmieUserList
2014-05-10 21:02 - 2014-05-10 21:02 - 00000000 __SHD () C:\Users\menekse\AppData\Local\EmieSiteList
2014-05-10 09:56 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-09 15:05 - 2013-05-25 11:58 - 00000000 ____D () C:\Users\menekse\Documents\Excel
2014-05-09 11:57 - 2013-06-30 11:17 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001UA
2014-05-09 11:57 - 2013-06-30 11:17 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001Core
2014-05-09 08:14 - 2014-05-15 09:48 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 09:48 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 10:45 - 2011-10-07 15:24 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 10:45 - 2011-10-07 15:24 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 16:00 - 2014-05-07 16:00 - 00000000 ____D () C:\Users\menekse\Documents\Die Auserwählte
2014-05-07 15:01 - 2014-05-07 15:01 - 00001091 _____ () C:\Users\menekse\Desktop\Papyrus Autor Demo.lnk
2014-05-07 15:01 - 2014-05-07 15:01 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papyrus Autor Demo
2014-05-07 15:01 - 2014-05-07 15:00 - 00000000 ____D () C:\Program Files (x86)\Papyrus Autor Demo
2014-05-07 14:58 - 2014-05-07 14:54 - 223900107 _____ () C:\Users\menekse\Downloads\Papyrus Autor 7 Win Demo Install.exe
2014-05-07 14:22 - 2014-05-07 13:48 - 00003864 _____ () C:\Users\menekse\Documents\MyProject.yw5
2014-05-07 14:22 - 2014-05-07 13:45 - 00000000 ____D () C:\Users\menekse\Documents\yWriter Projects
2014-05-07 14:20 - 2014-05-07 13:57 - 00003864 _____ () C:\Users\menekse\Documents\MyProject.bak
2014-05-07 14:17 - 2014-05-07 13:48 - 00000000 ____D () C:\Users\menekse\Documents\Export
2014-05-07 13:48 - 2014-05-07 13:48 - 00000000 ____D () C:\Users\menekse\Documents\RTF5
2014-05-07 13:48 - 2014-05-07 13:48 - 00000000 ____D () C:\Users\menekse\Documents\Images
2014-05-07 13:48 - 2014-05-07 13:48 - 00000000 ____D () C:\Users\menekse\Documents\Autobackups
2014-05-07 13:39 - 2014-05-07 13:39 - 00000971 _____ () C:\Users\menekse\Desktop\yWriter5.lnk
2014-05-07 13:39 - 2014-05-07 13:39 - 00000000 ____D () C:\Users\menekse\Documents\yWriter5 Sample
2014-05-07 13:39 - 2014-05-07 13:39 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Spacejock Software
2014-05-07 13:39 - 2014-05-07 13:39 - 00000000 ____D () C:\Users\menekse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spacejock Software
2014-05-07 13:39 - 2014-05-07 13:39 - 00000000 ____D () C:\Program Files (x86)\yWriter5
2014-05-07 13:38 - 2014-05-07 13:38 - 02046840 _____ (Spacejock Software ) C:\Users\menekse\Downloads\ywriter5full.exe
2014-05-06 12:48 - 2014-05-06 12:48 - 00033223 _____ () C:\Users\menekse\Downloads\Renk_AG.doc.odt
2014-05-06 12:48 - 2014-05-06 12:48 - 00008632 _____ () C:\Users\menekse\Downloads\Lebenslauf_(2).odt
2014-05-06 12:28 - 2014-05-06 12:28 - 00008632 _____ () C:\Users\menekse\Desktop\Lebenslauf (2).odt
2014-05-06 12:18 - 2013-04-29 11:57 - 00000000 ____D () C:\Users\menekse\Documents\Bewerbung und zeugnisse
2014-05-06 12:14 - 2014-05-06 12:14 - 00033223 _____ () C:\Users\menekse\Desktop\Renk AG.doc.odt
2014-05-06 12:10 - 2014-05-06 12:10 - 00030917 _____ () C:\Users\menekse\Downloads\Funke alfeld (4).odt
2014-05-06 10:58 - 2012-05-20 18:23 - 00000000 ____D () C:\Users\menekse\Documents\Ibo Bewerbungen 2012 dıe hoffnung
2014-05-06 06:40 - 2014-05-15 22:47 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 22:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 22:47 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 22:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 22:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 22:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-02 18:08 - 2010-11-25 18:28 - 00710970 _____ () C:\Windows\system32\perfh007.dat
2014-05-02 18:08 - 2010-11-25 18:28 - 00155042 _____ () C:\Windows\system32\perfc007.dat
2014-05-02 18:08 - 2009-07-14 07:13 - 01653310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 19:33 - 2013-03-07 20:52 - 00000000 ____D () C:\Users\menekse\Documents\Havas_Gizli_ilimler_hazinesi_1_Kitap
Some content of TEMP:
====================
C:\Users\menekse\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-21 15:45
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
--- --- --- Zitat:
Zitat von abendstern63
(Beitrag 1306464)
Hi ich habe es runtergeladen und scannen lassen. Mit dem Html code konnte ich nichts anfangen, daher habe ich es angehängt | Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by menekse at 2014-05-27 11:18:54
Running from C:\Users\menekse\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
AMD Fuel (Version: 2010.1208.2156.39317 - AMD) Hidden
Any Video Converter 5 5.0.4 (HKLM-x32\...\Any Video Converter 5_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
ATI Catalyst Install Manager (HKLM\...\{6D03AFB5-FED5-B9C4-0795-A6910BF41AF3}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1208.2156.39317 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.1208.2156.39317 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help English (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help French (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help German (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.1208.2155.39317 - ATI) Hidden
ccc-core-static (x32 Version: 2010.1208.2156.39317 - ATI) Hidden
ccc-utility64 (Version: 2010.1208.2156.39317 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.11 - Piriform)
Converter version 0.1 (HKLM-x32\...\Converter_is1) (Version: 0.1 - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3418 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.28 - DivX, LLC)
DramaQueen (HKLM-x32\...\DramaQueen) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}) (Version: 5.4.1.18709 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ICQ 8.1 (build 6337) (HKCU\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Player Classic - Home Cinema v1.4.2824.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.4.2824.0 - MPC-HC Team)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2227 - CyberLink Corp.) Hidden
Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B0-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Ekran İpucu Dili 2010 - Türkçe (HKLM-x32\...\{90140000-00BD-041F-0000-0000000FF1CE}) (Version: 14.0.4763.1013 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miranda IM 0.10.13 (HKLM-x32\...\Miranda IM) (Version: 0.10.13 - Miranda IM Project)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Papyrus Autor Demo -- from R.O.M. logicware GmbH (HKLM-x32\...\Papyrus Autor Demo) (Version: - R.O.M. logicware GmbH)
PDF Creator (HKLM\...\PDF Creator) (Version: - )
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6285 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tango (HKCU\...\Tango) (Version: 1.6.14117 - TangoMe, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version: - Spacejock Software)
Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Restore Points =========================
22-04-2014 19:34:02 Windows Update
29-04-2014 08:05:16 Windows Update
02-05-2014 08:28:41 Windows Update
03-05-2014 21:25:25 Windows Update
06-05-2014 21:47:48 Windows Update
11-05-2014 20:33:12 Windows Live Essentials
11-05-2014 20:36:29 DirectX wurde installiert
11-05-2014 20:37:34 DirectX wurde installiert
11-05-2014 20:38:41 DirectX wurde installiert
11-05-2014 20:39:46 WLSetup
13-05-2014 06:48:54 Windows Update
15-05-2014 20:41:57 Windows Update
21-05-2014 09:53:19 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0B955395-0337-4142-9061-B07C089F40E3} - \QtraxPlayer No Task File <==== ATTENTION
Task: {137795EA-3D63-43A5-B9D5-DD6504BBA936} - System32\Tasks\{257A6D31-4D05-4B57-9CFA-C70B5A7D78AB} => C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\lotrbfme.exe
Task: {31E3A01A-A96A-48BD-B25C-69D35BC629E3} - System32\Tasks\{CCFA15E6-5B26-490A-ABF1-7291611AD4C9} => C:\Program Files (x86)\Real\RealPlayer\realtrimmer.exe
Task: {35A59EBF-E2B1-457B-8D4F-0E50B14C25E0} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {436459DA-3BE0-4A1E-B640-808906D8E53D} - System32\Tasks\{6D6BFDAA-1101-4947-890A-B0EB3F3C37AB} => C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\lotrbfme.exe
Task: {499FAA8B-97B4-4E0C-AC03-C1689279E9A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-07] (Google Inc.)
Task: {4D806133-0647-40B6-A784-6C8EA6455197} - \MySearchDial No Task File <==== ATTENTION
Task: {5BA5F480-CEDB-4892-B223-C0A9454B14F4} - System32\Tasks\Google Updater and Installer => C:\Users\menekse\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-11] (Google Inc.)
Task: {5F2370F2-1834-4385-8854-39A4EA978398} - System32\Tasks\{AD6A4823-7EFD-4B77-9229-B4CD0275A2CC} => C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\lotrbfme.exe
Task: {63A4FF66-9128-4D42-8D2B-5A35A805FF67} - System32\Tasks\SpottyFiles Update => C:\Program Files (x86)\SpottyFiles\SpottyFilesUpdater.exe
Task: {66A9BC10-BCB1-4174-B68F-E2A5D2A18304} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6919168E-0D08-45E1-B4FC-774D2C6FB00A} - System32\Tasks\{35B7D53A-DA89-4F82-9251-F230D7214974} => C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\lotrbfme.exe
Task: {76215E12-E550-41AC-8D10-FE7114007490} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2819111738-3698541298-223272285-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7A08D0DC-C40E-4BC1-9BC3-09E20FB05E52} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001UA => C:\Users\menekse\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-14] (Facebook Inc.)
Task: {80344E80-3F26-480B-95B1-FCD565923741} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2819111738-3698541298-223272285-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {83290B00-1E53-495A-8821-1ECF72D8A9A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-07] (Google Inc.)
Task: {8364EED9-B208-4A8E-AB81-10DD9AC7E281} - \DSite No Task File <==== ATTENTION
Task: {905F70AE-AF88-4BD3-89A8-3CD2F2A1F609} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2819111738-3698541298-223272285-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {95860372-42B9-4A34-BF9A-419ED8EB1483} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001UA => C:\Users\menekse\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-11] (Google Inc.)
Task: {9AAD7A42-E483-4414-81A1-EC6EEA47F247} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {9BFAF17E-F2C7-424D-BA50-B7C7F68939BA} - System32\Tasks\{BE2E2F08-B781-404B-9419-1215FD9530C9} => C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\lotrbfme.exe
Task: {9C65DB9A-3A0C-4C85-8E8C-249452C3321D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2819111738-3698541298-223272285-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {AC6CE951-6475-492D-B0A5-AA17B440C1D6} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2819111738-3698541298-223272285-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {B7561484-1CC5-476C-B914-0D4C4D8844D2} - System32\Tasks\{3C6B63FF-8666-4B71-B995-15C86088C9E6} => C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\lotrbfme.exe
Task: {C134134E-3668-4DD3-8AEB-24885002B069} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001Core => C:\Users\menekse\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-14] (Facebook Inc.)
Task: {C19FAC76-327D-40D4-8021-52E5F6634A1C} - System32\Tasks\{01F73B53-6E31-458B-ADD9-DB2C57FFCCF1} => Chrome.exe hxxp://ui.skype.com/ui/0/6.1.73.129.456/de/go/help.faq.installer?LastError=1618
Task: {D2FA5404-6F66-43CD-B50C-8C155A26F428} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2819111738-3698541298-223272285-1001 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
Task: {D39F96CC-986F-4180-9308-A22EE041027C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9CCB7B1-59F4-41B6-9B9C-481F1BDF9F6B} - System32\Tasks\{4448E63E-DA4D-46B2-B4CF-41528A6CF662} => C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\lotrbfme.exe
Task: {E4E88863-8D7E-4AD6-BDCF-CCADD2A44A31} - \DealPly No Task File <==== ATTENTION
Task: {E8A14152-A453-4039-BE5D-B2DA44B85223} - System32\Tasks\{E811C0A5-D462-481E-832F-EB1FFF535CFE} => C:\Program Files (x86)\Real\RealPlayer\realplay.exe
Task: {EB1AA34F-4669-4705-AB1D-AFD13F37E19D} - \Ad-Aware Antivirus Scheduled Scan No Task File <==== ATTENTION
Task: {F31EDF00-47F2-435F-9F05-5B00E4638995} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001Core => C:\Users\menekse\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-11] (Google Inc.)
Task: {F364197E-6A97-436E-BB1E-DEFE8C34F2E9} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {FD9BD585-976C-4606-B1A0-52B18F67E5ED} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2819111738-3698541298-223272285-1001 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001Core.job => C:\Users\menekse\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001UA.job => C:\Users\menekse\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001Core.job => C:\Users\menekse\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2819111738-3698541298-223272285-1001UA.job => C:\Users\menekse\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-09-11 18:58 - 2011-10-04 22:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2010-12-09 08:07 - 2010-12-09 08:07 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2010-12-09 08:07 - 2010-12-09 08:07 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2010-12-09 08:08 - 2010-12-09 08:08 - 00102912 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2010-12-09 07:54 - 2010-12-09 07:54 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-11 22:53 - 2013-10-10 20:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-05-22 22:10 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 22:10 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 22:10 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 22:10 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 22:10 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-22 22:10 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: TU => "C:\Users\menekse\AppData\Roaming\SDIV 2.0\Prot\tu\tu.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/26/2014 09:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 178762
Error: (05/26/2014 09:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 178762
Error: (05/26/2014 09:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/26/2014 09:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 177763
Error: (05/26/2014 09:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 177763
Error: (05/26/2014 09:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/26/2014 09:32:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 176765
Error: (05/26/2014 09:32:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 176765
Error: (05/26/2014 09:32:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/26/2014 09:32:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 175767
System errors:
=============
Error: (05/27/2014 09:46:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (05/27/2014 09:45:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/26/2014 04:10:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (05/26/2014 04:10:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/26/2014 10:46:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (05/26/2014 10:45:31 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/25/2014 10:10:08 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (05/25/2014 10:09:21 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/24/2014 11:26:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (05/24/2014 09:48:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Microsoft Office Sessions:
=========================
Error: (05/26/2014 09:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 178762
Error: (05/26/2014 09:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 178762
Error: (05/26/2014 09:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/26/2014 09:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 177763
Error: (05/26/2014 09:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 177763
Error: (05/26/2014 09:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/26/2014 09:32:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 176765
Error: (05/26/2014 09:32:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 176765
Error: (05/26/2014 09:32:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/26/2014 09:32:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 175767
==================== Memory info ===========================
Percentage of memory in use: 58%
Total physical RAM: 4095.29 MB
Available physical RAM: 1695.46 MB
Total Pagefile: 8188.76 MB
Available Pagefile: 5183.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:1366.17 GB) (Free:1284.87 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:9.71 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1397 GB) (Disk ID: FD9C4746)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-732114714624) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================ |