| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7: USB-Stick zeigt nur noch Verknüpfungen anWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.08.2014, 09:03
| #1 |
| |  Windows 7: USB-Stick zeigt nur noch Verknüpfungen an Hallo, ich versuche mein Problem zu schildern. Ich habe einige Dateien auf einen USB-Stick geladen und wollte am Copy-Shop etwas ausdrucken. Dies hat auch problemlos funktioniert. Danach habe ich den Stick wieder in meinen Laptop gesteckt und musste feststellen, dass alle Dateien (auch die Dateien, die schon ein paar Wochen zuvor darauf gespeichert wurden), eine Verknüpfung haben. Jedoch konnte ich die Dateien öffnen. Beim Öffenen erschien ganz kurz ein schwarzes Fenster mit: Microsoft <R< Windows Script Host, Version 5.8 Copyright <C> Microsoft Corporation 1996-2001. Alle Reche vorbehalten ). Ob das was zu bedeuten hat, weiß ich nicht. Vorher war dies auf jeden Fall nicht so. Da ich meine Bachelorarbeit (bin bald fertig) unbedingt noch auf einen anderen USB-Stick speichern wollte, habe ich dies heute morgen getan. Doch der Stick ist nun auch infiziert. Auch hier werden die Datein als Verknüpfung angezeigt. Ich habe beide Sticks danach komplett gelöscht und formatiert. Danach habe ich wieder eine Datei auf den Stick geladen, doch wieder wurde nur eine Verknüpfung angezeigt. Ich habe meine Bachelorarbeit und alle dazugehörigen Dateien jetzt in der Dropbox hochgeladen und in meinem googlemail-Konto gespeichert. (ich hoffe das war kein Fehler). Einen dritten USB-Stick werde ich natürlich nicht verwenden. Ich bin hier neu und habe sehr Ahnung von der Materie. Ich hoffe ich konnte das Problem genau genug schildern. Mein Antivirus hat überigens nichts gefunden. Allerdings hat das Wohnheim mir eine Mail geschickt, dass es einen Virus gibt. Die können diesen aber nicht identifizieren. Ich hoffe ihr könnt mir weiterhelfen. Beste Grüße Jonas |
|
26.08.2014, 09:28
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: USB-Stick zeigt nur noch Verknüpfungen an hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
26.08.2014, 10:05
| #3 |
| | Windows 7: USB-Stick zeigt nur noch Verknüpfungen an Sehr nett, dass du dich so schnell gemeldet hast. Ich habe jetzt die zwei Dokumente auf meinem Desktop (nach dem Scan). Habe auch auf den Hashtag geklickt, dann kam aber nur [Code]. Hab dann einfach den Inhalt da rein gepostet. Ist das so richtig?
__________________Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:26-08-2014
Ran by Jonas (administrator) on JONAS-PC on 26-08-2014 10:56:52
Running from C:\Users\Jonas\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(T-Systems International GmbH) C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe
() C:\Windows\System32\dmwu.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files\CyberLink\YouCam\YouCamTray.exe
(T-Systems International GmbH) C:\Program Files\T-Home\Dialerschutz-Software\Defender.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Spotify Ltd) C:\Users\Jonas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Smartbar) C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Dropbox, Inc.) C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
() C:\Windows\System32\mjcm\dnkt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8423968 2010-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [678432 2010-01-12] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM\...\Run: [LMgrVolOSD] => C:\Program Files\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM\...\Run: [LMgrOSD] => "C:\Program Files\Launch Manager\OSDCtrl.exe"
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [413696 2010-01-13] (Wistron Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [YouCam Mirror Tray icon] => C:\Program Files\CyberLink\YouCam\YouCamTray.exe [167008 2009-10-19] (CyberLink Corp.)
HKLM\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files\T-Home\Dialerschutz-Software\Defender.exe [1411720 2010-03-29] (T-Systems International GmbH)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DATAMNGR] => C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
HKLM\...\Run: [IR_SERVER] => C:\PROGRA~1\Realtek\REALTE~1\IR_SERVER.exe
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-06] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [rdaorjxlah] => wscript.exe //B "C:\Users\Jonas\AppData\Local\Temp\rdaorjxlah..vbs" <===== ATTENTION
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\Run: [Spotify Web Helper] => C:\Users\Jonas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-19] (Spotify Ltd)
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.exe [28952 2014-06-11] (Smartbar)
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\Run: [rdaorjxlah] => wscript.exe //B "C:\Users\Jonas\AppData\Local\Temp\rdaorjxlah..vbs" <===== ATTENTION
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\MountPoints2: {6fa3e201-dcad-11e2-a75a-001f163983d6} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\MountPoints2: {add8a670-5489-11e3-8b41-001f163983d6} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\MountPoints2: {e2a38e21-c1e5-11e0-9351-806e6f6e6963} - G:\LBA2.exe
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\MountPoints2: {fde47640-ae7d-11e3-ad5d-806e6f6e6963} - F:\SETUP.EXE -autorun
HKU\S-1-5-21-1356693128-270669771-2345369144-1001\...\MountPoints2: {fed3b98c-bee2-11e1-aa6d-001f163983d6} - F:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rdaorjxlah..vbs ()
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhRxXUP2d9n7GFTY3ffL2bcgA_zwILU2Ckng1P_jZiYgWg1TmFDbzz8afDjFyGflRstBUptItCFYQJ9h0Ze_4wAogTWHPbe8p5sTQ,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhdgx3Or7R1NqXkwgJcxGVxcduRXjNSj8ek9VJbjx0Z2JFktQQI3qhzkKGRq8PEz9fYPmfN6JN3hHmv9WXckEzuXAoBSBPGjNy-gw,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396447079&from=smt&uid=WDCXWD5000BEVT-00A0RT0_WD-WXH0AB9P5831P5831
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhRxXUP2d9n7GFTY3ffL2bcgA_zwILU2Ckng1P_jZiYgWg1TmFDbzz8afDjFyGflRstBUptItCFYQJ9h0Ze_4wAogTWHPbe8p5sTQ,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396447079&from=smt&uid=WDCXWD5000BEVT-00A0RT0_WD-WXH0AB9P5831P5831&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396447079&from=smt&uid=WDCXWD5000BEVT-00A0RT0_WD-WXH0AB9P5831P5831
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396447079&from=smt&uid=WDCXWD5000BEVT-00A0RT0_WD-WXH0AB9P5831P5831
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396447079&from=smt&uid=WDCXWD5000BEVT-00A0RT0_WD-WXH0AB9P5831P5831&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1396447079&from=smt&uid=WDCXWD5000BEVT-00A0RT0_WD-WXH0AB9P5831P5831
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhRxXUP2d9n7GFTY3ffL2bcgA_zwILU2Ckng1P_jZiYgWg1TmFDbzz8afDjFyGflRstBUptItCFYQJ9h0Ze_4wAogTWHPbe8p5sTQ,,&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhRxXUP2d9n7GFTY3ffL2bcgA_zwILU2Ckng1P_jZiYgWg1TmFDbzz8afDjFyGflRstBUptItCFYQJ9h0Ze_4wAogTWHPbe8p5sTQ,,&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhRxXUP2d9n7GFTY3ffL2bcgA_zwILU2Ckng1P_jZiYgWg1TmFDbzz8afDjFyGflRstBUptItCFYQJ9h0Ze_4wAogTWHPbe8p5sTQ,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhRxXUP2d9n7GFTY3ffL2bcgA_zwILU2Ckng1P_jZiYgWg1TmFDbzz8afDjFyGflRstBUptItCFYQJ9h0Ze_4wAogTWHPbe8p5sTQ,,&q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&crg=3.1010000&st=23&st=23
BHO: V-bates -> {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} -> C:\Program Files\V-bates\Extension32.dll ()
BHO: Wincore Mediabar -> {28387537-e3f9-4ed7-860c-11e69af4a8a0} -> C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll No File
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: IE5BarLauncherBHO Class -> {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} -> C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: DataMngr -> {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} -> C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL No File
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM - Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 172.16.1.1
FireFox:
========
FF ProfilePath: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default
FF NewTab: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhbkhkgUAJK6E0EQDl9iFP4q6eBPrV7-st9wLo5RJKcyMqwCe2CTqyKPWfKFW2ORqR7m15om5QeiXQysaVDcNMZX1ty91YVcpK3JQ,,
FF SearchEngineOrder.1: Search Results
FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-WQ8iSIaqlN2Fg87L1-w5x5GKPkPki4aomNOshPuSqvGjuV_No-xNkks50Rv3JOhdgx3Or7R1NqXkwgJcxGVxcduRXjNSj8ek9VJbjx0Z2JFktQQI3qhzkKGRq8PEz9fYPmfN6JN3hHmv9WXckEzuXAoBSBPGjNy-gw,,
FF Keyword.URL: hxxp://mysearch.sweetpacks.com?src=6&barid=&crg=3.1010000&st=23&st=23&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jonas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\searchplugins\Sweetpacks Search.xml
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\Extensions\abs@avira.com [2014-08-18]
FF Extension: No Name - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\Extensions\OneClickDownload@OneClickDownload.com [2014-03-02]
FF Extension: Wincore Mediabar - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\Extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} [2012-04-11]
FF Extension: OneClickDownloader - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\Extensions\OneClickDownload@OneClickDownload.com.xpi [2013-02-08]
FF Extension: Adblock Plus - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-23]
FF Extension: Adblock Edge - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012-10-06]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-10-05]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wxqja5c0.default\extensions\quick_start@gmail.com
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-04-02]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2014-03-16]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files\vShare.tv plugin\vshareplg.crx [2011-08-31]
CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader11.crx [2011-08-31]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 DFSVC; C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH) [File not signed]
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [2375984 2014-08-21] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [34072 2014-06-11] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2009-10-15] () [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1740600 2013-08-30] (TuneUp Software)
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [209408 2014-01-28] () [File not signed]
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-04-02] (Cherished Technololgy LIMITED) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2011-09-13] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-14] (Avira Operations GmbH & Co. KG)
R3 DFSYS; C:\Program Files\T-Home\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-18] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2011-09-13] ()
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [188520 2011-05-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32872 2011-05-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\System32\DRIVERS\RTL2832U_IRHID.sys [42728 2011-06-13] (Realtek)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-03-18] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-14] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
U3 alr9dvc9; C:\Windows\system32\Drivers\alr9dvc9.sys [0 ] (Intel Corporation)
U2 ccEvtMgr; No ImagePath
U2 ccSetMgr; No ImagePath
U3 navapsvc; No ImagePath
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
U3 SAVRT; No ImagePath
U1 SAVRTPEL; No ImagePath
U3 TlntSvr; No ImagePath
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
U2 wuaserv; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-26 10:56 - 2014-08-26 10:57 - 00029446 _____ () C:\Users\Jonas\Desktop\FRST.txt
2014-08-26 10:56 - 2014-08-26 10:57 - 00000000 ____D () C:\FRST
2014-08-26 10:55 - 2014-08-26 10:55 - 02103296 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2014-08-26 10:54 - 2014-08-26 10:54 - 01095168 _____ (Farbar) C:\Users\Jonas\Desktop\FRST.exe
2014-08-25 15:59 - 2014-08-25 15:59 - 00000000 ____D () C:\Users\Jonas\AppData\Local\SWDS
2014-08-22 23:06 - 2014-08-22 23:09 - 00369768 _____ () C:\Windows\Minidump\082214-55879-01.dmp
2014-08-19 08:51 - 2014-08-19 08:51 - 00000000 ____D () C:\Users\Jonas\Documents\2014-08-19 Stefan Versicherung
2014-08-14 12:38 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 12:38 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 12:38 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 12:38 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 12:31 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 12:31 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 12:31 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 12:31 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 12:31 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 12:31 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 12:31 - 2014-07-25 14:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 12:31 - 2014-07-25 13:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 12:31 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 12:31 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 12:31 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 12:31 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 12:31 - 2014-07-25 13:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 12:31 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 12:31 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 12:31 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 12:31 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 12:31 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-14 12:31 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 12:30 - 2014-08-07 03:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 12:30 - 2014-08-07 03:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 12:30 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 12:30 - 2014-07-25 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 12:30 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 12:30 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 12:30 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 12:30 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 12:30 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 12:30 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 12:30 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 12:30 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 12:30 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 12:30 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 12:30 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 12:30 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 12:30 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 12:30 - 2014-07-16 04:47 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 12:30 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 12:30 - 2014-07-16 03:47 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 12:30 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 12:30 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 12:30 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 12:30 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 12:30 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 12:30 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 12:30 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 12:30 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 12:30 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 12:30 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 12:30 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 08:50 - 2014-08-14 10:16 - 00000000 ____D () C:\Users\Jonas\AppData\Local\Adobe
2014-08-12 21:10 - 2014-08-12 21:10 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-08 15:06 - 2014-08-08 15:06 - 00000000 ____D () C:\VWLUPO
2014-08-08 15:06 - 2014-08-08 15:06 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VW Lupo-Cup
2014-08-06 11:15 - 2014-08-19 15:03 - 00001099 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-06 11:14 - 2014-08-19 15:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-31 08:26 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 08:26 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 08:26 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 08:26 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 08:25 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 08:25 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 08:25 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 08:25 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 08:25 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-26 10:57 - 2014-08-26 10:56 - 00029446 _____ () C:\Users\Jonas\Desktop\FRST.txt
2014-08-26 10:57 - 2014-08-26 10:56 - 00000000 ____D () C:\FRST
2014-08-26 10:55 - 2014-08-26 10:55 - 02103296 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2014-08-26 10:54 - 2014-08-26 10:54 - 01095168 _____ (Farbar) C:\Users\Jonas\Desktop\FRST.exe
2014-08-26 10:54 - 2012-07-17 09:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-26 09:46 - 2011-07-02 17:02 - 02004288 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 09:44 - 2010-05-03 11:46 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-26 09:20 - 2011-09-03 00:10 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356693128-270669771-2345369144-1001UA.job
2014-08-26 09:07 - 2011-07-26 11:22 - 00000000 ___RD () C:\Users\Jonas\Dropbox
2014-08-26 08:57 - 2014-02-21 13:40 - 00000000 ____D () C:\Users\Jonas\Documents\Bachelorarbeit
2014-08-26 07:29 - 2009-07-14 06:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 07:29 - 2009-07-14 06:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 07:21 - 2011-07-26 11:21 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Dropbox
2014-08-26 07:19 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-26 07:19 - 2009-07-14 06:39 - 00247125 _____ () C:\Windows\setupact.log
2014-08-25 22:02 - 2011-07-04 12:09 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Skype
2014-08-25 20:32 - 2009-07-14 06:33 - 00457304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-25 15:59 - 2014-08-25 15:59 - 00000000 ____D () C:\Users\Jonas\AppData\Local\SWDS
2014-08-25 15:59 - 2014-06-23 10:35 - 00000000 ____D () C:\Windows\system32\mjcm
2014-08-25 15:59 - 2013-06-02 10:15 - 00000000 ____D () C:\Windows\system32\WNLT
2014-08-25 15:59 - 2013-06-02 10:15 - 00000000 ____D () C:\Windows\system32\ARFC
2014-08-25 14:53 - 2014-05-28 12:24 - 00000000 ____D () C:\Users\Jonas\Documents\Master
2014-08-22 23:09 - 2014-08-22 23:06 - 00369768 _____ () C:\Windows\Minidump\082214-55879-01.dmp
2014-08-22 23:06 - 2011-07-23 19:04 - 359889109 _____ () C:\Windows\MEMORY.DMP
2014-08-22 23:06 - 2011-07-23 19:04 - 00000000 ____D () C:\Windows\Minidump
2014-08-21 11:53 - 2014-06-26 16:32 - 02375984 _____ () C:\Windows\system32\dmwu.exe
2014-08-21 11:47 - 2013-06-02 10:15 - 00027136 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll
2014-08-19 18:10 - 2011-07-25 00:18 - 00000000 ____D () C:\Users\Jonas\AppData\Local\CrashDumps
2014-08-19 15:03 - 2014-08-06 11:15 - 00001099 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:03 - 2014-08-06 11:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:03 - 2014-03-02 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:03 - 2014-03-02 23:24 - 00000000 ____D () C:\Program Files\Avira
2014-08-19 08:51 - 2014-08-19 08:51 - 00000000 ____D () C:\Users\Jonas\Documents\2014-08-19 Stefan Versicherung
2014-08-14 15:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-08-14 13:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 12:51 - 2010-05-03 12:08 - 00938912 _____ () C:\Windows\PFRO.log
2014-08-14 12:50 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-14 12:49 - 2014-05-06 14:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 12:47 - 2010-05-03 13:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 12:45 - 2013-08-06 08:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 12:41 - 2010-05-03 14:06 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 10:16 - 2014-08-14 08:50 - 00000000 ____D () C:\Users\Jonas\AppData\Local\Adobe
2014-08-14 08:54 - 2011-07-26 11:22 - 00001021 _____ () C:\Users\Jonas\Desktop\Dropbox.lnk
2014-08-14 08:54 - 2011-07-26 11:21 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 00:29 - 2011-09-03 00:10 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356693128-270669771-2345369144-1001Core.job
2014-08-13 18:56 - 2012-05-03 14:45 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-08-13 18:56 - 2011-07-02 18:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-08-12 21:10 - 2014-08-12 21:10 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-12 21:10 - 2011-07-04 12:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 15:06 - 2014-08-08 15:06 - 00000000 ____D () C:\VWLUPO
2014-08-08 15:06 - 2014-08-08 15:06 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VW Lupo-Cup
2014-08-08 15:05 - 2014-03-18 11:12 - 00000000 ____D () C:\Users\Jonas\Documents\Spiele
2014-08-07 23:27 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-07 03:43 - 2014-08-14 12:30 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:39 - 2014-08-14 12:30 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 11:15 - 2014-03-02 23:24 - 00000000 ____D () C:\ProgramData\Avira
2014-08-01 01:16 - 2014-08-14 12:31 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 21:46 - 2012-10-09 21:49 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\vlc
2014-07-31 20:55 - 2012-04-04 19:54 - 00000000 ____D () C:\Users\Jonas\Documents\Spanisch
Some content of TEMP:
====================
C:\Users\Jonas\AppData\Local\Temp\avgnt.exe
C:\Users\Jonas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjhjgey.dll
C:\Users\Jonas\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Jonas\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Jonas\AppData\Local\Temp\freddifishinstall.exe
C:\Users\Jonas\AppData\Local\Temp\ICReinstall_wm2014xxl_CB-DL-Manager.exe
C:\Users\Jonas\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jonas\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Jonas\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Jonas\AppData\Local\Temp\ose00000.exe
C:\Users\Jonas\AppData\Local\Temp\qms.exe
C:\Users\Jonas\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Jonas\AppData\Local\Temp\sdapskill.exe
C:\Users\Jonas\AppData\Local\Temp\sdaspwn.exe
C:\Users\Jonas\AppData\Local\Temp\sims_deluxe_patch.exe
C:\Users\Jonas\AppData\Local\Temp\smt_qone8_new.exe
C:\Users\Jonas\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Jonas\AppData\Local\Temp\v-bates.exe
C:\Users\Jonas\AppData\Local\Temp\wm2014xxl.exe
C:\Users\Jonas\AppData\Local\Temp\WZCPlugin_VISTA.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 09:02
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:26-08-2014
Ran by Jonas at 2014-08-26 10:58:02
Running from C:\Users\Jonas\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
1ClickDownloader (HKLM\...\1ClickDownload) (Version: 2.7 Build 26473 - 1ClickDownload) <==== ATTENTION
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.11 - Adobe Systems)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
ArcSoft TotalMedia 3.5 (HKLM\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.388 - ArcSoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.17 - Atheros Communications Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version: - )
Avira (HKLM\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bing Bar (HKLM\...\{F6A6DFF9-F71C-4BA6-B437-F18872866D3D}) (Version: 7.0.791.0 - Microsoft Corporation)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2411 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.2411 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3415 - CyberLink Corp.)
CyberLink MediaShow (Version: 4.1.3415 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2326 - CyberLink Corp.)
CyberLink PowerDirector (Version: 8.0.2326 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2010 - CyberLink Corp.)
CyberLink PowerDVD 9 (Version: 9.0.2010 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2326 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.2.2326 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2219 - CyberLink Corp.)
CyberLink YouCam (Version: 3.0.2219 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dojotech Spotify Recorder (HKLM\...\{461179FC-E2AC-4CC8-AA95-82D35FB3E7EA}) (Version: 3.3 - Dojotech Software)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FilesFrog Update Checker (HKLM\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
Free YouTube Download version 3.2.29.303 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.29.303 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
IB Updater Service (HKLM\...\WNLT) (Version: 5.1.3.1 - ) <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager V1.5.0.8 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.0.8 - Wistron Corp.)
Little Big Adventure 2: Twinsen's Odyssey (c) Didier Chanfray SARL (HKLM\...\Little Big Adventure 2: Twinsen's Odyssey (c) Di~A97336CD_is1) (Version: 2 - )
LPT System Updater Service (Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.56.34 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
pdfsam (HKCU\...\pdfsam) (Version: 2.2.1 - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars.eu (HKLM\...\PokerStars.eu) (Version: - PokerStars.eu)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
qone8 uninstaller (HKLM\...\qone8 uninstaller) (Version: - qone8) <==== ATTENTION
Radsport Manager 2004/2005 (HKLM\...\Cycling Manager 4) (Version: - )
REALTEK DTV USB DEVICE (HKLM\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6024 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0144 - REALTEK Semiconductor Corp.)
Roll (HKLM\...\RollerCoaster Tycoon Setup) (Version: - )
SecureW2 EAP Suite 1.1.3 for Windows (HKLM\...\SecureW2 EAP Suite) (Version: - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SL-6555-SBK (HKLM\...\{7AB86D35-DF3B-407F-B43E-468345DABF29}) (Version: 1.00.0000 - GASIA)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
T-Home Dialerschutz-Software (HKLM\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version: - )
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities 2014) (Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
V-bates 2.0.0.438 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.438 - Southstarco) <==== ATTENTION
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VOLKSWAGEN Lupo-Cup (HKLM\...\VWLUPO-Key) (Version: - )
Wincore MediaBar (HKLM\...\Wincore MediaBar) (Version: 3.0.0.122080 - iMesh Inc.) <==== ATTENTION
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Searchqu Toolbar (HKLM\...\Windows Searchqu Toolbar) (Version: 3.0.0.117623 - Bandoo Media Inc) <==== ATTENTION
WPM17.8.0.3442 (HKLM\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION
Yahoo Community Smartbar (HKLM\...\{D62304BE-D5D3-4CCF-8973-123909491ADB}) (Version: 11.62.66.17712 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU\...\{176160c3-cfbe-4807-9e4f-f838778f808f}) (Version: 11.62.66.17712 - Linkury Inc.) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Jonas\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Jonas\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Jonas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356693128-270669771-2345369144-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
16-07-2014 10:23:24 Geplanter Prüfpunkt
23-07-2014 15:43:31 Geplanter Prüfpunkt
24-07-2014 07:17:22 Windows Update
31-07-2014 06:25:13 Windows Update
07-08-2014 22:36:51 Geplanter Prüfpunkt
14-08-2014 10:32:27 Windows Update
21-08-2014 14:06:02 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B350C69-E530-4B9E-B603-B85CE9F639EC} - System32\Tasks\{B2D36023-02F8-4904-A9C2-1561EA8D99E5} => C:\Program Files\Hasbro Interactive\RollerCoaster Tycoon\rct.exe [1999-05-29] ()
Task: {0D0E2F3E-553B-4F3D-8BD4-6AFD37E41332} - System32\Tasks\{D2E568AE-3FCD-41F8-9852-3764E1A65950} => C:\Program Files\Hasbro Interactive\RollerCoaster Tycoon\rct.exe [1999-05-29] ()
Task: {29635CC8-C6ED-4316-B018-6ACDCD1ADE05} - System32\Tasks\{BE6CB8F0-7122-4838-92BE-2D971F51E41B} => C:\Program Files\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {30A3D24A-3CE0-4A19-ADC6-E6AB12B1F602} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-13] (Adobe Systems Incorporated)
Task: {3AAE1EEE-2E9D-4FFF-90F9-671E90903965} - System32\Tasks\{5E4A81A1-8DA2-48B5-8A3C-E10FD11695BB} => C:\Program Files\Hasbro Interactive\RollerCoaster Tycoon\rct.exe [1999-05-29] ()
Task: {71E63E32-24DD-4D84-9505-2A12334B5418} - System32\Tasks\{134BA40D-5A8E-42DD-A422-0C3416EDDE8F} => C:\Program Files\Hasbro Interactive\RollerCoaster Tycoon\rct.exe [1999-05-29] ()
Task: {7736B823-3F48-4B0A-8E38-2E9EDB120F28} - System32\Tasks\{887A0DC2-72E7-4EFB-A9E3-214D6CCD7B6F} => C:\Program Files\Hasbro Interactive\RollerCoaster Tycoon\rct.exe [1999-05-29] ()
Task: {A5162796-C7F9-4BC6-B764-F8AA4300B31E} - System32\Tasks\{5E538795-0DA3-4347-A123-63E9ADA05FCF} => C:\Program Files\Hasbro Interactive\RollerCoaster Tycoon\rct.exe [1999-05-29] ()
Task: {BE50FB11-D10B-4E4B-AD9C-F63042BD3B69} - System32\Tasks\{EAB259EC-F1A2-4C9F-B808-17457DAEC287} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsMain
Task: {ED35E530-D36C-4282-8AEC-55FF6278E741} - System32\Tasks\{1FA9B9E6-68C0-4391-A514-AA79595004DC} => C:\Program Files\Hasbro Interactive\RollerCoaster Tycoon\rct.exe [1999-05-29] ()
Task: {EFA104C3-2C68-423B-A518-0FF42C3D0691} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1356693128-270669771-2345369144-1001UA => C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FCF670F8-DB82-4468-B706-E4A1BDC83334} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe
Task: {FDED95C5-65DB-49CE-AE4B-F459651BAB33} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1356693128-270669771-2345369144-1001Core => C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356693128-270669771-2345369144-1001Core.job => C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356693128-270669771-2345369144-1001UA.job => C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-06-26 16:32 - 2014-08-21 11:53 - 02375984 _____ () C:\Windows\system32\dmwu.exe
2009-11-02 14:20 - 2009-11-02 14:20 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 14:23 - 2009-11-02 14:23 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2014-05-08 13:22 - 2014-05-08 13:22 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2011-08-31 20:13 - 2011-08-31 20:13 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2014-08-06 11:15 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Jonas\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00045848 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00070936 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\srau.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00166680 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 02337048 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00067864 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\spbl.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00156440 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00015128 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\siem.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00066840 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00697624 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00015640 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00079640 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00027928 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00060184 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\srut.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00030488 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00066328 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00150296 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\smti.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00032024 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\srom.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00031512 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\smtu.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00039704 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\smta.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00046872 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\srbu.dll
2014-06-11 14:12 - 2014-06-11 14:12 - 00024856 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\sgml.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00062744 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00025880 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-11 14:11 - 2014-06-11 14:11 - 00044312 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-11 14:03 - 2014-06-11 14:03 - 00025880 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00036120 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-11 14:13 - 2014-06-11 14:13 - 00256280 _____ () C:\Users\Jonas\AppData\Local\Smartbar\Application\srns.dll
2012-10-08 18:27 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files\ArcSoft\TotalMedia 3.5\uPiApi.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2012-10-08 18:27 - 2008-11-26 16:59 - 00131584 _____ () C:\Program Files\ArcSoft\TotalMedia 3.5\AbilisWinUsb.dll
2012-10-08 18:27 - 2008-10-22 16:01 - 00200704 _____ () C:\Program Files\ArcSoft\TotalMedia 3.5\VendorCmdRW.dll
2014-08-26 07:21 - 2014-08-26 07:21 - 00043008 _____ () c:\users\jonas\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjhjgey.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Jonas\AppData\Roaming\Dropbox\bin\libcef.dll
2010-05-04 09:17 - 2009-10-15 20:49 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2013-08-30 10:51 - 2013-08-30 10:51 - 00501560 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2014-04-02 15:58 - 2014-01-28 14:06 - 00209408 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-21 11:53 - 2014-08-21 11:53 - 00730928 _____ () C:\Windows\System32\mjcm\dnkt.exe
2014-08-21 11:53 - 2014-08-21 11:53 - 01774896 _____ () C:\Windows\System32\mjcm\5131\nsib.dll
2010-05-03 11:53 - 2009-10-02 13:18 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-07-23 00:51 - 2014-07-23 00:52 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-08-13 18:56 - 2014-08-13 18:56 - 17048240 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-05-08 13:22 - 2014-05-08 13:22 - 00105984 _____ () C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Public\Desktop\Little Big Adventure 2: Twinsen's Odyssey.lnk
AlternateDataStreams: C:\Users\Public\Documents\000 VORLAGE NACHRICHTEN 000.doc:com.dropbox.attributes
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Jonas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jonas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Jonas\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Jonas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/22/2014 08:08:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1038
Startzeit: 01cfbddffcbff1fa
Endzeit: 67
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 49d81f50-2a27-11e4-a053-001f163983d6
Error: (08/22/2014 10:25:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: acc
Startzeit: 01cfbde238b6ac04
Endzeit: 10
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (08/19/2014 06:10:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1790
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/19/2014 10:34:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x16d8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/18/2014 01:58:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x9ec
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/18/2014 01:58:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17e0
Startzeit: 01cfbab95b1030da
Endzeit: 90
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 03133012-26cf-11e4-a32f-001f163983d6
Error: (08/15/2014 05:52:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1578
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/14/2014 00:46:33 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (08/14/2014 11:42:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x2e48
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/13/2014 05:45:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe, Version: 14.0.0.145, Zeitstempel: 0x53aa1aea
Name des fehlerhaften Moduls: FlashPlayerPlugin_14_0_0_145.exe, Version: 14.0.0.145, Zeitstempel: 0x53aa1aea
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002c2a7
ID des fehlerhaften Prozesses: 0x8f0
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_14_0_0_145.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_14_0_0_145.exe2
Berichtskennung: FlashPlayerPlugin_14_0_0_145.exe3
System errors:
=============
Error: (08/26/2014 09:37:45 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR14 gefunden.
Error: (08/26/2014 09:37:44 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR14 gefunden.
Error: (08/26/2014 09:37:43 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR14 gefunden.
Error: (08/26/2014 09:36:35 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR12 gefunden.
Error: (08/26/2014 09:36:34 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR12 gefunden.
Error: (08/26/2014 09:36:34 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR12 gefunden.
Error: (08/26/2014 09:36:33 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR12 gefunden.
Error: (08/26/2014 09:21:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR11 gefunden.
Error: (08/26/2014 09:21:12 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR11 gefunden.
Error: (08/26/2014 09:21:11 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR11 gefunden.
Microsoft Office Sessions:
=========================
Error: (08/13/2014 03:45:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5205 seconds with 1500 seconds of active time. This session ended with a crash.
Error: (07/28/2014 01:18:23 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9940 seconds with 4860 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-08-26 08:24:24.063
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\T-Home\Dialerschutz-Software\df.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-25 21:43:00.382
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-25 21:39:48.029
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-25 21:38:07.841
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\T-Home\Dialerschutz-Software\df.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-25 16:58:21.251
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\T-Home\Dialerschutz-Software\df.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-25 16:03:25.667
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\T-Home\Dialerschutz-Software\df.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-24 12:55:36.278
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\T-Home\Dialerschutz-Software\df.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-24 09:21:49.433
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\T-Home\Dialerschutz-Software\df.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-23 15:41:10.810
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\T-Home\Dialerschutz-Software\df.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-23 13:23:45.977
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\T-Home\Dialerschutz-Software\df.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 68%
Total physical RAM: 3254.54 MB
Available physical RAM: 1026.61 MB
Total Pagefile: 6507.36 MB
Available Pagefile: 3698.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.91 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:424.66 GB) (Free:168.19 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:4.54 GB) NTFS
Drive f: (Meine Dateien) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CB542439)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=424.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
|
|
27.08.2014, 10:00
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: USB-Stick zeigt nur noch Verknüpfungen an Adware & Co. deinstallieren
 Panda USB Vaccine Bitte lade Dir von hier Panda USB Vaccine herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: USB-Stick zeigt nur noch Verknüpfungen an |
| ahnung, anderen, antivirus, dateien, fehler, fenster, gelöscht, gen, heute, komplett, laptop, natürlich, neu, nichts, problem, problemlos, schwarzes, script, speichern, unbedingt, verknüpfungen am usb-stick, version, windows, windows 7, woche, wochen |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
WARNUNG an die MITLESER: 
Linear-Darstellung
