| |
| |||||||
Log-Analyse und Auswertung: Win 7 (32): Laptop kaum noch nutzbar; Iminent & Co.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.07.2014, 18:03
| #1 |
 |  Win 7 (32): Laptop kaum noch nutzbar; Iminent & Co. Hallo zusammen, hatte gehofft, Euch nicht so schnell wieder "belästigen" zu müssen, aber ich habe erneut ein Laptop hier, das kaum noch nutzbar war. Ich habe soweit wie möglich schon alles bereinigt, würde mich aber freuen, wenn einer mal über die Logs schaut. Benutzte Tools: FRST, JRT, TFC, ESET, MBAM Was ist noch zu entfernen oder zu fixen? Rechner läuft inzwischen wieder zufriedenstellend. Gruß Riddle FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-07-2014
Ran by Hans (administrator) on HANS-MEDION on 09-07-2014 13:41:02
Running from D:\Eigene Dateien\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Iminent) C:\Program Files\Common Files\Umbrella\Umbrella257.exe
() C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62\SupraSavingsService.exe
(Wajam Internet Technologies Inc.) C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
() C:\Program Files\003\xmkysecqun32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Agere Systems) C:\Windows\AGRSMMSG.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
() C:\Program Files\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\Hans\AppData\Local\prtvfh.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(HQ-1.9) C:\Program Files\HQPro-2\HQPro-2-bg.exe
(Wajam Internet Technologies Inc.) C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AGRSMMSG] => C:\Windows\AGRSMMSG.exe [88203 2005-08-24] (Agere Systems)
HKLM\...\Run: [LaunchAp] => C:\Program Files\Launch Manager\LaunchAp.exe [32768 2005-07-25] ()
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2006-12-14] (Wistron)
HKLM\...\Run: [CtrlVol] => "C:\Program Files\Launch Manager\CtrlVol.exe"
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [86016 2006-11-09] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-4021299306-2350630999-2698318419-1000\...\Run: [prtvfh] => c:\users\hans\appdata\local\prtvfh.exe [3121152 2014-07-03] ()
HKU\S-1-5-21-4021299306-2350630999-2698318419-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe [256280 2010-01-27] (Adobe Systems, Inc.)
HKU\S-1-5-21-4021299306-2350630999-2698318419-1000\...\MountPoints2: {129610de-c67e-11e3-b5b0-000ae4adec73} - F:\SETUP.EXE
HKU\S-1-5-21-4021299306-2350630999-2698318419-1000\...\MountPoints2: {71b9afaf-c672-11e3-864f-0010c68131f6} - G:\SETUP.EXE
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\Hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\prtvfh.lnk
ShortcutTarget: prtvfh.lnk -> C:\Users\Hans\AppData\Local\prtvfh.exe ()
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:50864;https=127.0.0.1:50864
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=C2C5B7DB-1EEA-4AEB-9038-10F909AEC24A
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE2A486E3885ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKCU - DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = https://www.google.com/search?q={searchTerms}
BHO: 2rs3 - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files\SupraSavings\2rs3.dll ()
BHO: HQPro-2 - {11111111-1111-1111-1111-110511311172} - C:\Program Files\HQPro-2\HQPro-2-bho.dll (HQ-1.9)
BHO: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files\IminentToolbar\1.8.28.3\bh\iminent.dll (Iminent)
BHO: ViewPassword - {1FDB7D72-6566-B7C1-4FB2-C36D88DB6D81} - C:\Program Files\ViewPassword-soft\170.dll ()
BHO: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
Toolbar: HKLM - Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files\IminentToolbar\1.8.28.3\iminentTlbr.dll (Iminent)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\udgpk67t.default
FF NewTab: hxxp://start.iminent.com/?ref=NewTab&appId=C2C5B7DB-1EEA-4AEB-9038-10F909AEC24A
FF SelectedSearchEngine: StartWeb
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\udgpk67t.default\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\udgpk67t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-18]
FF HKCU\...\Firefox\Extensions: [{94AC05F5-E501-976D-7B69-558122C7BE1F}] - C:\Program Files\ViewPassword-soft\170.xpi
FF Extension: No Name - C:\Program Files\ViewPassword-soft\170.xpi [2014-05-24]
========================== Services (Whitelisted) =================
R4 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
S4 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-16] (globalUpdate) [File not signed]
S4 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-16] (globalUpdate) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R4 SProtection; C:\Program Files\Common Files\Umbrella\Umbrella257.exe [3088192 2014-05-28] (Iminent)
R4 SupraSavingsService; C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62\SupraSavingsService.exe [151040 2014-06-25] () [File not signed]
R2 Wajam Internet Enhancer Service; C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [217600 2014-06-06] (Wajam Internet Technologies Inc.) [File not signed]
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.) [File not signed]
R4 xmkysecqun32; C:\Program Files\003\xmkysecqun32.exe [541696 2014-04-25] () [File not signed]
==================== Drivers (Whitelisted) ====================
S3 ATSWPDRV; C:\Windows\System32\Drivers\ATSwpDrv.sys [107890 2005-01-07] (AuthenTec, Inc.)
S3 BazisPortableCDBus; C:\Windows\System32\drivers\BazisPortableCDBus.sys [152576 2014-04-18] (SysProgs.org) [File not signed]
R1 Hotkey; C:\Windows\system32\Drivers\Hotkey.sys [9867 2003-04-28] () [File not signed]
S3 iaStorA; C:\Windows\system32\drivers\iaStorA.sys [489968 2013-07-02] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24048 2013-07-02] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [583664 2013-07-02] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKsld654fe0b; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C21B1C9F-4324-4E86-BCE0-317DF2EEE7DD}\MpKsld654fe0b.sys [39464 2014-07-09] (Microsoft Corporation)
R1 netfilter; C:\Windows\System32\drivers\netfilter.sys [31744 2014-06-12] (NetFilterSDK.com) [File not signed]
R3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2595840 2007-03-07] (Intel® Corporation)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S1 mailKmd; No ImagePath
S1 netfilter2; system32\drivers\netfilter2.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-09 13:37 - 2014-07-09 13:41 - 00000000 ____D () C:\FRST
2014-07-09 12:25 - 2014-07-09 12:25 - 00001087 _____ () C:\Users\Public\Desktop\DriveImage XML.lnk
2014-07-09 12:25 - 2014-07-09 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2014-07-09 12:25 - 2014-07-09 12:25 - 00000000 ____D () C:\Program Files\Runtime Software
2014-07-09 11:47 - 2014-07-09 11:47 - 00000000 ____D () C:\Windows\pss
2014-07-03 17:18 - 2014-07-09 13:41 - 01042528 _____ () C:\Users\Hans\AppData\Local\prtvfh.gss
2014-07-03 17:18 - 2014-07-09 13:36 - 00060416 _____ () C:\Users\Hans\AppData\Local\prtvfh.gdb
2014-07-03 17:18 - 2014-07-03 17:18 - 03121152 _____ () C:\Users\Hans\AppData\Local\prtvfh.exe
2014-07-03 17:11 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-03 17:11 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-03 17:11 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-03 17:10 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-03 17:10 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-03 17:10 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-03 17:10 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-03 17:10 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-03 17:10 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-03 17:10 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-03 17:10 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-03 17:10 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-03 17:09 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-03 17:09 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-03 17:09 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-03 17:09 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-03 17:09 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-03 17:09 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-03 17:09 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-03 17:09 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-03 17:09 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-03 17:09 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-03 17:08 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-03 17:08 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-03 17:08 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-03 17:08 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-03 17:08 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-03 17:08 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-03 17:07 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-03 17:07 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-03 17:07 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-27 18:29 - 2014-06-27 18:29 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-27 18:26 - 2014-06-27 18:26 - 00000000 ____D () C:\ProgramData\ATI
2014-06-27 18:25 - 2014-06-27 18:25 - 00000000 ____D () C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-06-16 17:48 - 2014-07-09 11:49 - 00001392 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-5.job
2014-06-16 17:48 - 2014-07-09 11:49 - 00001376 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-5.job
2014-06-16 17:48 - 2014-07-09 11:48 - 00001472 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-1.job
2014-06-16 17:48 - 2014-07-09 11:48 - 00001312 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-2.job
2014-06-16 17:48 - 2014-07-03 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-16 17:47 - 2014-07-09 11:47 - 00002350 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-4.job
2014-06-16 17:47 - 2014-07-09 11:47 - 00002170 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-4.job
2014-06-16 17:47 - 2014-07-09 11:47 - 00001448 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-1.job
2014-06-16 17:47 - 2014-07-07 19:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-16 17:47 - 2014-06-16 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-06-16 17:47 - 2014-06-16 17:47 - 00000000 ____D () C:\Program Files\Wajam
2014-06-16 17:46 - 2014-07-09 11:46 - 00003442 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-11.job
2014-06-16 17:46 - 2014-07-09 11:46 - 00003434 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-11.job
2014-06-16 17:46 - 2014-07-09 11:46 - 00003104 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-3.job
2014-06-16 17:46 - 2014-07-09 11:46 - 00003096 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-3.job
2014-06-16 17:44 - 2014-06-16 17:49 - 00000000 ____D () C:\Program Files\PlusHD-V1.3
2014-06-16 17:44 - 2014-06-16 17:49 - 00000000 ____D () C:\Program Files\HQPro-2
2014-06-16 17:30 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-16 17:30 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-16 17:30 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-16 17:26 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-16 17:26 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-16 17:25 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 21:05 - 2014-06-12 21:05 - 00031744 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter.sys
2014-06-12 15:24 - 2014-05-08 11:06 - 02742784 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 15:24 - 2014-05-08 11:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 15:18 - 2014-07-09 12:34 - 00000000 ____D () C:\Users\Hans\AppData\Local\Microsoft Games
2014-06-11 18:02 - 2014-06-11 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
==================== One Month Modified Files and Folders =======
2014-07-09 13:41 - 2014-07-09 13:37 - 00000000 ____D () C:\FRST
2014-07-09 13:41 - 2014-07-03 17:18 - 01042528 _____ () C:\Users\Hans\AppData\Local\prtvfh.gss
2014-07-09 13:36 - 2014-07-03 17:18 - 00060416 _____ () C:\Users\Hans\AppData\Local\prtvfh.gdb
2014-07-09 13:35 - 2014-04-25 17:07 - 00000000 ____D () C:\Program Files\suprasavings
2014-07-09 13:35 - 2014-04-18 16:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-09 13:35 - 2009-07-14 06:34 - 00022496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 13:35 - 2009-07-14 06:34 - 00022496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 13:11 - 2014-04-17 22:49 - 01809079 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 12:34 - 2014-06-12 15:18 - 00000000 ____D () C:\Users\Hans\AppData\Local\Microsoft Games
2014-07-09 12:25 - 2014-07-09 12:25 - 00001087 _____ () C:\Users\Public\Desktop\DriveImage XML.lnk
2014-07-09 12:25 - 2014-07-09 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2014-07-09 12:25 - 2014-07-09 12:25 - 00000000 ____D () C:\Program Files\Runtime Software
2014-07-09 12:17 - 2014-05-24 18:12 - 00002424 _____ () C:\Windows\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-4.job
2014-07-09 12:12 - 2014-05-24 18:12 - 00003446 _____ () C:\Windows\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-3.job
2014-07-09 12:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-09 12:04 - 2014-04-18 00:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-09 11:55 - 2014-04-18 00:06 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-09 11:51 - 2014-05-24 18:12 - 00000894 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-09 11:49 - 2014-06-16 17:48 - 00001392 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-5.job
2014-07-09 11:49 - 2014-06-16 17:48 - 00001376 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-5.job
2014-07-09 11:48 - 2014-06-16 17:48 - 00001472 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-1.job
2014-07-09 11:48 - 2014-06-16 17:48 - 00001312 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-2.job
2014-07-09 11:47 - 2014-07-09 11:47 - 00000000 ____D () C:\Windows\pss
2014-07-09 11:47 - 2014-06-16 17:47 - 00002350 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-4.job
2014-07-09 11:47 - 2014-06-16 17:47 - 00002170 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-4.job
2014-07-09 11:47 - 2014-06-16 17:47 - 00001448 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-1.job
2014-07-09 11:46 - 2014-06-16 17:46 - 00003442 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-11.job
2014-07-09 11:46 - 2014-06-16 17:46 - 00003434 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-11.job
2014-07-09 11:46 - 2014-06-16 17:46 - 00003104 _____ () C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-3.job
2014-07-09 11:46 - 2014-06-16 17:46 - 00003096 _____ () C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-3.job
2014-07-09 11:38 - 2014-04-18 16:16 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 11:38 - 2014-04-18 16:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 11:37 - 2014-04-25 17:04 - 00000000 ____D () C:\Users\Hans\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2014-07-09 11:13 - 2009-07-14 06:39 - 00027519 _____ () C:\Windows\setupact.log
2014-07-09 11:10 - 2010-11-20 23:01 - 01628312 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 10:59 - 2014-05-24 18:12 - 00000890 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-09 10:58 - 2014-05-24 18:11 - 00000398 _____ () C:\Windows\Tasks\ViewPassword Update.job
2014-07-09 10:57 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-07 20:00 - 2014-05-16 16:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-07 19:42 - 2014-06-16 17:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-03 17:18 - 2014-07-03 17:18 - 03121152 _____ () C:\Users\Hans\AppData\Local\prtvfh.exe
2014-07-03 17:17 - 2014-04-25 17:06 - 00000000 ____D () C:\Users\Hans\AppData\Roaming\System Speedup
2014-07-03 16:48 - 2014-04-17 23:43 - 00000000 ____D () C:\Users\Hans\AppData\Local\Microsoft Help
2014-07-03 16:43 - 2014-06-16 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-27 18:29 - 2014-06-27 18:29 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-27 18:28 - 2014-04-25 17:09 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-06-27 18:26 - 2014-06-27 18:26 - 00000000 ____D () C:\ProgramData\ATI
2014-06-27 18:25 - 2014-06-27 18:25 - 00000000 ____D () C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-06-27 18:24 - 2014-04-25 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-27 18:24 - 2014-04-25 17:12 - 00000000 ____D () C:\Program Files\Advanced System Protector
2014-06-27 18:24 - 2014-04-25 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-06-27 18:24 - 2014-04-25 17:01 - 00000000 ____D () C:\Program Files\System Speedup
2014-06-27 18:24 - 2014-04-17 22:56 - 00000000 ____D () C:\Users\Hans
2014-06-27 18:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-06-27 18:22 - 2014-04-25 17:10 - 00000000 ____D () C:\Users\Hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-27 18:22 - 2014-04-25 17:05 - 00000000 ____D () C:\Program Files\IminentToolbar
2014-06-27 18:22 - 2014-04-18 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-06-27 18:22 - 2014-04-18 00:39 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-27 18:22 - 2014-04-18 00:39 - 00000000 ____D () C:\Program Files\ATI
2014-06-27 18:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2014-06-27 18:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-27 18:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-06-27 18:20 - 2014-04-25 17:03 - 00000000 ____D () C:\Users\Hans\AppData\Roaming\systweak
2014-06-20 11:23 - 2014-04-17 22:56 - 00000000 ____D () C:\Users\Hans\AppData\Local\VirtualStore
2014-06-20 11:18 - 2014-04-25 17:11 - 00000270 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-06-20 11:18 - 2014-04-25 17:10 - 00000262 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-06-16 18:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-16 17:49 - 2014-06-16 17:44 - 00000000 ____D () C:\Program Files\PlusHD-V1.3
2014-06-16 17:49 - 2014-06-16 17:44 - 00000000 ____D () C:\Program Files\HQPro-2
2014-06-16 17:48 - 2014-06-16 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-06-16 17:47 - 2014-06-16 17:47 - 00000000 ____D () C:\Program Files\Wajam
2014-06-16 17:47 - 2014-05-18 15:50 - 00000000 _____ () C:\END
2014-06-16 17:02 - 2014-04-17 23:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-16 17:00 - 2014-04-18 00:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-16 16:57 - 2014-04-18 00:05 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 21:05 - 2014-06-12 21:05 - 00031744 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter.sys
2014-06-11 18:02 - 2014-06-11 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-06-11 18:02 - 2014-04-17 23:42 - 00000000 ____D () C:\Program Files\Microsoft Office
Some content of TEMP:
====================
C:\Users\Hans\AppData\Local\Temp\BackupSetup.exe
C:\Users\Hans\AppData\Local\Temp\dlLogic.exe
C:\Users\Hans\AppData\Local\Temp\ose00000.exe
C:\Users\Hans\AppData\Local\Temp\RegClean6.exe
C:\Users\Hans\AppData\Local\Temp\spidentifierimpl.exe
C:\Users\Hans\AppData\Local\Temp\spstub.exe
C:\Users\Hans\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-16 18:07
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-07-2014
Ran by Hans at 2014-07-09 13:42:20
Running from D:\Eigene Dateien\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12594 - Systweak Software) <==== ATTENTION
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{A7CEEA0B-19F6-1D77-972A-E0CFE6D8857E}) (Version: 3.0.694.0 - ATI Technologies, Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0923.2139.36956 - ATI Technologies, Inc.) Hidden
CCC Help English (Version: 2008.0923.2138.36956 - ATI) Hidden
ccc-core-static (Version: 2008.0923.2139.36956 - Ihr Firmenname) Hidden
ccc-utility (Version: 2008.0923.2139.36956 - ATI) Hidden
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DriveImage XML (Private Edition) (HKLM\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
Genesis (HKCU\...\prtvfh) (Version: - ) <==== ATTENTION
Google Update Helper (Version: 1.3.25.0 - Google Inc.) Hidden
HQPro-2 (HKLM\...\HQPro-2) (Version: 1.34.6.10 - HQ-1.9)
HQ-Video-Pro-1.9 (HKLM\...\HQ-Video-Pro-1.9) (Version: 1.34.5.12 - HQ-Video) <==== ATTENTION
Iminent (HKLM\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION
Iminent Toolbar on IE and Chrome (HKLM\...\iminent) (Version: 1.8.28.3 - IminentToolbar) <==== ATTENTION
Installer (HKLM\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
IZArc 4.1.7 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Launch Manager V1.3.6 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.3.6 - Wistron Corp.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
PlusHD-V1.3 (HKLM\...\PlusHD-V1.3) (Version: 1.34.6.10 - PlusHDv)
RegClean Pro (HKLM\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Skins (Version: 2008.0923.2139.36956 - ATI) Hidden
suprasavings (HKLM\...\suprasavings) (Version: 2.0.1 - suprasavings) <==== ATTENTION
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
System Speedup (HKLM\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
T-Online 6.0 (HKLM\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
ViewPassword (HKLM\...\01369DB5-931E-AE8D-EA2E-A5A86012D6EF) (Version: - ViewPassword-software) <==== ATTENTION
Wajam (HKLM\...\Wajam) (Version: 2.8 (i2.1) - Wajam) <==== ATTENTION
World of Warcraft FREE Trial (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
==================== Restore Points =========================
27-06-2014 15:02:48 Windows Update
27-06-2014 16:11:56 Wiederherstellungsvorgang
03-07-2014 14:32:22 Windows Update
07-07-2014 17:47:41 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {023D4639-2EC5-4A1E-89E5-1E8D535B4FD1} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-06-16] (globalUpdate) <==== ATTENTION
Task: {03204FC1-2868-4B68-B813-173CACDBE594} - System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-3 => C:\Program Files\PlusHD-V1.3\d9932779-fd2b-48c3-a3ee-422f31438658-3.exe [2014-06-16] (PlusHDv)
Task: {2E293B19-E85A-402C-A30A-B4D010D7CE76} - System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-1 => C:\Program Files\HQPro-2\HQPro-2-codedownloader.exe [2014-06-16] (HQ-1.9)
Task: {2EDD7980-04A1-448E-9F10-FF7B50CFBA7C} - System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-11 => C:\Program Files\PlusHD-V1.3\d9932779-fd2b-48c3-a3ee-422f31438658-11.exe [2014-06-16] (PlusHDv)
Task: {3AB1F2CD-F795-4C57-8859-5F26B6030D88} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION
Task: {3D9F02CF-A795-47FC-B09F-2710DD51CF79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {4DBA2AD4-F910-456A-89AB-D7737A081DCD} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe [2014-03-14] (MyPCBackup.com) <==== ATTENTION
Task: {50A5E8AC-5950-4126-B944-2E64F397F59D} - System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl => C:\Users\Hans\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\minibarchrome.exe [2014-04-25] (Sien SA)
Task: {52D03AAD-3820-4A21-BC39-7279F7845DBA} - System32\Tasks\System Speedup => C:\Program Files\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {567E4721-DF16-4DF0-B11A-0F309990EAC5} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION
Task: {56A6EDBD-DFFB-4303-B6D4-07449852C349} - System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-4 => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-4.exe [2014-06-16] (HQ-1.9)
Task: {5ABDD119-0A1A-4D1F-A0AF-6D78C56578C2} - System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-4 => C:\Program Files\PlusHD-V1.3\d9932779-fd2b-48c3-a3ee-422f31438658-4.exe [2014-06-16] (PlusHDv)
Task: {671C5022-2916-4B1E-AB08-4918494FA461} - System32\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-4 => C:\Program Files\HQ-Video-Pro-1.9\6502893c-981f-40c9-acb5-39f9a7cc5219-4.exe [2014-05-24] (HQ-Video)
Task: {894158A3-E5F0-4B21-9B54-7C4005A9C830} - System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-5 => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-5.exe [2014-06-16] (HQ-1.9)
Task: {8E5D45FB-26D2-43BE-86F4-B235FB1FA77C} - System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-1 => C:\Program Files\PlusHD-V1.3\PlusHD-V1.3-codedownloader.exe
Task: {9CD2E563-CE8D-4FDC-A1C2-A248CC1CAFDA} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {9DFAE211-8B9D-4D0A-9C0A-3B52755F845A} - System32\Tasks\ViewPassword Update => C:\Program Files\ViewPassword-soft\ViewPasswordG04.exe [2014-05-24] () <==== ATTENTION
Task: {C08FE527-2D4A-4F41-867F-A8ECF763DB44} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-06-16] (globalUpdate) <==== ATTENTION
Task: {C873ED42-8FB2-4AC7-A344-970FF15FB9A3} - System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-11 => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-11.exe [2014-06-16] (HQ-1.9)
Task: {D0A67FAA-68D4-4C2D-BEFB-193BFCE78C40} - System32\Tasks\System Speedup_UPDATES => C:\Program Files\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {D0B3A0B8-CF5F-47A4-9AC5-98E3A17E2B20} - System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-5 => C:\Program Files\PlusHD-V1.3\d9932779-fd2b-48c3-a3ee-422f31438658-5.exe [2014-06-16] (PlusHDv)
Task: {D1BEF0DF-0D63-4FE5-BE50-CDB4E61DF6C0} - System32\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-3 => C:\Program Files\HQ-Video-Pro-1.9\6502893c-981f-40c9-acb5-39f9a7cc5219-3.exe [2014-05-24] (HQ-Video)
Task: {DF862B71-6349-48DC-B5BB-4230278ABF43} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION
Task: {F1652F70-78AD-4CAD-A3F1-27274759842C} - System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-2 => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-2.exe [2014-06-16] (HQ-1.9)
Task: {F6540D4A-35F6-4CF1-A74C-9BF82C1CC5A3} - System32\Tasks\Advanced System Protector_startup => C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe [2014-02-28] (Systweak) <==== ATTENTION
Task: {FAF1E9BD-AD77-4442-82D9-E0B58622115A} - System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-3 => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-3.exe [2014-06-16] (HQ-1.9)
Task: C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-1.job => C:\Program Files\HQPro-2\HQPro-2-codedownloader.exe
Task: C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-11.job => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-11.exe
Task: C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-2.job => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-2.exe
Task: C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-3.job => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-3.exe
Task: C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-4.job => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-4.exe
Task: C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-5.job => C:\Program Files\HQPro-2\0af1690f-ea6f-496a-8387-add4b070e8a9-5.exe
Task: C:\Windows\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-3.job => C:\Program Files\HQ-Video-Pro-1.9\6502893c-981f-40c9-acb5-39f9a7cc5219-3.exe
Task: C:\Windows\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-4.job => C:\Program Files\HQ-Video-Pro-1.9\6502893c-981f-40c9-acb5-39f9a7cc5219-4.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-1.job => C:\Program Files\PlusHD-V1.3\PlusHD-V1.3-codedownloader.exe
Task: C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-11.job => C:\Program Files\PlusHD-V1.3\d9932779-fd2b-48c3-a3ee-422f31438658-11.exe
Task: C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-3.job => C:\Program Files\PlusHD-V1.3\d9932779-fd2b-48c3-a3ee-422f31438658-3.exe
Task: C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-4.job => C:\Program Files\PlusHD-V1.3\d9932779-fd2b-48c3-a3ee-422f31438658-4.exe
Task: C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-5.job => C:\Program Files\PlusHD-V1.3\d9932779-fd2b-48c3-a3ee-422f31438658-5.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\ViewPassword Update.job => C:\Program Files\ViewPassword-soft\ViewPasswordG04.exe
==================== Loaded Modules (whitelisted) =============
2014-06-25 19:58 - 2014-06-25 19:58 - 00151040 _____ () C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62\SupraSavingsService.exe
2014-06-12 21:05 - 2014-06-12 21:05 - 00102400 _____ () C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62\nfapi.dll
2014-06-12 21:05 - 2014-06-12 21:05 - 00323584 _____ () C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62\ProtocolFilters.dll
2014-04-25 17:07 - 2014-04-25 17:07 - 00541696 _____ () C:\Program Files\003\xmkysecqun32.exe
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2014-03-14 16:00 - 2014-03-14 16:00 - 00904704 _____ () C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
2014-04-18 00:37 - 2012-07-20 14:42 - 00652800 _____ () C:\Program Files\IZArc\IZArcCM.dll
2014-04-18 00:15 - 2005-07-25 13:36 - 00032768 _____ () C:\Program Files\Launch Manager\LaunchAp.exe
2014-04-18 00:15 - 2006-11-09 14:37 - 00086016 _____ () C:\Program Files\Launch Manager\WButton.exe
2014-07-03 17:18 - 2014-07-03 17:18 - 03121152 _____ () C:\Users\Hans\AppData\Local\prtvfh.exe
2014-04-18 00:41 - 2014-04-18 00:41 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2008-06-23 13:58 - 2008-06-23 13:58 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-04-18 00:06 - 2014-07-09 12:03 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-07-09 11:38 - 2014-07-09 11:38 - 17029808 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: SProtection => 2
MSCONFIG\Services: SupraSavingsService => 2
MSCONFIG\Services: xmkysecqun32 => 2
MSCONFIG\startupfolder: C:^Users^Hans^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Hans^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^prtvfh.lnk => C:\Windows\pss\prtvfh.lnk.Startup
MSCONFIG\startupreg: prtvfh => "c:\users\hans\appdata\local\prtvfh.exe" /r
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/09/2014 00:28:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {489ec4cf-9069-426e-a97b-d923125e21ad}
Error: (07/09/2014 11:51:33 AM) (Source: globalUpdate Update) (EventID: 1) (User: NT-AUTORITÄT)
Description: globalUpdate Update has encountered a fatal error.
ver=1.3.25.0.private;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files\globalUpdate\CrashReports\c9385b7b-475e-464b-9405-2a23deb79f08.dmp
Error: (07/09/2014 11:35:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1064
Startzeit: 01cf9b5767ab3521
Endzeit: 0
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (07/09/2014 11:35:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1124
Startzeit: 01cf9b5765a83931
Endzeit: 3726
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (07/09/2014 11:20:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: da8
Startzeit: 01cf9b55c229319e
Endzeit: 0
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (07/09/2014 11:19:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: 2rs3.dll, Version: 0.0.0.0, Zeitstempel: 0x532c6f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000148c
ID des fehlerhaften Prozesses: 0x84c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (07/09/2014 10:58:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2014 07:44:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2014 04:41:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17041, Zeitstempel: 0x531807e4
Name des fehlerhaften Moduls: 2rs3.dll, Version: 0.0.0.0, Zeitstempel: 0x532c6f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000148c
ID des fehlerhaften Prozesses: 0x15d8
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (07/03/2014 04:31:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/09/2014 01:36:50 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:50 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:50 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:50 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/09/2014 01:36:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 85%
Total physical RAM: 1022.49 MB
Available physical RAM: 147.34 MB
Total Pagefile: 2172.19 MB
Available Pagefile: 824.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.96 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:47.28 GB) (Free:29.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:45.85 GB) (Free:30.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 93 GB) (Disk ID: A28BA28B)
Partition 1: (Active) - (Size=47 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=46 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=24 MB) - (Type=12)
==================== End Of Log ============================
Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 09/07/2014 um 14:44:26
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Hans - HANS-MEDION
# Gestartet von : D:\Eigene Dateien\Desktop\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
Dienst Gelöscht : xmkysecqun32
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Program Files\globalUpdate
Ordner Gelöscht : C:\Program Files\IminentToolbar
Ordner Gelöscht : C:\Program Files\MyPC Backup
Ordner Gelöscht : C:\Program Files\System Speedup
Ordner Gelöscht : C:\Users\Hans\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Hans\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Hans\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Hans\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Hans\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\Hans\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gelöscht : C:\Users\Hans\AppData\Roaming\System Speedup
Ordner Gelöscht : C:\Users\Hans\AppData\Roaming\Systweak
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\system32\roboot.exe
Datei Gelöscht : C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\udgpk67t.default\invalidprefs.js
Datei Gelöscht : C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\udgpk67t.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector_startup
Datei Gelöscht : C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Datei Gelöscht : C:\Windows\System32\Tasks\LaunchApp
Datei Gelöscht : C:\Windows\Tasks\System Speedup_DEFAULT.job
Datei Gelöscht : C:\Windows\System32\Tasks\System Speedup_DEFAULT
Datei Gelöscht : C:\Windows\Tasks\System Speedup_UPDATES.job
Datei Gelöscht : C:\Windows\System32\Tasks\System Speedup_UPDATES
Datei Gelöscht : C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-1.job
Datei Gelöscht : C:\Windows\System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-1
Datei Gelöscht : C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-11.job
Datei Gelöscht : C:\Windows\System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-11
Datei Gelöscht : C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-2.job
Datei Gelöscht : C:\Windows\System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-2
Datei Gelöscht : C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-3.job
Datei Gelöscht : C:\Windows\System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-3
Datei Gelöscht : C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-4.job
Datei Gelöscht : C:\Windows\System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-4
Datei Gelöscht : C:\Windows\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-5.job
Datei Gelöscht : C:\Windows\System32\Tasks\0af1690f-ea6f-496a-8387-add4b070e8a9-5
Datei Gelöscht : C:\Windows\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-3.job
Datei Gelöscht : C:\Windows\System32\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-3
Datei Gelöscht : C:\Windows\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-4.job
Datei Gelöscht : C:\Windows\System32\Tasks\6502893c-981f-40c9-acb5-39f9a7cc5219-4
Datei Gelöscht : C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-1.job
Datei Gelöscht : C:\Windows\System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-1
Datei Gelöscht : C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-11.job
Datei Gelöscht : C:\Windows\System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-11
Datei Gelöscht : C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-3.job
Datei Gelöscht : C:\Windows\System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-3
Datei Gelöscht : C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-4.job
Datei Gelöscht : C:\Windows\System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-4
Datei Gelöscht : C:\Windows\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-5.job
Datei Gelöscht : C:\Windows\System32\Tasks\d9932779-fd2b-48c3-a3ee-422f31438658-5
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6540D4A-35F6-4CF1-A74C-9BF82C1CC5A3}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6540D4A-35F6-4CF1-A74C-9BF82C1CC5A3}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{50A5E8AC-5950-4126-B944-2E64F397F59D}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50A5E8AC-5950-4126-B944-2E64F397F59D}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{023D4639-2EC5-4A1E-89E5-1E8D535B4FD1}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{023D4639-2EC5-4A1E-89E5-1E8D535B4FD1}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C08FE527-2D4A-4F41-867F-A8ECF763DB44}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C08FE527-2D4A-4F41-867F-A8ECF763DB44}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DBA2AD4-F910-456A-89AB-D7737A081DCD}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DBA2AD4-F910-456A-89AB-D7737A081DCD}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CD2E563-CE8D-4FDC-A1C2-A248CC1CAFDA}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CD2E563-CE8D-4FDC-A1C2-A248CC1CAFDA}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0A67FAA-68D4-4C2D-BEFB-193BFCE78C40}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0A67FAA-68D4-4C2D-BEFB-193BFCE78C40}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E293B19-E85A-402C-A30A-B4D010D7CE76}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E293B19-E85A-402C-A30A-B4D010D7CE76}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C873ED42-8FB2-4AC7-A344-970FF15FB9A3}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C873ED42-8FB2-4AC7-A344-970FF15FB9A3}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1652F70-78AD-4CAD-A3F1-27274759842C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1652F70-78AD-4CAD-A3F1-27274759842C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FAF1E9BD-AD77-4442-82D9-E0B58622115A}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAF1E9BD-AD77-4442-82D9-E0B58622115A}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56A6EDBD-DFFB-4303-B6D4-07449852C349}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56A6EDBD-DFFB-4303-B6D4-07449852C349}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{894158A3-E5F0-4B21-9B54-7C4005A9C830}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{894158A3-E5F0-4B21-9B54-7C4005A9C830}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1BEF0DF-0D63-4FE5-BE50-CDB4E61DF6C0}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1BEF0DF-0D63-4FE5-BE50-CDB4E61DF6C0}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{671C5022-2916-4B1E-AB08-4918494FA461}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{671C5022-2916-4B1E-AB08-4918494FA461}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E5D45FB-26D2-43BE-86F4-B235FB1FA77C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EDD7980-04A1-448E-9F10-FF7B50CFBA7C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E5D45FB-26D2-43BE-86F4-B235FB1FA77C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2EDD7980-04A1-448E-9F10-FF7B50CFBA7C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03204FC1-2868-4B68-B813-173CACDBE594}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03204FC1-2868-4B68-B813-173CACDBE594}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5ABDD119-0A1A-4D1F-A0AF-6D78C56578C2}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ABDD119-0A1A-4D1F-A0AF-6D78C56578C2}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0B3A0B8-CF5F-47A4-9AC5-98E3A17E2B20}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0B3A0B8-CF5F-47A4-9AC5-98E3A17E2B20}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\System Speedup
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Supra Savings
Schlüssel Gelöscht : HKLM\Software\coupon downloader
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\Software\Supra Savings
Schlüssel Gelöscht : HKLM\Software\System Speedup
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Speedup_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\udgpk67t.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14711f3628569a5921df02018c84124a");
Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "4ca051760000000000000015001e82ed");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16185");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.28.317:06:06");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Zeile gelöscht : user_pref("iminent.adapters", "{\"start.iminent.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"139850541[...]
Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.iminentjs.info/imitin/javascript.js\",\"queryS[...]
*************************
AdwCleaner[R0].txt - [15318 octets] - [09/07/2014 14:42:12]
AdwCleaner[S0].txt - [15002 octets] - [09/07/2014 14:44:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15063 octets] ##########
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5f98e6cbaca9b544b956dcdb5a367a55
# engine=19097
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-09 03:29:54
# local_time=2014-07-09 05:29:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 7145164 27903788 0 0
# scanned=74154
# found=7
# cleaned=0
# scan_time=3992
sh=321FFA63BC10C82EBF9D52BBC8DFAD1635A7D88D ft=1 fh=6345b32e772ed437 vn="Win32/AdWare.Adpeak.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\003\xmkysecqun32.exe.vir"
sh=75F4A06A0290B613622C7E10E3B05EE0525C1481 ft=1 fh=e7b99738d4ab1513 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\System Speedup\systweakasp.exe.vir"
sh=A82F9DCDA373E9425CAA52537063C75CCAF0C70A ft=1 fh=dddc88b1613347fc vn="Variante von Win32/FirseriaInstaller.J evtl. unerwünschte Anwendung" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-4021299306-2350630999-2698318419-1000\$RT3K9K0.exe"
sh=D12F2B7B95F3EB52E57E5E034F4315F4716670FF ft=1 fh=fa0e3acfd523f7f9 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="D:\Eigene Dateien\Desktop\ccsetup415.exe"
sh=CE43AAEFE5B9BCF0F473564AD1166917DE5302F4 ft=1 fh=a75bd147ccbd3f31 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="D:\Eigene Dateien\Downloads\IZArcSetup.exe"
sh=098F4066A40AF797BDA246C728AAAEF43F89EA9A ft=1 fh=5778f3e6909b2610 vn="Variante von Win32/SoftPulse.B evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Dateien\Downloads\Setup.exe"
sh=37381F388BAE1EDBAC14E32FF3277F224AF74188 ft=1 fh=bc860133a238d9e1 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="D:\RECYCLER\S-1-5-21-1530681414-4089734834-1868193609-1006\Dd2\avira_free_antivirus_de.exe"
Fortsetzung: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 09.07.2014 Suchlauf-Zeit: 15:09:50 Logdatei: Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.09.03 Rootkit Datenbank: v2014.07.07.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Hans Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 246903 Verstrichene Zeit: 17 Min, 20 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 7 PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [7f37e6b67cffd85ec084c88838cab947], PUP.Optional.SupraSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SupraSavingsService, In Quarantäne, [7c3aff9d5328e1556c1cac6631d3f808], PUP.Optional.CouponDownloader.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Coupon Downloader, In Quarantäne, [5e58c3d987f49a9cb75c2a9c6b979c64], PUP.Optional.HQPro.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQPro-2, In Quarantäne, [348235674c2f82b44083f3ca3ac81ae6], PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [c1f5b1eb493241f58be5a02d51b18d73], PUP.Optional.HQPro.A, HKU\S-1-5-21-4021299306-2350630999-2698318419-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQPro-2, In Quarantäne, [ddd9b5e7ccaf54e29f24eecf857db14f], PUP.Optional.SuperFish.A, HKU\S-1-5-21-4021299306-2350630999-2698318419-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, In Quarantäne, [d9dd722a45369e98e58f17a1a65c55ab], Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 2 PUP.Optional.AdPeak.A, C:\temp, In Quarantäne, [fdb97626abd0999d16d959649e64d22e], PUP.Optional.HQPro.A, C:\Program Files\HQPro-2, In Quarantäne, [e0d6603c93e81b1bba53dad6b64c43bd], Dateien: 37 PUP.Optional.HQPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$R582F72.exe, In Quarantäne, [981e4359fc7fe84e7261bad04db4c33d], PUP.Optional.HQPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$R13BB7B.exe, In Quarantäne, [5f574b513b40d3630bc834561fe204fc], PUP.Optional.HQPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$RNLHD5T.exe, In Quarantäne, [0da90f8d7ffc5dd909caf7937b8657a9], PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$RO3OG9T.exe, In Quarantäne, [9125d5c7a0dbe5511e0db78937c9926e], PUP.Optional.HQPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$RPIP9HA.exe, In Quarantäne, [c3f35943ceadc3731cb7e9a1ea178878], PUP.Optional.HQPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$RSMWYSZ.dll, In Quarantäne, [f5c1ecb07ffcf4422ea5ff8bc73acb35], PUP.Optional.HQPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$RV63YYC.exe, In Quarantäne, [6056148886f5f145e4efd6b4be439b65], PUP.Optional.HQPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$RX1YVWJ.exe, In Quarantäne, [e8cee1bb3546270f9e3592f8b54cc33d], PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$R1R4WZM.3\utils.exe, In Quarantäne, [4076f8a4e596c27450aaeb54ba46cb35], PUP.Optional.HQVideoPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$ROGBN4U.9\6502893c-981f-40c9-acb5-39f9a7cc5219-3.exe, In Quarantäne, [e0d6237996e51e187a260f5938c930d0], PUP.Optional.HQVideoPro.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$ROGBN4U.9\6502893c-981f-40c9-acb5-39f9a7cc5219-4.exe, In Quarantäne, [3a7c86165c1fa492d1cf68000df447b9], PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4021299306-2350630999-2698318419-1000\$ROGBN4U.9\utils.exe, In Quarantäne, [ab0b306cfd7e4beba18ab58bea16d62a], PUP.Optional.AdPeak.A, C:\temp\InstallFilter32.msi, In Quarantäne, [892dbfdde7941a1c7615c677a25e916f], PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [5c5ae9b3c2b902340ba0fc83f90b817f], PUP.Optional.Conduit.A, C:\Users\Hans\AppData\Local\Temp\spidentifierimpl.exe, In Quarantäne, [179f920aabd0f640b083a5e5e31e4eb2], PUP.Optional.SearchProtect.A, C:\Users\Hans\AppData\Local\Temp\spstub.exe, In Quarantäne, [83333d5fa9d286b0ddd75631b74a43bd], PUP.Optional.Conduit.A, C:\Users\Hans\AppData\Local\Temp\dlLogic.exe, In Quarantäne, [b402eeae265565d1ccff75cdcb3525db], PUP.Optional.RegCleanerPro, C:\Users\Hans\AppData\Local\Temp\RegClean6.exe, In Quarantäne, [5c5a861693e8ad89732d48c923de9c64], PUP.Optional.ScramblePacker.A, C:\Users\Hans\AppData\Local\Temp\n105\HQVideo-DEInstaller.exe, In Quarantäne, [9224d1cb0b703600dd96aee0ae53926e], PUP.Optional.ScramblePacker.A, C:\Users\Hans\AppData\Local\Temp\n105\PlusHD-DEInstaller.exe, In Quarantäne, [b4024656cdaeab8bb6bd642ac33ef50b], PUP.Optional.BundleInstaller.A, C:\Users\Hans\AppData\Local\Temp\n105\s105.exe, In Quarantäne, [91258c10285372c47d6fc9787d832bd5], PUP.Optional.Wajam.A, C:\Users\Hans\AppData\Local\Temp\n105\wajam_2207-6c14163c.exe, In Quarantäne, [4d69514b651637ff33d41b2ccc34768a], PUP.Optional.Iminent.A, C:\Users\Hans\AppData\Local\Temp\n169\Iminent_1712-b2fcad5e.exe, In Quarantäne, [efc7831902791e186e4aef5b4fb232ce], PUP.Optional.BundleInstaller.A, C:\Users\Hans\AppData\Local\Temp\n169\s169.exe, In Quarantäne, [2f87f5a75427ce686c806dd4926edd23], Trojan.Agent.Gen, C:\Users\Hans\AppData\Local\Temp\n169\saveclicker_2204-148267c0.exe, In Quarantäne, [7343ddbf0d6ef14561c04a3e13ee53ad], PUP.Optional.SupraSavings.A, C:\Users\Hans\AppData\Local\Temp\n169\suprasavings_2703-e3e04064.exe, In Quarantäne, [ebcbd6c6691281b583a77cc8b151a55b], PUP.Optional.ScramblePacker.A, C:\Users\Hans\AppData\Local\Temp\n177\HQVideo-DEInstaller.exe, In Quarantäne, [11a5ddbf641750e6254e444a40c1f808], PUP.Optional.ScramblePacker.A, C:\Users\Hans\AppData\Local\Temp\n177\PlusHD-DEInstaller.exe, In Quarantäne, [8531b3e9c2b986b08be8fd9134cdff01], PUP.Optional.BundleInstaller.A, C:\Users\Hans\AppData\Local\Temp\n177\s177.exe, In Quarantäne, [fbbbe9b3eb9066d0d01cba87f10f01ff], PUP.Optional.Wajam.A, C:\Users\Hans\AppData\Local\Temp\n177\wajam_2207-6c14163c.exe, In Quarantäne, [cde97329a7d469cd9473ba8d0cf45da3], PUP.Optional.ScramblePacker.A, C:\Users\Hans\AppData\Local\Temp\n1777\hqvideo_2305_DE-ae66e49a.exe, In Quarantäne, [2b8bb1eb1566e94dd79cace255ac0000], PUP.Optional.BundleInstaller.A, C:\Users\Hans\AppData\Local\Temp\n1777\s1777.exe, In Quarantäne, [0ea8653783f8cd69cb218ab7f8082ad6], PUP.Optional.SearchProtect.A, C:\Users\Hans\AppData\Local\Temp\n1777\searchprotect_1905-cf354e70.exe, In Quarantäne, [ac0a18840c6f48ee872da7e03dc4a957], PUP.Optional.SupraSavings, C:\Windows\Temp\19A6D51C-2D35-44DB-B412-0B01BF8D2D62n.exe, In Quarantäne, [6c4ad5c7b2c9e84e7feb92fbe71d55ab], PUP.Optional.AdPeak.A, C:\temp\lsp2.log, In Quarantäne, [fdb97626abd0999d16d959649e64d22e], PUP.Optional.AdPeak.A, C:\temp\t.txt, In Quarantäne, [fdb97626abd0999d16d959649e64d22e], PUP.Optional.SupraSavings.A, C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62\SupraSavingsService.exe, In Quarantäne, [7c3aff9d5328e1556c1cac6631d3f808], Physische Sektoren: 0 (No malicious items detected) (end) FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-07-2014
Ran by Hans (administrator) on HANS-MEDION on 09-07-2014 18:12:52
Running from D:\Eigene Dateien\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AGRSMMSG] => C:\Windows\AGRSMMSG.exe [88203 2005-08-24] (Agere Systems)
HKLM\...\Run: [LaunchAp] => C:\Program Files\Launch Manager\LaunchAp.exe [32768 2005-07-25] ()
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2006-12-14] (Wistron)
HKLM\...\Run: [CtrlVol] => "C:\Program Files\Launch Manager\CtrlVol.exe"
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [86016 2006-11-09] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-4021299306-2350630999-2698318419-1000\...\MountPoints2: {129610de-c67e-11e3-b5b0-000ae4adec73} - F:\SETUP.EXE
HKU\S-1-5-21-4021299306-2350630999-2698318419-1000\...\MountPoints2: {71b9afaf-c672-11e3-864f-0010c68131f6} - G:\SETUP.EXE
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE2A486E3885ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\udgpk67t.default
FF SelectedSearchEngine: StartWeb
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\udgpk67t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-18]
========================== Services (Whitelisted) =================
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.) [File not signed]
==================== Drivers (Whitelisted) ====================
S3 ATSWPDRV; C:\Windows\System32\Drivers\ATSwpDrv.sys [107890 2005-01-07] (AuthenTec, Inc.)
S3 BazisPortableCDBus; C:\Windows\System32\drivers\BazisPortableCDBus.sys [152576 2014-04-18] (SysProgs.org) [File not signed]
R1 Hotkey; C:\Windows\system32\Drivers\Hotkey.sys [9867 2003-04-28] () [File not signed]
S3 iaStorA; C:\Windows\system32\drivers\iaStorA.sys [489968 2013-07-02] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24048 2013-07-02] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [583664 2013-07-02] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 netfilter; C:\Windows\System32\drivers\netfilter.sys [31744 2014-07-08] (NetFilterSDK.com) [File not signed]
R3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2595840 2007-03-07] (Intel® Corporation)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S1 mailKmd; No ImagePath
S1 MpKsld654fe0b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C21B1C9F-4324-4E86-BCE0-317DF2EEE7DD}\MpKsld654fe0b.sys [X]
S1 netfilter2; system32\drivers\netfilter2.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-09 18:01 - 2014-07-09 18:01 - 00000980 _____ () C:\Users\Public\Desktop\WinMerge.lnk
2014-07-09 18:00 - 2014-07-09 18:01 - 00000000 ____D () C:\Program Files\WinMerge
2014-07-09 16:15 - 2014-07-09 16:15 - 00000000 ____D () C:\Program Files\ESET
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\Windows\ERUNT
2014-07-09 15:08 - 2014-07-09 15:09 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-09 15:08 - 2014-07-09 15:08 - 00001070 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-09 15:07 - 2014-07-09 15:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-07-09 15:07 - 2014-07-09 15:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-09 15:07 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-09 15:07 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-09 15:07 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-09 14:42 - 2014-07-09 14:44 - 00000000 ____D () C:\AdwCleaner
2014-07-09 13:57 - 2014-07-09 13:57 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-09 13:37 - 2014-07-09 18:13 - 00000000 ____D () C:\FRST
2014-07-09 12:25 - 2014-07-09 12:25 - 00001087 _____ () C:\Users\Public\Desktop\DriveImage XML.lnk
2014-07-09 12:25 - 2014-07-09 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2014-07-09 12:25 - 2014-07-09 12:25 - 00000000 ____D () C:\Program Files\Runtime Software
2014-07-09 11:47 - 2014-07-09 11:47 - 00000000 ____D () C:\Windows\pss
2014-07-08 20:34 - 2014-07-08 20:34 - 00031744 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter.sys
2014-07-03 17:11 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-03 17:11 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-03 17:11 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-03 17:10 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-03 17:10 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-03 17:10 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-03 17:10 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-03 17:10 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-03 17:10 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-03 17:10 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-03 17:10 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-03 17:10 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-03 17:09 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-03 17:09 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-03 17:09 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-03 17:09 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-03 17:09 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-03 17:09 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-03 17:09 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-03 17:09 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-03 17:09 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-03 17:09 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-03 17:08 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-03 17:08 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-03 17:08 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-03 17:08 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-03 17:08 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-03 17:08 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-03 17:07 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-03 17:07 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-03 17:07 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-27 18:26 - 2014-06-27 18:26 - 00000000 ____D () C:\ProgramData\ATI
2014-06-27 18:25 - 2014-07-09 15:32 - 00000000 ____D () C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-06-16 17:48 - 2014-07-03 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-16 17:47 - 2014-07-07 19:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-16 17:30 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-16 17:30 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-16 17:30 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-16 17:26 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-16 17:26 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-16 17:25 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 15:24 - 2014-05-08 11:06 - 02742784 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 15:24 - 2014-05-08 11:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 15:18 - 2014-07-09 12:34 - 00000000 ____D () C:\Users\Hans\AppData\Local\Microsoft Games
2014-06-11 18:02 - 2014-06-11 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
==================== One Month Modified Files and Folders =======
2014-07-09 18:13 - 2014-07-09 13:37 - 00000000 ____D () C:\FRST
2014-07-09 18:06 - 2014-04-17 22:49 - 02003532 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 18:01 - 2014-07-09 18:01 - 00000980 _____ () C:\Users\Public\Desktop\WinMerge.lnk
2014-07-09 18:01 - 2014-07-09 18:00 - 00000000 ____D () C:\Program Files\WinMerge
2014-07-09 17:35 - 2014-04-18 16:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-09 16:15 - 2014-07-09 16:15 - 00000000 ____D () C:\Program Files\ESET
2014-07-09 15:42 - 2009-07-14 06:34 - 00022496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 15:42 - 2009-07-14 06:34 - 00022496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\Windows\ERUNT
2014-07-09 15:34 - 2010-11-20 23:48 - 00034044 _____ () C:\Windows\PFRO.log
2014-07-09 15:34 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 15:34 - 2009-07-14 06:39 - 00027631 _____ () C:\Windows\setupact.log
2014-07-09 15:32 - 2014-06-27 18:25 - 00000000 ____D () C:\Program Files\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-07-09 15:09 - 2014-07-09 15:08 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-09 15:08 - 2014-07-09 15:08 - 00001070 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-09 15:08 - 2014-07-09 15:07 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-07-09 15:07 - 2014-07-09 15:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-09 14:45 - 2014-04-18 00:06 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-09 14:45 - 2014-04-18 00:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-09 14:44 - 2014-07-09 14:42 - 00000000 ____D () C:\AdwCleaner
2014-07-09 13:57 - 2014-07-09 13:57 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-09 12:34 - 2014-06-12 15:18 - 00000000 ____D () C:\Users\Hans\AppData\Local\Microsoft Games
2014-07-09 12:25 - 2014-07-09 12:25 - 00001087 _____ () C:\Users\Public\Desktop\DriveImage XML.lnk
2014-07-09 12:25 - 2014-07-09 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2014-07-09 12:25 - 2014-07-09 12:25 - 00000000 ____D () C:\Program Files\Runtime Software
2014-07-09 12:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-09 11:47 - 2014-07-09 11:47 - 00000000 ____D () C:\Windows\pss
2014-07-09 11:38 - 2014-04-18 16:16 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 11:38 - 2014-04-18 16:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 11:10 - 2010-11-20 23:01 - 01628312 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-08 20:34 - 2014-07-08 20:34 - 00031744 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter.sys
2014-07-07 20:00 - 2014-05-16 16:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-07 19:42 - 2014-06-16 17:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-03 16:48 - 2014-04-17 23:43 - 00000000 ____D () C:\Users\Hans\AppData\Local\Microsoft Help
2014-07-03 16:43 - 2014-06-16 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-27 18:26 - 2014-06-27 18:26 - 00000000 ____D () C:\ProgramData\ATI
2014-06-27 18:24 - 2014-04-17 22:56 - 00000000 ____D () C:\Users\Hans
2014-06-27 18:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-06-27 18:22 - 2014-04-18 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-06-27 18:22 - 2014-04-18 00:39 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-27 18:22 - 2014-04-18 00:39 - 00000000 ____D () C:\Program Files\ATI
2014-06-27 18:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2014-06-27 18:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-27 18:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-06-20 11:23 - 2014-04-17 22:56 - 00000000 ____D () C:\Users\Hans\AppData\Local\VirtualStore
2014-06-16 18:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-16 17:02 - 2014-04-17 23:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-16 17:00 - 2014-04-18 00:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-16 16:57 - 2014-04-18 00:05 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 18:02 - 2014-06-11 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-06-11 18:02 - 2014-04-17 23:42 - 00000000 ____D () C:\Program Files\Microsoft Office
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-16 18:07
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-07-2014
Ran by Hans at 2014-07-09 18:14:43
Running from D:\Eigene Dateien\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{A7CEEA0B-19F6-1D77-972A-E0CFE6D8857E}) (Version: 3.0.694.0 - ATI Technologies, Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2008.0923.2139.36956 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0923.2139.36956 - ATI Technologies, Inc.) Hidden
CCC Help English (Version: 2008.0923.2138.36956 - ATI) Hidden
ccc-core-static (Version: 2008.0923.2139.36956 - Ihr Firmenname) Hidden
ccc-utility (Version: 2008.0923.2139.36956 - ATI) Hidden
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DriveImage XML (Private Edition) (HKLM\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Google Update Helper (Version: 1.3.25.0 - Google Inc.) Hidden
IZArc 4.1.7 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Launch Manager V1.3.6 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.3.6 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skins (Version: 2008.0923.2139.36956 - ATI) Hidden
T-Online 6.0 (HKLM\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
WinMerge 2.14.0 (HKLM\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
World of Warcraft FREE Trial (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
==================== Restore Points =========================
03-07-2014 14:32:22 Windows Update
07-07-2014 17:47:41 Windows Update
09-07-2014 12:02:11 Revo Uninstaller's restore point - Advanced System Protector
09-07-2014 12:07:48 Revo Uninstaller's restore point - Genesis
09-07-2014 12:10:09 Revo Uninstaller's restore point - HQ-Video-Pro-1.9
09-07-2014 12:15:16 Revo Uninstaller's restore point - HQPro-2
09-07-2014 12:19:11 Revo Uninstaller's restore point - Iminent
09-07-2014 12:22:10 Revo Uninstaller's restore point - Installer
09-07-2014 12:24:36 Revo Uninstaller's restore point - MyPC Backup
09-07-2014 12:26:49 Revo Uninstaller's restore point - RegClean Pro
09-07-2014 12:31:04 Revo Uninstaller's restore point - suprasavings
09-07-2014 12:33:17 Revo Uninstaller's restore point - ViewPassword
09-07-2014 12:35:28 Revo Uninstaller's restore point - Wajam
09-07-2014 12:38:26 Revo Uninstaller's restore point - PlusHD-V1.3
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {3D9F02CF-A795-47FC-B09F-2710DD51CF79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {52D03AAD-3820-4A21-BC39-7279F7845DBA} - System32\Tasks\System Speedup => C:\Program Files\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-04-18 00:37 - 2012-07-20 14:42 - 00652800 _____ () C:\Program Files\IZArc\IZArcCM.dll
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: SProtection => 2
MSCONFIG\Services: SupraSavingsService => 2
MSCONFIG\Services: xmkysecqun32 => 2
MSCONFIG\startupfolder: C:^Users^Hans^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Hans^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^prtvfh.lnk => C:\Windows\pss\prtvfh.lnk.Startup
MSCONFIG\startupreg: prtvfh => "c:\users\hans\appdata\local\prtvfh.exe" /r
==================== Faulty Device Manager Devices =============
Name: MpKsld654fe0b
Description: MpKsld654fe0b
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsld654fe0b
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 54%
Total physical RAM: 1022.49 MB
Available physical RAM: 465.12 MB
Total Pagefile: 2046.49 MB
Available Pagefile: 1157.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1930.09 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:47.28 GB) (Free:29.26 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:45.85 GB) (Free:30.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 93 GB) (Disk ID: A28BA28B)
Partition 1: (Active) - (Size=47 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=46 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=24 MB) - (Type=12)
==================== End Of Log ============================
|
|
09.07.2014, 18:18
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7 (32): Laptop kaum noch nutzbar; Iminent & Co. hi,
__________________sieht gut aus. Funde von ESET manuell löschen, Temps leeren, aber Rest sieht gut aus.
__________________ |
|
09.07.2014, 18:32
| #3 |
| | Win 7 (32): Laptop kaum noch nutzbar; Iminent & Co. Hallo Schrauber,
__________________das ging ja schnell - Danke. Reste werden gelöscht. Dann verabschiede ich mich auch schon wieder - bis zum nächsten Mal  Noch einen schönen Fußball-Abend ... Riddle |
|
10.07.2014, 14:53
| #4 |
| /// the machine /// TB-Ausbilder | Win 7 (32): Laptop kaum noch nutzbar; Iminent & Co. Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
