Katrin Reß | 11.09.2014 11:10 | So, erstmal die FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-09-2014
Ran by Windows 7 (administrator) on WINDOWS7-PC on 11-09-2014 11:32:40
Running from D:\Draft
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Zhorn Software) C:\Program Files\Stickies\fff.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Farbar) D:\Draft\FRST(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2494939295-118947492-3605075000-1001\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-2494939295-118947492-3605075000-1001\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
Startup: C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files\Stickies\fff.exe (Zhorn Software)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * RwcLkRen C:\Windows\system32\RwcLkCfgsdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3742AD29B85CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=prc265
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=prc265
SearchScopes: HKLM - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {F3D27D94-9B5A-464E-98D7-BF88A0D63F86} URL = hxxp://www.google.de/search?q={searchTerms}
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\ntdstz4m.default-1408919380087
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\discogs.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\soundcloud.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\urban-dictionary.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wikipedia-eng.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\youtube-videosuche.xml
FF Extension: Classic Theme Restorer - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\ntdstz4m.default-1408919380087\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-08-25]
FF Extension: QuickNote - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\ntdstz4m.default-1408919380087\Extensions\{C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}.xpi [2014-08-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-26]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-10-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR CustomProfile: C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (__MSG_appName__) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\beahobhgpojnjfdjglaehfhdanaioode [2014-03-22]
CHR Extension: (YouTube) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-12]
CHR Extension: (Google Search) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-12]
CHR Extension: (SaveByclick) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkjmpobpbjjjfajbalampbnjmbnefki [2013-01-22]
CHR Extension: (Gmail) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-12]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-18]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-18] (AVAST Software)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2304912 2011-07-06] (WIBU-SYSTEMS AG)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-18] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-18] ()
R3 FETND6V; C:\Windows\System32\DRIVERS\fetnd6v.sys [43520 2008-09-22] (VIA Technologies, Inc. )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc. )
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [46680 2011-07-07] (Focusrite Audio Engineering Limited.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [93304 2011-06-28] (PACE Anti-Piracy, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\WINDOW~1\AppData\Local\Temp\catchme.sys [X]
S3 cleanhlp; \??\C:\EEK\Run\cleanhlp32.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013\WNt500x86\Sandra.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-11 09:29 - 2014-09-11 09:29 - 318922021 _____ () C:\Windows\MEMORY.DMP
2014-09-11 09:29 - 2014-09-11 09:29 - 00153728 _____ () C:\Windows\Minidump\091114-40607-01.dmp
2014-09-11 09:09 - 2014-09-11 09:09 - 00000352 _____ () C:\Windows\PFRO.log
2014-09-11 00:47 - 2012-05-04 19:29 - 00772504 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2014-09-11 00:47 - 2012-05-04 19:29 - 00687504 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2014-09-11 00:35 - 2014-09-11 11:32 - 00000000 ____D () C:\FRST
2014-09-11 00:26 - 2014-09-11 00:26 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-09-11 00:26 - 2012-04-04 12:26 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2014-09-11 00:26 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-11 00:26 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-11 00:23 - 2013-02-28 13:19 - 20541216 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-09-11 00:23 - 2013-02-28 13:19 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-11 00:23 - 2013-02-28 13:19 - 08950048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-11 00:23 - 2013-02-28 13:19 - 07959000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-11 00:23 - 2013-02-28 13:19 - 06271872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-11 00:23 - 2013-02-28 13:19 - 02730784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-11 00:23 - 2013-02-28 13:19 - 01995552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-09-11 00:23 - 2013-02-28 13:19 - 01012512 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3231414.dll
2014-09-11 00:23 - 2013-02-28 13:19 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3231414.dll
2014-09-11 00:21 - 2014-09-11 11:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-11 00:21 - 2014-09-11 00:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-11 00:21 - 2014-09-11 00:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-11 00:16 - 2014-09-11 11:03 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 00:16 - 2014-09-11 00:16 - 00001031 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 00:16 - 2014-09-11 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 00:16 - 2014-09-11 00:16 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-11 00:16 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-11 00:16 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-11 00:16 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-10 23:54 - 2014-09-11 00:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-10 23:54 - 2014-09-11 00:00 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-10 23:54 - 2014-09-10 23:54 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-10 23:54 - 2014-09-10 23:54 - 00002090 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-10 23:54 - 2014-09-10 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-10 23:54 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-09-10 14:40 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 14:40 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 14:40 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 14:40 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 14:40 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 14:40 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 14:40 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 14:40 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-10 14:40 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 14:40 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 14:40 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 14:40 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-10 14:40 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 14:40 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 14:40 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 14:40 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-10 14:40 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 14:40 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 14:40 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-10 14:40 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-10 14:39 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 13:33 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 13:33 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 13:33 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 13:33 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 12:45 - 2014-09-10 12:45 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\Cycling '74
2014-09-10 12:32 - 2014-09-10 12:35 - 00000000 ____D () C:\Users\TEMP
2014-09-10 12:21 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 12:08 - 2014-09-10 12:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-09 19:56 - 2014-09-09 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-09-09 15:57 - 2014-09-10 12:06 - 00000000 ____D () C:\NVIDIA
2014-09-09 15:27 - 2014-09-09 15:27 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\EasySettingBox
2014-09-09 15:26 - 2014-09-09 19:56 - 00000000 ____D () C:\Program Files\Samsung
2014-09-09 15:24 - 2014-09-10 13:22 - 00000000 ____D () C:\Program Files\MonitorDriver
2014-09-09 15:24 - 2014-09-09 15:24 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\InstallShield
2014-09-03 10:32 - 2014-09-11 09:29 - 00000840 _____ () C:\Windows\setupact.log
2014-09-03 10:32 - 2014-09-03 10:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-02 13:10 - 2014-09-02 13:10 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\OpenOffice
2014-09-02 13:09 - 2014-09-02 13:09 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-02 13:09 - 2014-09-02 13:09 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-08-30 21:20 - 2014-08-30 21:20 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-30 21:20 - 2014-08-30 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-28 10:49 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 10:49 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-18 02:34 - 2014-08-18 02:34 - 00000000 ____D () C:\Users\Windows 7\Documents\OFX Presets
2014-08-13 19:06 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 19:06 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 19:06 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 19:06 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 12:38 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon(100).dll
2014-08-13 12:38 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet(102).dll
2014-08-13 12:38 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil(91).dll
2014-08-13 12:38 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled(96).dll
2014-08-13 12:38 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 12:38 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 12:38 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 12:38 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 12:38 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 12:38 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 12:38 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 12:38 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\system32\locale(93).nls
2014-08-13 12:38 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 12:38 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 12:38 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-13 12:38 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-13 12:38 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 12:38 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 12:38 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 12:38 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-11 11:32 - 2014-09-11 00:35 - 00000000 ____D () C:\FRST
2014-09-11 11:11 - 2014-09-11 00:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-11 11:03 - 2014-09-11 00:16 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 09:37 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-11 09:37 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 09:29 - 2014-09-11 09:29 - 318922021 _____ () C:\Windows\MEMORY.DMP
2014-09-11 09:29 - 2014-09-11 09:29 - 00153728 _____ () C:\Windows\Minidump\091114-40607-01.dmp
2014-09-11 09:29 - 2014-09-03 10:32 - 00000840 _____ () C:\Windows\setupact.log
2014-09-11 09:29 - 2011-12-02 00:15 - 00000000 ____D () C:\Windows\Minidump
2014-09-11 09:29 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 09:14 - 2014-07-06 10:33 - 01799850 _____ () C:\Windows\WindowsUpdate.log
2014-09-11 09:11 - 2011-11-29 22:50 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\stickies
2014-09-11 09:09 - 2014-09-11 09:09 - 00000352 _____ () C:\Windows\PFRO.log
2014-09-11 00:45 - 2014-02-05 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-11 00:26 - 2014-09-11 00:26 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-09-11 00:26 - 2011-10-07 18:10 - 00000000 ____D () C:\Temp
2014-09-11 00:25 - 2011-10-07 16:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-11 00:21 - 2014-09-11 00:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-11 00:21 - 2014-09-11 00:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-11 00:21 - 2011-10-10 11:19 - 00000000 ____D () C:\Users\Windows 7\AppData\Local\Adobe
2014-09-11 00:16 - 2014-09-11 00:16 - 00001031 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 00:16 - 2014-09-11 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 00:16 - 2014-09-11 00:16 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-11 00:13 - 2011-12-18 13:52 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\Malwarebytes
2014-09-11 00:13 - 2011-12-18 13:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-11 00:04 - 2014-09-10 23:54 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-11 00:00 - 2014-09-10 23:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-10 23:57 - 2012-01-30 14:05 - 00000000 ____D () C:\Users\Windows
2014-09-10 23:54 - 2014-09-10 23:54 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-10 23:54 - 2014-09-10 23:54 - 00002090 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-10 23:54 - 2014-09-10 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-10 16:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-10 15:17 - 2013-11-27 13:27 - 02392648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-10 15:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-10 14:39 - 2013-08-14 19:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 14:36 - 2011-10-07 16:23 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 14:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-10 13:30 - 2011-10-07 15:33 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 13:23 - 2011-10-07 15:31 - 00000000 ____D () C:\Users\Windows 7
2014-09-10 13:22 - 2014-09-09 15:24 - 00000000 ____D () C:\Program Files\MonitorDriver
2014-09-10 13:22 - 2013-11-14 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-10 13:22 - 2012-11-17 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-10 13:22 - 2012-02-16 12:36 - 00000000 ____D () C:\Users\Windows\AppData\Roaming\Winamp
2014-09-10 13:22 - 2012-01-30 14:07 - 00000000 ____D () C:\Users\Windows\AppData\Roaming\Mozilla
2014-09-10 13:22 - 2012-01-30 14:05 - 00000000 ___RD () C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-10 13:22 - 2012-01-30 14:05 - 00000000 ___RD () C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-10 13:22 - 2011-11-30 19:19 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\vlc
2014-09-10 13:22 - 2011-10-07 16:07 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-10 13:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-09-10 13:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\schemas
2014-09-10 13:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-09-10 13:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-10 13:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-09-10 12:45 - 2014-09-10 12:45 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\Cycling '74
2014-09-10 12:35 - 2014-09-10 12:32 - 00000000 ____D () C:\Users\TEMP
2014-09-10 12:08 - 2014-09-10 12:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-10 12:06 - 2014-09-09 15:57 - 00000000 ____D () C:\NVIDIA
2014-09-09 19:56 - 2014-09-09 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-09-09 19:56 - 2014-09-09 15:26 - 00000000 ____D () C:\Program Files\Samsung
2014-09-09 15:27 - 2014-09-09 15:27 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\EasySettingBox
2014-09-09 15:24 - 2014-09-09 15:24 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\InstallShield
2014-09-06 01:14 - 2012-11-04 15:35 - 00001456 _____ () C:\Users\Windows 7\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-09-06 00:50 - 2013-11-28 00:27 - 00134280 _____ () C:\Users\Windows 7\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-03 10:32 - 2014-09-03 10:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-02 13:10 - 2014-09-02 13:10 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\OpenOffice
2014-09-02 13:09 - 2014-09-02 13:09 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-02 13:09 - 2014-09-02 13:09 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-08-31 10:33 - 2013-03-24 19:49 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\Media Player Classic
2014-08-30 21:20 - 2014-08-30 21:20 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-30 21:20 - 2014-08-30 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-30 21:20 - 2011-12-01 02:28 - 00000936 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-30 21:20 - 2011-12-01 02:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-30 21:20 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-08-30 21:13 - 2012-02-21 11:15 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-08-23 03:46 - 2014-08-28 10:49 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-08-28 10:49 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-18 20:52 - 2014-05-31 13:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-18 14:21 - 2011-11-22 23:16 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-08-18 02:34 - 2014-08-18 02:34 - 00000000 ____D () C:\Users\Windows 7\Documents\OFX Presets
2014-08-15 16:51 - 2014-09-10 14:40 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 16:42 - 2014-09-10 14:40 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 16:42 - 2014-09-10 14:40 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 16:37 - 2014-09-10 14:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 16:37 - 2014-09-10 14:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 16:36 - 2014-09-10 14:40 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 16:35 - 2014-09-10 14:40 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 16:35 - 2014-09-10 14:40 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-15 16:35 - 2014-09-10 14:40 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 16:35 - 2014-09-10 14:40 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 16:35 - 2014-09-10 14:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 16:35 - 2014-09-10 14:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-15 16:35 - 2014-09-10 14:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 16:35 - 2014-09-10 14:40 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 16:35 - 2014-09-10 14:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 16:35 - 2014-09-10 14:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-15 16:34 - 2014-09-10 14:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 16:34 - 2014-09-10 14:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 16:34 - 2014-09-10 14:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-15 16:34 - 2014-09-10 14:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-15 16:34 - 2014-09-10 12:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
Some content of TEMP:
====================
C:\Users\Windows 7\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Windows 7\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Windows 7\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Windows 7\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-06 22:35
==================== End Of Log ============================ --- --- ---
Die Addition.TXT:FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-09-2014
Ran by Windows 7 at 2014-09-11 00:36:32
Running from D:\Draft
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Media Player (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiograbber 1.83 SE (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber MP3-Plugin (HKLM\...\Audiograbber-Lame) (Version: 1.0 - AG)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Focusrite USB 2.0 Audio Driver 2.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.1 - Focusrite Audio Engineering Limited.)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
Google Update Helper (Version: 1.3.21.111 - Google Inc.) Hidden
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (Version: 2.8.05.13 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
K-Lite Codec Pack 9.8.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 9.8.0 - )
LightScribe System Software (HKLM\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (HKLM\...\{8A03241E-7A3C-401D-B0CE-B3096F50AE6F}) (Version: 1.18.27.10 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 32.0 (x86 en-US) (HKLM\...\Mozilla Thunderbird 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mp3tag v2.58 (HKLM\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MPK mini Editor (HKLM\...\MPKminiEditor) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 314.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.14 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.14 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Systemsteuerung 314.14 (Version: 314.14 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden
Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version: - )
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Stickies 7.1b (HKLM\...\ZhornStickies) (Version: - Zhorn Software)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VIA Rhine Family Fast Ethernet Adapter (HKLM\...\VN_VUIns_Rhine_VIA) (Version: - )
Visual C++ Redistributables (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Focusrite USB 2.0 Audio Driver (07/07/2011 15.32.4.883) (HKLM\...\F4B837225347AABC4F4DB6067C4D5642AF04B34C) (Version: 07/07/2011 15.32.4.883 - Focusrite)
WinRAR 5.10 beta 4 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2494939295-118947492-3605075000-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Windows 7\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2494939295-118947492-3605075000-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Windows 7\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
==================== Restore Points =========================
10-09-2014 10:08:15 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
10-09-2014 10:13:57 Windows Update
10-09-2014 10:59:06 Windows Modules Installer
10-09-2014 11:07:28 Wiederherstellungsvorgang
10-09-2014 11:14:37 avast! antivirus system restore point
10-09-2014 11:17:20 Wiederherstellungsvorgang
10-09-2014 11:24:02 avast! antivirus system restore point
10-09-2014 11:27:29 Windows Update
10-09-2014 12:34:07 Windows Update
10-09-2014 22:24:06 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
10-09-2014 22:26:12 Gerätetreiber-Paketinstallation: NVIDIA USB-Controller
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2012-12-26 15:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {060BD9B5-EDB4-49E1-A189-A5DF677CDE7E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {19E79338-F4AD-41C2-8CD0-EDB80231CBB1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18] (AVAST Software)
Task: {2340D933-5E19-45C4-BA4F-6ED38831B4DF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {3D11A371-64FC-4B4B-B0C4-CAA326C2641B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {47BC44E3-4D76-4CE7-8939-E3CA4175353A} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {49861C4B-CF9C-4DF3-833A-F96FB68FDD23} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {5F76BEDF-1CAF-4BE8-B091-2C2CC0985D97} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {699A0C1D-087C-4900-A16E-5F699EA14348} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {727348A4-7DAD-4F61-8E3C-ED89812A31C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {82FCD426-64C0-464A-85BE-2C3F75A9D7E7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B50B2103-21DA-4D3B-9FFC-F9C16E366E62} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {D7703829-829A-49F9-9C74-FC1A8E9C2E0F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {DBEF833E-BB5A-4309-9292-A5D90B242DBF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {E621AB1C-37FE-481B-AD7F-5C629EAFBC8B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-07-18 12:07 - 2014-07-18 12:07 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-10 13:25 - 2014-09-10 13:25 - 02847744 _____ () C:\Program Files\AVAST Software\Avast\defs\14091000\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-10 23:54 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-10 23:54 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-07-18 12:07 - 2014-07-18 12:07 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-01-16 12:58 - 2013-01-16 12:58 - 02408448 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2013-01-16 12:58 - 2013-01-16 12:58 - 08626176 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2013-01-16 12:58 - 2013-01-16 12:58 - 00212992 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-05-31 13:36 - 2014-07-30 12:50 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2012-02-01 05:48 - 2012-02-01 05:48 - 00049064 _____ () C:\Program Files\Common Files\DFX\Dlls\dfxShared32.dll
2011-11-22 23:16 - 2014-08-18 14:20 - 03236464 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2011-11-22 23:16 - 2014-08-18 14:20 - 00158832 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2011-11-22 23:16 - 2014-08-18 14:20 - 00023152 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2012-11-21 12:42 - 2012-11-21 07:26 - 00008704 _____ () C:\Users\Windows 7\AppData\Roaming\Thunderbird\Profiles\mvtlvz3d.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2014-09-10 23:54 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-10 23:54 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-10 23:54 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-21 19:49 - 2014-08-21 19:49 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-10-30 15:27 - 2013-02-28 10:36 - 00078624 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Microsoft:FDUDNXZGOnVo2KkJszdkQL
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Digital Still Camera
Description: Digital Still Camera
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: (Standardmäßige MTP-unterstützte Geräte)
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (09/11/2014 00:26:55 AM) (Source: MsiInstaller) (EventID: 10011) (User: Windows7-PC)
Description: Produkt: NVIDIA PhysX -- Schlüssel ist im angegebenen Status nicht gültig.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/11/2014 00:24:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x13b0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (09/11/2014 00:23:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x4b0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (09/11/2014 00:23:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1304
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (09/11/2014 00:22:20 AM) (Source: MsiInstaller) (EventID: 10011) (User: Windows7-PC)
Description: Produkt: Java 8 Update 20 -- Schlüssel ist im angegebenen Status nicht gültig.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/11/2014 00:20:19 AM) (Source: MsiInstaller) (EventID: 10011) (User: Windows7-PC)
Description: Product: Adobe AIR -- Schlüssel ist im angegebenen Status nicht gültig.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/11/2014 00:20:06 AM) (Source: MsiInstaller) (EventID: 10011) (User: Windows7-PC)
Description: Product: Adobe AIR -- Schlüssel ist im angegebenen Status nicht gültig.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/11/2014 00:16:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x17dc
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (09/11/2014 00:16:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1578
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (09/11/2014 00:15:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xf44
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
System errors:
=============
Error: (09/10/2014 11:55:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/10/2014 11:55:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (09/10/2014 03:19:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (09/10/2014 03:19:06 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (09/10/2014 01:26:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (09/10/2014 01:26:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (09/10/2014 01:16:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (09/10/2014 01:16:37 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (09/10/2014 11:24:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (09/10/2014 11:24:26 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (09/11/2014 00:26:55 AM) (Source: MsiInstaller) (EventID: 10011) (User: Windows7-PC)
Description: Produkt: NVIDIA PhysX -- Schlüssel ist im angegebenen Status nicht gültig.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/11/2014 00:24:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd13b001cfcd45e57ca3cfC:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll2e3aacdf-3939-11e4-b7e7-001e90b7e486
Error: (09/11/2014 00:23:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd4b001cfcd45d94ea16fC:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll1cb46691-3939-11e4-b7e7-001e90b7e486
Error: (09/11/2014 00:23:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd130401cfcd45c232c87fC:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll05c3cdee-3939-11e4-b7e7-001e90b7e486
Error: (09/11/2014 00:22:20 AM) (Source: MsiInstaller) (EventID: 10011) (User: Windows7-PC)
Description: Produkt: Java 8 Update 20 -- Schlüssel ist im angegebenen Status nicht gültig.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/11/2014 00:20:19 AM) (Source: MsiInstaller) (EventID: 10011) (User: Windows7-PC)
Description: Product: Adobe AIR -- Schlüssel ist im angegebenen Status nicht gültig.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/11/2014 00:20:06 AM) (Source: MsiInstaller) (EventID: 10011) (User: Windows7-PC)
Description: Product: Adobe AIR -- Schlüssel ist im angegebenen Status nicht gültig.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/11/2014 00:16:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd17dc01cfcd44e9b778f2C:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll2be0c4cf-3938-11e4-b7e7-001e90b7e486
Error: (09/11/2014 00:16:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd157801cfcd44dd83319aC:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll1f6c93b5-3938-11e4-b7e7-001e90b7e486
Error: (09/11/2014 00:15:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdf4401cfcd44ae905498C:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dllf0a5ca8b-3937-11e4-b7e7-001e90b7e486
CodeIntegrity Errors:
===================================
Date: 2012-12-14 00:13:54.314
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-14 00:13:25.051
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-05 22:54:03.345
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-05 22:54:01.820
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-06 12:32:46.504
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-06 12:28:53.775
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-04 12:48:20.727
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-03 23:04:12.661
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-03 23:02:45.862
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-20 21:25:13.728
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 3326.24 MB
Available physical RAM: 1408.22 MB
Total Pagefile: 9974.96 MB
Available Pagefile: 7684.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.56 MB
==================== Drives ================================
Drive c: (FestplatteC) (Fixed) (Total:232.79 GB) (Free:48.88 GB) NTFS
Drive d: (GRUFT) (Fixed) (Total:149.05 GB) (Free:45.23 GB) NTFS
Drive f: (User Manual) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 000982CB)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F44BF44B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================ --- --- --- |