KuraikoSayo | 15.09.2014 23:00 | Hi Jürgen,
danke für deine schnelle Antwort ^^
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Laura (administrator) on LAURA-PC on 15-09-2014 23:48:35
Running from C:\Users\Laura\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Farbar) C:\Users\Laura\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-12] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\MountPoints2: {17245d97-ec9d-11df-afd5-806e6f6e6963} - E:\Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1410563098&from=cor&uid=TOSHIBAXMK2565GSX_80D4P0GZTXX80D4P0GZT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1410563098&from=cor&uid=TOSHIBAXMK2565GSX_80D4P0GZTXX80D4P0GZT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1410563098&from=cor&uid=TOSHIBAXMK2565GSX_80D4P0GZTXX80D4P0GZT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1410563098&from=cor&uid=TOSHIBAXMK2565GSX_80D4P0GZTXX80D4P0GZT&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1410563098&from=cor&uid=TOSHIBAXMK2565GSX_80D4P0GZTXX80D4P0GZT
SearchScopes: HKLM - {BC462635-0667-4F7A-86BA-23B15354201F} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {BC462635-0667-4F7A-86BA-23B15354201F} URL = hxxp://www.startseite24.net/?q={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\ulh5llgu.default
FF SearchEngineOrder.1: Websuche
FF Homepage: hxxp://proxer.me/
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\ulh5llgu.default\user.js
FF SearchPlugin: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\ulh5llgu.default\searchplugins\search_engine_trovi.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\ulh5llgu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-12]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-12] (AVAST Software)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-13] (Cherished Technololgy LIMITED)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-13] (Fuyu LIMITED) [File not signed]
S2 Update SmarterPower; "C:\Program Files (x86)\SmarterPower\updateSmarterPower.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-12] ()
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-11-10] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gw64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys [61080 2014-09-12] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-15 23:47 - 2014-09-15 23:48 - 00012272 _____ () C:\Users\Laura\Downloads\FRST.txt
2014-09-15 23:45 - 2014-09-15 23:45 - 00001150 _____ () C:\Users\Laura\Desktop\Addition - Verknüpfung.lnk
2014-09-15 23:45 - 2014-09-15 23:45 - 00001110 _____ () C:\Users\Laura\Desktop\FRST - Verknüpfung.lnk
2014-09-15 23:14 - 2014-09-15 23:15 - 02105856 _____ (Farbar) C:\Users\Laura\Downloads\FRST64(1).exe
2014-09-15 23:11 - 2014-09-15 23:12 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Mp3tag
2014-09-15 22:32 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-09-15 22:32 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-09-15 22:32 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-09-15 22:32 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-09-15 22:32 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2014-09-15 22:32 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2014-09-15 22:32 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-09-15 22:32 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2014-09-15 22:32 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2014-09-15 22:32 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-09-15 21:20 - 2014-09-15 21:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\LolClient
2014-09-15 20:56 - 2014-09-15 22:40 - 00000146 _____ () C:\Windows\setupact.log
2014-09-15 20:56 - 2014-09-15 20:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-15 19:31 - 2014-09-15 23:48 - 00000000 ____D () C:\FRST
2014-09-15 19:21 - 2014-09-15 19:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-15 19:21 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-15 17:21 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-15 17:21 - 2011-04-09 08:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-15 17:21 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-15 17:21 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-15 17:21 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-13 15:24 - 2014-09-13 15:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-13 15:18 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-09-13 15:17 - 2014-09-13 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-13 15:15 - 2014-09-13 15:16 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-13 15:15 - 2014-09-13 15:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-13 10:42 - 2014-09-13 10:42 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Macromedia
2014-09-13 09:35 - 2014-09-13 09:35 - 00000000 ____D () C:\ProgramData\Riot Games
2014-09-13 09:26 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-09-13 09:26 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-09-13 09:26 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-09-13 09:26 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-09-13 09:26 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-09-13 09:25 - 2014-09-15 22:04 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-09-13 09:23 - 2014-09-15 21:43 - 00000000 ____D () C:\Users\Laura\AppData\Local\PMB Files
2014-09-13 09:23 - 2014-09-13 09:40 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-13 09:23 - 2014-09-13 09:23 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-09-13 09:21 - 2014-09-13 09:22 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Riot Games
2014-09-13 09:04 - 2014-09-15 17:22 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-09-13 01:50 - 2014-09-13 01:50 - 00000000 ____D () C:\ProgramData\EA Core
2014-09-13 01:44 - 2014-09-15 18:25 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\SoftGrid Client
2014-09-13 01:44 - 2014-09-13 01:44 - 00000000 ____D () C:\Users\Laura\AppData\Local\SoftGrid Client
2014-09-13 01:43 - 2014-09-13 15:22 - 03131248 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 01:43 - 2014-09-13 01:44 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TP
2014-09-13 01:43 - 2014-09-13 01:43 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-13 01:32 - 2014-09-15 17:53 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-13 01:32 - 2014-09-15 17:52 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Origin
2014-09-13 01:32 - 2014-09-15 17:52 - 00000000 ____D () C:\Users\Laura\AppData\Local\Origin
2014-09-13 01:32 - 2014-09-13 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-13 01:31 - 2014-09-15 18:26 - 00000000 ____D () C:\ProgramData\Origin
2014-09-13 01:31 - 2014-09-15 17:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-13 01:27 - 2014-09-13 01:31 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-13 01:07 - 2014-09-12 04:40 - 00061080 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys
2014-09-13 01:05 - 2014-09-15 19:25 - 00003302 _____ () C:\Windows\System32\Tasks\ASP
2014-09-13 01:05 - 2014-09-13 01:18 - 00000000 ____D () C:\Program Files (x86)\SmarterPower
2014-09-13 01:05 - 2014-09-13 01:05 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-13 01:05 - 2014-09-13 01:05 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-13 01:04 - 2014-09-15 20:55 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Systweak
2014-09-13 01:04 - 2014-08-05 19:14 - 00020328 _____ () C:\Windows\system32\roboot64.exe
2014-09-13 00:54 - 2014-09-13 00:55 - 00001053 _____ () C:\Users\Laura\Desktop\CCleaner.lnk
2014-09-13 00:53 - 2014-09-13 00:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-09-13 00:53 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-09-13 00:53 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-09-13 00:49 - 2014-09-13 00:49 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\OpenOffice
2014-09-13 00:45 - 2014-09-13 00:45 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-13 00:44 - 2014-09-13 00:44 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-13 00:41 - 2014-09-13 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-13 00:23 - 2014-09-13 00:23 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-13 00:21 - 2014-09-15 18:24 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-13 00:09 - 2014-09-13 00:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2014-09-13 00:09 - 2013-04-05 21:27 - 02231296 _____ () C:\Windows\system32\ac3filter64.acm
2014-09-13 00:04 - 2014-09-13 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-12 23:28 - 2014-09-13 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-12 23:28 - 2014-09-12 23:28 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-12 23:20 - 2014-09-13 01:06 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-12 23:20 - 2014-09-12 23:21 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Mozilla
2014-09-12 23:20 - 2014-09-12 23:21 - 00000000 ____D () C:\Users\Laura\AppData\Local\Mozilla
2014-09-12 23:20 - 2014-09-12 23:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 23:20 - 2014-09-12 23:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-12 23:19 - 2014-09-12 23:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 23:16 - 2014-09-05 04:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 23:15 - 2014-09-05 03:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 23:13 - 2014-08-25 06:53 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-12 23:10 - 2014-09-15 20:57 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-12 23:10 - 2014-09-12 23:10 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-12 23:10 - 2014-09-12 23:10 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-12 23:10 - 2014-09-12 23:10 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\AVAST Software
2014-09-12 23:10 - 2014-09-12 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-12 23:09 - 2014-09-12 23:09 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-12 23:08 - 2014-09-12 23:09 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-12 23:07 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-12 23:07 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-12 23:07 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-12 23:07 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-12 23:07 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-12 23:07 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-12 23:07 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-12 23:07 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-12 23:07 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-12 23:05 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Adobe
2014-09-12 23:04 - 2014-09-12 23:05 - 00000000 ____D () C:\Users\Laura\AppData\Local\Google
2014-09-12 23:04 - 2014-09-12 23:04 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Google
2014-09-12 22:56 - 2014-09-12 22:56 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-09-12 19:58 - 2014-09-13 00:55 - 00000000 ____D () C:\Users\Laura\Documents\Cover
2014-08-25 20:27 - 2014-08-25 20:28 - 11358825 _____ () C:\Users\Laura\Desktop\01 Fated.m4a
2014-08-25 20:27 - 2014-08-25 20:28 - 09542408 _____ () C:\Users\Laura\Desktop\02 Catch Me -If you wanna-.m4a
2014-08-25 20:10 - 2014-08-25 20:37 - 204800000 _____ () C:\Users\Laura\Desktop\[TnF]FairyTail_184.mp4.part1.rar
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-15 23:48 - 2014-09-15 23:47 - 00012272 _____ () C:\Users\Laura\Downloads\FRST.txt
2014-09-15 23:48 - 2014-09-15 19:31 - 00000000 ____D () C:\FRST
2014-09-15 23:45 - 2014-09-15 23:45 - 00001150 _____ () C:\Users\Laura\Desktop\Addition - Verknüpfung.lnk
2014-09-15 23:45 - 2014-09-15 23:45 - 00001110 _____ () C:\Users\Laura\Desktop\FRST - Verknüpfung.lnk
2014-09-15 23:19 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 23:19 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 23:15 - 2014-09-15 23:14 - 02105856 _____ (Farbar) C:\Users\Laura\Downloads\FRST64(1).exe
2014-09-15 23:12 - 2014-09-15 23:11 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Mp3tag
2014-09-15 22:43 - 2010-06-14 12:51 - 01229301 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 22:41 - 2010-12-28 18:34 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-09-15 22:40 - 2014-09-15 20:56 - 00000146 _____ () C:\Windows\setupact.log
2014-09-15 22:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 22:35 - 2010-06-15 05:23 - 00654166 _____ () C:\Windows\system32\perfh007.dat
2014-09-15 22:35 - 2010-06-15 05:23 - 00130006 _____ () C:\Windows\system32\perfc007.dat
2014-09-15 22:35 - 2009-07-14 07:13 - 01514526 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 22:04 - 2014-09-13 09:25 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-09-15 21:43 - 2014-09-13 09:23 - 00000000 ____D () C:\Users\Laura\AppData\Local\PMB Files
2014-09-15 21:20 - 2014-09-15 21:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\LolClient
2014-09-15 20:57 - 2014-09-12 23:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-15 20:56 - 2014-09-15 20:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-15 20:55 - 2014-09-13 01:04 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Systweak
2014-09-15 19:25 - 2014-09-13 01:05 - 00003302 _____ () C:\Windows\System32\Tasks\ASP
2014-09-15 19:23 - 2014-09-15 19:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-15 19:19 - 2009-08-02 04:27 - 00000000 ____D () C:\Windows\Panther
2014-09-15 18:26 - 2014-09-13 01:31 - 00000000 ____D () C:\ProgramData\Origin
2014-09-15 18:26 - 2010-06-14 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-15 18:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-15 18:25 - 2014-09-13 01:44 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\SoftGrid Client
2014-09-15 18:24 - 2014-09-13 00:21 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-15 18:24 - 2010-06-14 12:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-15 18:23 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-15 17:53 - 2014-09-13 01:32 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-15 17:52 - 2014-09-13 01:32 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Origin
2014-09-15 17:52 - 2014-09-13 01:32 - 00000000 ____D () C:\Users\Laura\AppData\Local\Origin
2014-09-15 17:46 - 2014-09-13 01:31 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-15 17:22 - 2014-09-13 09:04 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-09-15 17:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-13 15:24 - 2014-09-13 15:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-13 15:24 - 2010-06-15 05:08 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-13 15:24 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-09-13 15:24 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-13 15:24 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-13 15:24 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-13 15:24 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-09-13 15:24 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-13 15:24 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-13 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-13 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-09-13 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-09-13 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-13 15:23 - 2010-06-15 05:15 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-13 15:23 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-09-13 15:23 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-09-13 15:23 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-09-13 15:23 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-09-13 15:23 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\winrm
2014-09-13 15:23 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\WCN
2014-09-13 15:23 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\slmgr
2014-09-13 15:23 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-13 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2014-09-13 15:22 - 2014-09-13 01:43 - 03131248 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 15:22 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-09-13 15:17 - 2014-09-13 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-13 15:16 - 2014-09-13 15:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-13 15:16 - 2014-09-13 15:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-13 10:42 - 2014-09-13 10:42 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Macromedia
2014-09-13 09:40 - 2014-09-13 09:23 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-13 09:35 - 2014-09-13 09:35 - 00000000 ____D () C:\ProgramData\Riot Games
2014-09-13 09:23 - 2014-09-13 09:23 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-09-13 09:22 - 2014-09-13 09:21 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Riot Games
2014-09-13 07:51 - 2010-06-14 13:03 - 00000000 ____D () C:\ProgramData\WinClon
2014-09-13 01:50 - 2014-09-13 01:50 - 00000000 ____D () C:\ProgramData\EA Core
2014-09-13 01:44 - 2014-09-13 01:44 - 00000000 ____D () C:\Users\Laura\AppData\Local\SoftGrid Client
2014-09-13 01:44 - 2014-09-13 01:43 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TP
2014-09-13 01:43 - 2014-09-13 01:43 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-13 01:32 - 2014-09-13 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-13 01:31 - 2014-09-13 01:27 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-13 01:27 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-13 01:18 - 2014-09-13 01:05 - 00000000 ____D () C:\Program Files (x86)\SmarterPower
2014-09-13 01:18 - 2010-06-14 13:11 - 00000000 ____D () C:\ProgramData\Partner
2014-09-13 01:18 - 2010-06-14 13:11 - 00000000 ____D () C:\Program Files\Google
2014-09-13 01:18 - 2009-07-14 06:45 - 00303464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-13 01:08 - 2014-07-22 16:29 - 00000000 ____D () C:\Users\Laura\Desktop\Fairy Tail
2014-09-13 01:07 - 2009-07-14 04:34 - 00000537 _____ () C:\Windows\win.ini
2014-09-13 01:06 - 2014-09-12 23:20 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 01:06 - 2010-12-28 18:47 - 00001439 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-13 01:06 - 2010-12-28 18:47 - 00001405 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-13 01:05 - 2014-09-13 01:05 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-13 01:05 - 2014-09-13 01:05 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-13 01:05 - 2010-12-28 18:41 - 00068656 _____ () C:\Users\Laura\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-13 00:55 - 2014-09-13 00:54 - 00001053 _____ () C:\Users\Laura\Desktop\CCleaner.lnk
2014-09-13 00:55 - 2014-09-12 19:58 - 00000000 ____D () C:\Users\Laura\Documents\Cover
2014-09-13 00:53 - 2014-09-13 00:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-09-13 00:49 - 2014-09-13 00:49 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\OpenOffice
2014-09-13 00:45 - 2014-09-13 00:45 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-13 00:44 - 2014-09-13 00:44 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-13 00:41 - 2014-09-13 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-13 00:31 - 2014-09-13 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2014-09-13 00:29 - 2014-09-13 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-13 00:24 - 2014-09-12 23:05 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Adobe
2014-09-13 00:24 - 2010-12-28 18:35 - 00000000 ____D () C:\Users\Laura\AppData\Local\Adobe
2014-09-13 00:23 - 2014-09-13 00:23 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-13 00:23 - 2014-09-12 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-12 23:28 - 2014-09-12 23:28 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-12 23:21 - 2014-09-12 23:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Mozilla
2014-09-12 23:21 - 2014-09-12 23:20 - 00000000 ____D () C:\Users\Laura\AppData\Local\Mozilla
2014-09-12 23:20 - 2014-09-12 23:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 23:20 - 2014-09-12 23:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-12 23:20 - 2014-09-12 23:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 23:10 - 2014-09-12 23:10 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-12 23:10 - 2014-09-12 23:10 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-12 23:10 - 2014-09-12 23:10 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-12 23:10 - 2014-09-12 23:10 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\AVAST Software
2014-09-12 23:10 - 2014-09-12 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-12 23:09 - 2014-09-12 23:09 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-12 23:09 - 2014-09-12 23:08 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-12 23:05 - 2014-09-12 23:04 - 00000000 ____D () C:\Users\Laura\AppData\Local\Google
2014-09-12 23:04 - 2014-09-12 23:04 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Google
2014-09-12 23:03 - 2010-06-14 13:04 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-12 23:02 - 2009-07-14 07:08 - 00000000 ____D () C:\Users\Administrator
2014-09-12 22:59 - 2010-06-14 12:53 - 00000000 ____D () C:\ProgramData\Temp
2014-09-12 22:56 - 2014-09-12 22:56 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-09-12 04:40 - 2014-09-13 01:07 - 00061080 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys
2014-09-05 04:01 - 2014-09-12 23:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 03:55 - 2014-09-12 23:15 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-29 13:01 - 2014-09-15 19:21 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-25 20:37 - 2014-08-25 20:10 - 204800000 _____ () C:\Users\Laura\Desktop\[TnF]FairyTail_184.mp4.part1.rar
2014-08-25 20:28 - 2014-08-25 20:27 - 11358825 _____ () C:\Users\Laura\Desktop\01 Fated.m4a
2014-08-25 20:28 - 2014-08-25 20:27 - 09542408 _____ () C:\Users\Laura\Desktop\02 Catch Me -If you wanna-.m4a
2014-08-25 06:53 - 2014-09-12 23:13 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-13 14:47
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Laura at 2014-09-15 23:49:09
Running from C:\Users\Laura\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
BatteryLifeExtender (HKLM-x32\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 6.0.2806 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.0.3108a - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 7.0.3213 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.2815b - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.1.1812 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3625 - CyberLink Corp.) Hidden
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
Mp3tag v2.63 (HKLM-x32\...\Mp3tag) (Version: v2.63 - Florian Heidenreich)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
15-09-2014 15:18:41 Installiert TheSims3EP4
15-09-2014 16:19:46 Entfernt TheSims3EP4
15-09-2014 16:21:53 Entfernt The Sims 3 World Adventures
15-09-2014 16:23:52 Entfernt The Sims 3
15-09-2014 16:25:34 Microsoft Office Klick-und-Los 2010 wird entfernt
15-09-2014 17:16:38 Advanced-System Protector
15-09-2014 17:20:47 Windows Update
15-09-2014 20:03:41 Removed League of Legends
15-09-2014 20:32:42 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E770F45-7A8B-4EF9-835C-D58A42D868A8} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {3790C71D-910E-400F-821A-D82E88CC18A2} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: {3A7593A8-C511-427D-9062-41B23CDDA6C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {3F5032B5-1ACA-40ED-8E8C-85E2E91F503E} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2009-12-17] (Samsung Electronics Co., Ltd.)
Task: {8C486767-AED4-465E-A7E4-4C5C97BD3CD1} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5D5A551-76DF-4A3D-99D0-5384C0D49074} - System32\Tasks\Games\UpdateCheck_S-1-5-21-868785299-726797094-2297327714-1001
Task: {C4F7CA60-F41B-4DFA-87D2-BB4E955248C6} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {D5F3117C-6EA6-45D1-B3CA-6FB138FA81EC} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {DD742FD1-D09A-4E3F-95D9-28D4B15112E0} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {EDCA2D2F-A01A-4D0C-AAB5-610B672C1F34} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-12] (AVAST Software)
Task: {EEA2A079-7FCE-4ABB-BDD3-F8D69CC2F2C0} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
==================== Loaded Modules (whitelisted) =============
2010-06-14 12:58 - 2009-07-07 20:23 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-09-12 23:10 - 2014-09-12 23:10 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-15 20:57 - 2014-09-15 20:57 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091501\algo.dll
2010-06-14 13:02 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2009-06-03 13:59 - 2009-06-03 13:59 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-06-03 13:59 - 2009-06-03 13:59 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-09-12 23:10 - 2014-09-12 23:10 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-12 23:20 - 2014-09-12 04:42 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:8530A643
AlternateDataStreams: C:\ProgramData\Temp:9E22BBE8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/15/2014 05:42:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (09/15/2014 05:39:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (09/15/2014 05:22:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (09/13/2014 02:52:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/13/2014 09:04:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (09/13/2014 01:44:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (09/13/2014 01:44:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (09/13/2014 01:31:19 AM) (Source: Windows Installer 3.1) (EventID: 4373) (User: )
Description: WindowsFür diesen Befehl ist nicht genügend Speicher verfügbar.
Error: (09/13/2014 01:24:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (09/13/2014 01:24:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
System errors:
=============
Error: (09/15/2014 10:40:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update SmarterPower" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/15/2014 08:56:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update SmarterPower" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/15/2014 08:12:04 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "TIM-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{DDD74713-64B6-4A23-8292-DBB2D721CA93}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/15/2014 07:25:42 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des Assistenten für das Sprachpaket-Setup. Führen Sie einen Neustart des Systems aus, und führen Sie den Assistenten erneut aus.
Error: (09/15/2014 07:25:41 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005
Error: (09/15/2014 07:25:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (09/15/2014 07:25:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16405
Error: (09/15/2014 07:25:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update SmarterPower" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/15/2014 07:07:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update SmarterPower" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/15/2014 06:27:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update SmarterPower" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (09/15/2014 05:42:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (09/15/2014 05:39:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (09/15/2014 05:22:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (09/13/2014 02:52:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (09/13/2014 09:04:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (09/13/2014 01:44:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (09/13/2014 01:44:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (09/13/2014 01:31:19 AM) (Source: Windows Installer 3.1) (EventID: 4373) (User: )
Description: WindowsFür diesen Befehl ist nicht genügend Speicher verfügbar.
Error: (09/13/2014 01:24:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (09/13/2014 01:24:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 45%
Total physical RAM: 3032.61 MB
Available physical RAM: 1667.43 MB
Total Pagefile: 6063.36 MB
Available Pagefile: 4440.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:80.86 GB) (Free:48.48 GB) NTFS
Drive d: () (Fixed) (Total:131.93 GB) (Free:112.88 GB) NTFS
Drive e: (Sims3EP04) (CDROM) (Total:4.93 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: EA9CBF94)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=80.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=131.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |