![]() |
|
Plagegeister aller Art und deren Bekämpfung: acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() | #1 |
| ![]() acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht. Hallo! Beim Virenscan mit Avast kommt die Meldung über eine Bedrohung und zwar Win32:evo-gen in C:\windows\system32\drivers\acedrv01.sys. Wenn ich die empfohlene Aktion ausführe (in Virencontainer schieben, Datei löschen) und dann nach runterfahren des PCs erneut scanne ist die Datei immer noch da. Zudem funktioniert das CD Laufwerk nicht mehr, es erkennt die CDs nicht. Hier die Logs: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014 Ran by zuppy (administrator) on LAPTOP-ZUPPY on 04-09-2014 09:18:44 Running from C:\Users\zuppy\Downloads Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe () C:\Windows\System32\WLTRYSVC.EXE (Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe (IDT, Inc.) C:\Windows\System32\stacsv.exe (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Creative Technology Ltd.) C:\Windows\OEM02Mon.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Dell Inc.) C:\Windows\System32\WLTRAY.EXE (Creative Technology Ltd.) C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe (Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files\DivX\DivX Update\DivXUpdate.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Akamai Technologies, Inc.) C:\Users\zuppy\AppData\Local\Akamai\netsession_win.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCtrlCntr.exe (Akamai Technologies, Inc.) C:\Users\zuppy\AppData\Local\Akamai\netsession_win.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcUxSys.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation) HKLM\...\Run: [ECenter] => C:\Dell\E-Center\EULALauncher.exe [17920 2008-02-29] ( ) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-07] (Alps Electric Co., Ltd.) HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2008-03-04] (Creative Technology Ltd.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [1548288 2007-03-21] (Dell Inc.) HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation) HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( ) HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [189736 2007-11-01] (CyberLink Corp.) HKLM\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2008-08-14] (SupportSoft, Inc.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation) HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.) HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.) HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.) HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.) HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [622592 2007-02-06] (Brother Industries, Ltd.) HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-07] (IDT, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-08] (AVAST Software) HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKU\.DEFAULT\...\Run: [msnmsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2008-08-14] (SupportSoft, Inc.) HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation) HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [MsnMsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [MobileDocuments] => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [Akamai NetSession Interface] => C:\Users\zuppy\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation) HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {16f2ba31-8bde-11e1-9be4-001d094fc2c5} - G:\LaunchU3.exe -a HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {2959ee1c-3444-11df-884a-001d094fc2c5} - F:\autorun.exe HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {a09b9b27-9157-11de-8d28-001f3a4c1991} - F:\AutoRun.exe HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {a09b9b55-9157-11de-8d28-001f3a4c1991} - G:\AutoRun.exe HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {f46ab122-0be1-11df-8784-001d094fc2c5} - G:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=FUJITSUXMHY2160BH_K431T832B28DT832B28DX&ts=1356443800 SearchScopes: HKCU - {715A3DAE-8345-4964-B73E-F3596DBA56C8} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=9M&apn_dtid=OSJ000&apn_uid=714CCA31-D6C6-489A-B82B-5FEF78C366F9&apn_sauid=985DA777-D9DA-4CE6-8BC2-474155BE940E BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll (pdfforge GmbH) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-19] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-23] Chrome: ======= CHR CustomProfile: C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-17] CHR Extension: (Google Drive) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-17] CHR Extension: (YouTube) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-19] CHR Extension: (Google-Suche) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-19] CHR Extension: (avast! SafePrice) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-17] CHR Extension: (avast! Online Security) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-17] CHR Extension: (Google Wallet) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07] CHR Extension: (Google Mail) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-19] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-08] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-15] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-15] (AVAST Software) R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [427376 2009-04-02] (Juniper Networks) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-14] (SupportSoft, Inc.) S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation) [File not signed] R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1724416 2007-03-21] (Dell Inc.) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 acedrv01; C:\Windows\system32\drivers\acedrv01.sys [93696 2009-04-01] (ACE GmbH) [File not signed] R2 acedrv02; C:\Windows\system32\drivers\acedrv02.sys [97280 2009-04-01] (ACE GmbH) [File not signed] R2 acedrv04; C:\Windows\system32\drivers\acedrv04.sys [97280 2009-04-01] (Protect Software GmbH) [File not signed] R2 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [97792 2009-04-01] (Protect Software GmbH) [File not signed] R2 acedrv06; C:\Windows\system32\drivers\acedrv06.sys [99840 2009-04-01] (Protect Software GmbH) [File not signed] R2 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [101376 2009-04-01] (Protect Software GmbH) [File not signed] R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-15] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-15] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-15] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-07-15] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-15] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-15] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-07-15] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-15] () R3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [23552 2009-04-02] (Juniper Networks) S3 LTXMD_VAC; C:\Windows\System32\drivers\lmvac.sys [18912 2008-07-01] (Windows (R) Codename Longhorn DDK provider) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-12-12] (The OpenVPN Project) S2 adfs; No ImagePath S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-04 09:18 - 2014-09-04 09:19 - 00022369 _____ () C:\Users\zuppy\Downloads\FRST.txt 2014-09-04 09:18 - 2014-09-04 09:18 - 00000000 ____D () C:\FRST 2014-09-04 09:17 - 2014-09-04 09:18 - 01096704 _____ (Farbar) C:\Users\zuppy\Downloads\FRST.exe 2014-09-04 09:15 - 2014-09-04 09:15 - 00000472 _____ () C:\Users\zuppy\Downloads\defogger_disable.log 2014-09-04 09:15 - 2014-09-04 09:15 - 00000000 _____ () C:\Users\zuppy\defogger_reenable 2014-09-04 09:14 - 2014-09-04 09:14 - 00050477 _____ () C:\Users\zuppy\Downloads\Defogger.exe 2014-09-04 08:22 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-09-04 08:22 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-28 12:35 - 2014-08-28 12:35 - 00011740 _____ () C:\Users\zuppy\Downloads\Rechnung Svenja Hartwig (0013,14).xlsx 2014-08-18 14:38 - 2014-08-18 14:38 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\Oracle 2014-08-18 14:36 - 2014-08-18 14:36 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-08-18 14:35 - 2014-08-18 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-18 14:35 - 2014-08-18 14:34 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-08-18 14:35 - 2014-08-18 14:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-08-18 14:35 - 2014-08-18 14:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-08-18 14:35 - 2014-08-18 14:34 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-08-18 14:34 - 2014-08-18 14:34 - 00000000 ____D () C:\Program Files\Java 2014-08-17 21:07 - 2014-08-17 21:07 - 00067342 _____ () C:\Users\zuppy\Downloads\vietnam visum 2014-08-17 12:10 - 2014-08-17 12:10 - 00001925 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-08-17 12:10 - 2014-08-17 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-17 12:08 - 2014-09-04 09:13 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-17 12:08 - 2014-09-04 08:34 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-17 12:07 - 2014-08-17 12:07 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Deployment 2014-08-17 12:07 - 2014-08-17 12:07 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Apps\2.0 2014-08-17 11:55 - 2014-08-17 11:55 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\PDF Architect 2 2014-08-17 11:48 - 2014-08-17 11:48 - 00000784 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk 2014-08-17 11:48 - 2014-08-17 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2 2014-08-17 11:47 - 2014-08-17 11:48 - 00000000 ____D () C:\Program Files\PDF Architect 2 2014-08-17 11:47 - 2014-08-17 11:47 - 00000000 ____D () C:\Users\zuppy\Documents\PDF Architect 2 2014-08-17 11:47 - 2014-08-17 11:47 - 00000000 ____D () C:\ProgramData\PDF Architect 2 2014-08-17 11:45 - 2014-08-17 11:51 - 00000000 ____D () C:\Program Files\PDFCreator 2014-08-17 11:45 - 2014-08-17 11:45 - 00000790 _____ () C:\Users\Public\Desktop\PDFCreator.lnk 2014-08-17 11:45 - 2014-08-17 11:45 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\pdfforge 2014-08-17 11:45 - 2014-08-17 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2014-08-17 11:45 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCT2.OCX 2014-08-17 11:45 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\system32\MSMAPI32.OCX 2014-08-17 11:45 - 2014-04-25 17:44 - 00095416 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll 2014-08-17 11:45 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\MSMPIDE.DLL 2014-08-17 11:45 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\system32\VB6DE.DLL 2014-08-17 11:45 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCDE.DLL 2014-08-17 11:45 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\MSCC2DE.DLL 2014-08-17 11:42 - 2014-08-17 11:43 - 27843432 _____ (pdfforge ) C:\Users\zuppy\Downloads\PDFCreator-1_7_3_setup.exe 2014-08-17 11:40 - 2014-08-17 11:40 - 00000000 _____ () C:\Users\zuppy\Downloads\SetupWordToPDF_237_v2.9.exe.28bypr0.partial 2014-08-17 11:37 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-17 11:37 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-17 11:37 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-17 11:36 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-14 15:12 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-14 15:12 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-14 15:12 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-08-14 15:12 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-14 15:12 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-14 15:12 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-14 15:12 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-08-14 15:12 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-14 15:11 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-14 15:11 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-14 15:11 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-14 15:11 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-14 15:11 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-14 15:11 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-14 15:11 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-08-14 15:11 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-14 15:11 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-14 15:11 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-08-14 15:11 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-14 15:11 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-14 15:11 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-14 15:11 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-14 15:11 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-14 15:11 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-14 15:11 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-14 15:11 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-08-14 15:11 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-08-14 15:11 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-08-14 15:11 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-14 14:46 - 2014-08-14 14:46 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-08-10 08:46 - 2014-08-10 08:46 - 00001626 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-08-10 08:46 - 2014-08-10 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-10 08:45 - 2014-08-10 08:46 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-04 09:19 - 2014-09-04 09:18 - 00022369 _____ () C:\Users\zuppy\Downloads\FRST.txt 2014-09-04 09:18 - 2014-09-04 09:18 - 00000000 ____D () C:\FRST 2014-09-04 09:18 - 2014-09-04 09:17 - 01096704 _____ (Farbar) C:\Users\zuppy\Downloads\FRST.exe 2014-09-04 09:16 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-04 09:16 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-04 09:15 - 2014-09-04 09:15 - 00000472 _____ () C:\Users\zuppy\Downloads\defogger_disable.log 2014-09-04 09:15 - 2014-09-04 09:15 - 00000000 _____ () C:\Users\zuppy\defogger_reenable 2014-09-04 09:15 - 2008-04-24 12:24 - 00000000 ____D () C:\Users\zuppy 2014-09-04 09:14 - 2014-09-04 09:14 - 00050477 _____ () C:\Users\zuppy\Downloads\Defogger.exe 2014-09-04 09:13 - 2014-08-17 12:08 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-04 09:10 - 2008-04-26 20:38 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\Skype 2014-09-04 08:48 - 2008-04-21 18:30 - 01869918 _____ () C:\Windows\WindowsUpdate.log 2014-09-04 08:39 - 2012-04-11 10:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-04 08:34 - 2014-08-17 12:08 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-04 08:32 - 2009-01-15 14:45 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-09-04 08:32 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-04 08:32 - 2006-11-02 14:47 - 03736840 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-09-04 08:25 - 2006-11-02 15:01 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-03 19:08 - 2011-11-10 19:30 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Akamai 2014-09-03 19:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool 2014-09-03 19:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc 2014-09-03 19:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration 2014-09-03 19:08 - 2006-11-02 12:22 - 51118080 _____ () C:\Windows\system32\config\software_previous 2014-09-03 19:08 - 2006-11-02 12:22 - 34340864 _____ () C:\Windows\system32\config\system_previous 2014-09-03 18:57 - 2006-11-02 12:22 - 50331648 _____ () C:\Windows\system32\config\components_previous 2014-09-03 18:57 - 2006-11-02 12:22 - 00061440 _____ () C:\Windows\system32\config\sam_previous 2014-09-03 18:21 - 2014-01-23 18:55 - 00001893 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk 2014-09-03 18:21 - 2014-01-23 18:55 - 00001833 _____ () C:\Users\Public\Desktop\avast! Pro Antivirus.lnk 2014-09-03 18:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\tracing 2014-08-29 12:49 - 2006-11-02 12:22 - 00524288 _____ () C:\Windows\system32\config\default_previous 2014-08-29 12:49 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous 2014-08-28 17:18 - 2008-12-07 15:38 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\EndNote 2014-08-28 17:18 - 2008-05-09 16:58 - 00000000 ____D () C:\Users\zuppy\Documents\Bewerbungen und Briefe 2014-08-28 16:26 - 2014-07-07 19:01 - 00000000 ____D () C:\Users\zuppy\Desktop\Bewerbungskram 2014-08-28 12:35 - 2014-08-28 12:35 - 00011740 _____ () C:\Users\zuppy\Downloads\Rechnung Svenja Hartwig (0013,14).xlsx 2014-08-23 03:03 - 2014-09-04 08:22 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 01:26 - 2014-09-04 08:22 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-18 17:22 - 2013-05-31 14:30 - 00019456 _____ () C:\Users\zuppy\Documents\OP-Katalog Assistenten.xls 2014-08-18 14:38 - 2014-08-18 14:38 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\Oracle 2014-08-18 14:36 - 2014-08-18 14:36 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-08-18 14:36 - 2013-09-25 20:14 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-18 14:35 - 2014-08-18 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-18 14:34 - 2014-08-18 14:35 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-08-18 14:34 - 2014-08-18 14:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-08-18 14:34 - 2014-08-18 14:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-08-18 14:34 - 2014-08-18 14:35 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-08-18 14:34 - 2014-08-18 14:34 - 00000000 ____D () C:\Program Files\Java 2014-08-17 21:43 - 2013-12-02 18:43 - 02177536 _____ () C:\Users\zuppy\Documents\Route Zuppy2014.xls 2014-08-17 21:07 - 2014-08-17 21:07 - 00067342 _____ () C:\Users\zuppy\Downloads\vietnam visum 2014-08-17 19:08 - 2008-05-09 17:30 - 00000000 ____D () C:\Users\zuppy\Documents\Zuppys Sammelsorium 2014-08-17 14:50 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-08-17 13:35 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache 2014-08-17 13:23 - 2010-01-03 09:48 - 01567294 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-17 13:11 - 2008-04-21 19:03 - 00445828 _____ () C:\Windows\PFRO.log 2014-08-17 13:09 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE 2014-08-17 12:10 - 2014-08-17 12:10 - 00001925 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-08-17 12:10 - 2014-08-17 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-17 12:09 - 2008-04-21 18:51 - 00000000 ____D () C:\Program Files\Google 2014-08-17 12:07 - 2014-08-17 12:07 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Deployment 2014-08-17 12:07 - 2014-08-17 12:07 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Apps\2.0 2014-08-17 11:55 - 2014-08-17 11:55 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\PDF Architect 2 2014-08-17 11:52 - 2013-08-10 21:59 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-17 11:51 - 2014-08-17 11:45 - 00000000 ____D () C:\Program Files\PDFCreator 2014-08-17 11:48 - 2014-08-17 11:48 - 00000784 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk 2014-08-17 11:48 - 2014-08-17 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2 2014-08-17 11:48 - 2014-08-17 11:47 - 00000000 ____D () C:\Program Files\PDF Architect 2 2014-08-17 11:47 - 2014-08-17 11:47 - 00000000 ____D () C:\Users\zuppy\Documents\PDF Architect 2 2014-08-17 11:47 - 2014-08-17 11:47 - 00000000 ____D () C:\ProgramData\PDF Architect 2 2014-08-17 11:45 - 2014-08-17 11:45 - 00000790 _____ () C:\Users\Public\Desktop\PDFCreator.lnk 2014-08-17 11:45 - 2014-08-17 11:45 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\pdfforge 2014-08-17 11:45 - 2014-08-17 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2014-08-17 11:44 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-08-17 11:43 - 2014-08-17 11:42 - 27843432 _____ (pdfforge ) C:\Users\zuppy\Downloads\PDFCreator-1_7_3_setup.exe 2014-08-17 11:40 - 2014-08-17 11:40 - 00000000 _____ () C:\Users\zuppy\Downloads\SetupWordToPDF_237_v2.9.exe.28bypr0.partial 2014-08-14 14:46 - 2014-08-14 14:46 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-08-14 14:46 - 2008-04-26 18:22 - 00000000 ____D () C:\ProgramData\Skype 2014-08-12 18:39 - 2013-09-25 12:28 - 00003218 _____ () C:\Windows\setupact.log 2014-08-12 18:39 - 2008-04-26 18:24 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Adobe 2014-08-10 08:46 - 2014-08-10 08:46 - 00001626 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-08-10 08:46 - 2014-08-10 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-10 08:46 - 2014-08-10 08:45 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-08-10 08:46 - 2010-04-03 08:03 - 00000000 ____D () C:\Program Files\iTunes 2014-08-10 08:45 - 2010-10-03 09:26 - 00000000 ____D () C:\Program Files\iPod 2014-08-10 08:45 - 2008-04-24 13:45 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-08-10 07:55 - 2008-07-21 13:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-08-08 09:14 - 2010-06-04 09:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-08-05 09:20 - 2009-10-03 01:38 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe Files to move or delete: ==================== C:\ProgramData\ezsid.dat C:\Users\zuppy\avira_antivir_personal_de.exe C:\Users\zuppy\dell_support_center.exe C:\Users\zuppy\DivXInstaller.exe C:\Users\zuppy\JuniperSetupClientInstaller.exe C:\Users\zuppy\server.dll C:\Users\zuppy\uawin32.dll Some content of TEMP: ==================== C:\Users\zuppy\AppData\Local\Temp\AdobeUpdater12345.exe C:\Users\zuppy\AppData\Local\Temp\avgnt.exe C:\Users\zuppy\AppData\Local\Temp\DataCard_Setup.exe C:\Users\zuppy\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe C:\Users\zuppy\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\zuppy\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\zuppy\AppData\Local\Temp\ResetDevice.exe C:\Users\zuppy\AppData\Local\Temp\SkypeSetup.exe C:\Users\zuppy\AppData\Local\Temp\_is4652.exe C:\Users\zuppy\AppData\Local\Temp\_isB2F9.exe C:\Users\zuppy\AppData\Local\Temp\_isD4CB.exe C:\Users\zuppy\AppData\Local\Temp\_isF425.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-04 08:37 ==================== End Of Log ============================ dditional scan result of Farbar Recovery Scan Tool (x86) Version: 03-09-2014 Ran by zuppy at 2014-09-04 09:20:04 Running from C:\Users\zuppy\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated) Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe Media Player (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe Reader 8.3.1 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - ) Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - ) AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) avast! Pro Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software) Benutzerhandbuch (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - ) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite (HKLM\...\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}) (Version: 1.00 - Brother Industries, Ltd.) Brother MFL-Pro Suite MFC-J415W (HKLM\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.) Brother MFL-Pro Suite MFC-J5910DW (HKLM\...\{830F55B6-4398-4B72-A0D8-66397B902C0E}) (Version: 1.1.1.0 - Brother Industries, Ltd.) Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell) Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - ) Dell Handbuch zum Einstieg (HKLM\...\{FD023F61-65E9-465C-B558-7C64EB2B97E6}) (Version: 1.00.0000 - Dell Inc.) Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.08100 - Dell) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric) Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - ) Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - ) Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.102.15.61 - Dell Inc.) Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc) DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC) EndNote X1 (HKLM\...\{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}) (Version: 11.0.0.2571 - Thomson ResearchSoft) Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.) Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - ) iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.) Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden Juniper Networks Network Connect 6.0.0 (HKLM\...\Juniper Network Connect 6.0.0) (Version: 6.0.0.14137 - Juniper Networks) Juniper Networks Setup Client (HKCU\...\JuniperSetupClient) (Version: 1.1.0.0 - Juniper Networks) Juniper Networks Setup Client Activex Control (HKLM\...\JuniperSetupClient Activex Control) (Version: 1.1.0.0 - Juniper Networks) Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - ) Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.) MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell) Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 2000 Disc 2 (HKLM\...\{00040407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation) Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden MobileMe Control Panel (HKLM\...\{710BF966-43C8-4216-A8EC-BC4E169FF7C1}) (Version: 3.1.8.0 - Apple Inc.) Modem-Diagnose-Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell) MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc) OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink) PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.) PDF Architect 2 (HKLM\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH) PDF Architect 2 View Module (HKLM\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 8.2.17 - Dell Inc.) QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - ) Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden Samsung PC Studio (Version: 3.0.0.50903 - Samsung Electronics Co., Ltd.) Hidden ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.) SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5207.0 - SigmaTel) Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.) Steuer Update 14.01 (Version: 14.01 - Lexware) Hidden TAXMAN 2008 (Version: 14.00 - Lexware) Hidden Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden Uninstall 1.0.0.0 (HKLM\...\Uninstall_is1) (Version: - ) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.) Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation) Windows Live installer (HKLM\...\{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}) (Version: 12.0.1471.1025 - Microsoft Corporation) WinRAR (HKLM\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-674920860-3319793373-282348367-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media) CustomCLSID: HKU\S-1-5-21-674920860-3319793373-282348367-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media) ==================== Restore Points ========================= 03-09-2014 16:40:56 Windows Update 04-09-2014 06:21:14 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2009-07-17 13:17 - 00000759 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0095BE75-F80C-4DAD-8030-55BD325E1E71} - System32\Tasks\{3F3986D8-C83C-415C-9E00-98151FD048F5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.120/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered Task: {111E33D8-AE44-4977-A944-DA3FE835755A} - System32\Tasks\AdobeAAMUpdater-1.0-Laptop-Zuppy-zuppy => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {2D5822C8-BB73-4303-BA2E-4EF25B96311C} - System32\Tasks\{C1B4FB68-4F24-4758-B6B6-23A4C743B4C5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.112.210/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered Task: {2E7A8485-0DE8-4992-A245-3444DCEE84F9} - System32\Tasks\{6F020FC3-4B8E-4BB4-A121-782D1A9285C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.116.210/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered Task: {332A1E0B-2D95-4DE3-B779-FB51E049B858} - System32\Tasks\{8D88EE3E-5C40-4DC5-AC35-6CF9A0049944} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111.210/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome ![]() Task: {332C1A39-B3AB-474D-A2E1-1FDC641F033D} - System32\Tasks\{777EABD7-0780-4196-9809-FE179DD174DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.112.210/de/abandoninstall?page=tsDownload&installinfo=google-toolbar ![]() Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation) Task: {621DF182-42D8-4650-8EAF-BB32F0D09DA9} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - zuppy => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation) Task: {7850DF3C-415F-48F3-9653-795DA96D4603} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17] (Google Inc.) Task: {7D7C5FCA-AD6A-4C65-97AB-09C36A896AED} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {88416C57-77BC-4801-9BF5-0E9F8528F810} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {9E1FB878-0BD8-4949-86EE-734FAF1868B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14] (Adobe Systems Incorporated) Task: {AE2284DD-E5E7-408C-A1C4-D699987CC5A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {DD498F21-3BFA-478A-914A-1DA8BCBF485F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17] (Google Inc.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] () Task: {F7073345-06C8-47AF-965C-9C781BADADA5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-15] (AVAST Software) Task: {FF8F1D98-9CC5-4741-8F1A-2204CA44A378} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2008-04-21 18:42 - 2007-03-21 21:33 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE 2008-04-21 18:42 - 2007-03-21 21:33 - 00065536 _____ () C:\Windows\System32\bcmwlrmt.dll 2014-01-23 18:53 - 2014-07-15 18:02 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-09-03 18:25 - 2014-09-03 18:25 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2010-10-07 12:30 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll 2008-04-24 13:01 - 2007-09-20 18:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll 2014-01-23 18:53 - 2014-07-15 18:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe 2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll 2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll 2014-08-17 12:10 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll 2014-08-17 12:10 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll 2014-08-17 12:10 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll 2014-08-17 12:10 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/03/2014 06:10:50 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005. Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {29420848-3613-409b-b2b3-864d4e3386aa} Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\RETINA> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) System errors: ============= Error: (09/04/2014 08:32:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: adfs%%2 Error: (09/04/2014 08:32:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (09/04/2014 08:24:55 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {C2BFE331-6739-4270-86C9-493D9A04CD38} Error: (09/04/2014 08:16:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: adfs%%2 Error: (09/04/2014 08:16:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (09/03/2014 06:25:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86 Error: (09/03/2014 06:23:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: adfs%%2 Error: (09/03/2014 06:23:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (09/03/2014 06:18:53 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {C2BFE331-6739-4270-86C9-493D9A04CD38} Error: (09/03/2014 06:17:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Windows Update Microsoft Office Sessions: ========================= Error: (09/03/2014 06:10:50 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005 Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {29420848-3613-409b-b2b3-864d4e3386aa} Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\RETINA CodeIntegrity Errors: =================================== Date: 2013-12-27 20:39:50.994 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:39:50.073 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:39:49.157 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:39:48.185 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:39:47.179 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:39:46.241 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:35:55.448 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:35:54.396 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:35:53.353 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-27 20:35:52.370 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz Percentage of memory in use: 58% Total physical RAM: 2037.31 MB Available physical RAM: 849.41 MB Total Pagefile: 4315.87 MB Available Pagefile: 2831.83 MB Total Virtual: 2047.88 MB Available Virtual: 1908.15 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:136.46 GB) (Free:22.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.39 GB) NTFS Drive g: () (Removable) (Total:1.92 GB) (Free:1.91 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: A0000000) Partition 1: (Not Active) - (Size=94 MB) - (Type=DE) Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS) Partition 3: (Active) - (Size=136.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=2.5 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ |
Themen zu acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht. |
adware, akamai, antivirus, avira, bonjour, browser, cpu, desktop, error, fehler, flash player, google, home, iexplore.exe, mozilla, registry, rundll, scan, security, services.exe, software, svchost.exe, system, windows, wlan |