Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 04.09.2014, 08:33   #1
Zuppy
 
acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht. - Standard

acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht.



Hallo!
Beim Virenscan mit Avast kommt die Meldung über eine Bedrohung und zwar Win32:evo-gen in C:\windows\system32\drivers\acedrv01.sys. Wenn ich die empfohlene Aktion ausführe (in Virencontainer schieben, Datei löschen) und dann nach runterfahren des PCs erneut scanne ist die Datei immer noch da. Zudem funktioniert das CD Laufwerk nicht mehr, es erkennt die CDs nicht.

Hier die Logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014
Ran by zuppy (administrator) on LAPTOP-ZUPPY on 04-09-2014 09:18:44
Running from C:\Users\zuppy\Downloads
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Creative Technology Ltd.) C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Akamai Technologies, Inc.) C:\Users\zuppy\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCtrlCntr.exe
(Akamai Technologies, Inc.) C:\Users\zuppy\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [ECenter] => C:\Dell\E-Center\EULALauncher.exe [17920 2008-02-29] ( )
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2008-03-04] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [1548288 2007-03-21] (Dell Inc.)
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation)
HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [189736 2007-11-01] (CyberLink Corp.)
HKLM\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2008-08-14] (SupportSoft, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [622592 2007-02-06] (Brother Industries, Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-07] (IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-08] (AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [msnmsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2008-08-14] (SupportSoft, Inc.)
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [MsnMsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [MobileDocuments] => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [Akamai NetSession Interface] => C:\Users\zuppy\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {16f2ba31-8bde-11e1-9be4-001d094fc2c5} - G:\LaunchU3.exe -a
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {2959ee1c-3444-11df-884a-001d094fc2c5} - F:\autorun.exe
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {a09b9b27-9157-11de-8d28-001f3a4c1991} - F:\AutoRun.exe
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {a09b9b55-9157-11de-8d28-001f3a4c1991} - G:\AutoRun.exe
HKU\S-1-5-21-674920860-3319793373-282348367-1000\...\MountPoints2: {f46ab122-0be1-11df-8784-001d094fc2c5} - G:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=FUJITSUXMHY2160BH_K431T832B28DT832B28DX&ts=1356443800
SearchScopes: HKCU - {715A3DAE-8345-4964-B73E-F3596DBA56C8} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=9M&apn_dtid=OSJ000&apn_uid=714CCA31-D6C6-489A-B82B-5FEF78C366F9&apn_sauid=985DA777-D9DA-4CE6-8BC2-474155BE940E
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-23]

Chrome:
=======
CHR CustomProfile: C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-17]
CHR Extension: (Google Drive) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-17]
CHR Extension: (YouTube) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-19]
CHR Extension: (Google-Suche) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-19]
CHR Extension: (avast! SafePrice) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-17]
CHR Extension: (avast! Online Security) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-17]
CHR Extension: (Google Wallet) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Google Mail) - C:\Users\zuppy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-19]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-08]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-15]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-15] (AVAST Software)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [427376 2009-04-02] (Juniper Networks)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-14] (SupportSoft, Inc.)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation) [File not signed]
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1724416 2007-03-21] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 acedrv01; C:\Windows\system32\drivers\acedrv01.sys [93696 2009-04-01] (ACE GmbH) [File not signed]
R2 acedrv02; C:\Windows\system32\drivers\acedrv02.sys [97280 2009-04-01] (ACE GmbH) [File not signed]
R2 acedrv04; C:\Windows\system32\drivers\acedrv04.sys [97280 2009-04-01] (Protect Software GmbH) [File not signed]
R2 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [97792 2009-04-01] (Protect Software GmbH) [File not signed]
R2 acedrv06; C:\Windows\system32\drivers\acedrv06.sys [99840 2009-04-01] (Protect Software GmbH) [File not signed]
R2 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [101376 2009-04-01] (Protect Software GmbH) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-15] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-07-15] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-15] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-07-15] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-15] ()
R3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [23552 2009-04-02] (Juniper Networks)
S3 LTXMD_VAC; C:\Windows\System32\drivers\lmvac.sys [18912 2008-07-01] (Windows (R) Codename Longhorn DDK provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-12-12] (The OpenVPN Project)
S2 adfs; No ImagePath
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 09:18 - 2014-09-04 09:19 - 00022369 _____ () C:\Users\zuppy\Downloads\FRST.txt
2014-09-04 09:18 - 2014-09-04 09:18 - 00000000 ____D () C:\FRST
2014-09-04 09:17 - 2014-09-04 09:18 - 01096704 _____ (Farbar) C:\Users\zuppy\Downloads\FRST.exe
2014-09-04 09:15 - 2014-09-04 09:15 - 00000472 _____ () C:\Users\zuppy\Downloads\defogger_disable.log
2014-09-04 09:15 - 2014-09-04 09:15 - 00000000 _____ () C:\Users\zuppy\defogger_reenable
2014-09-04 09:14 - 2014-09-04 09:14 - 00050477 _____ () C:\Users\zuppy\Downloads\Defogger.exe
2014-09-04 08:22 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-04 08:22 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 12:35 - 2014-08-28 12:35 - 00011740 _____ () C:\Users\zuppy\Downloads\Rechnung Svenja Hartwig (0013,14).xlsx
2014-08-18 14:38 - 2014-08-18 14:38 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\Oracle
2014-08-18 14:36 - 2014-08-18 14:36 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-18 14:35 - 2014-08-18 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-18 14:35 - 2014-08-18 14:34 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-18 14:35 - 2014-08-18 14:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-18 14:35 - 2014-08-18 14:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-18 14:35 - 2014-08-18 14:34 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-18 14:34 - 2014-08-18 14:34 - 00000000 ____D () C:\Program Files\Java
2014-08-17 21:07 - 2014-08-17 21:07 - 00067342 _____ () C:\Users\zuppy\Downloads\vietnam visum
2014-08-17 12:10 - 2014-08-17 12:10 - 00001925 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-17 12:10 - 2014-08-17 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-17 12:08 - 2014-09-04 09:13 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-17 12:08 - 2014-09-04 08:34 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 12:07 - 2014-08-17 12:07 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Deployment
2014-08-17 12:07 - 2014-08-17 12:07 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Apps\2.0
2014-08-17 11:55 - 2014-08-17 11:55 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\PDF Architect 2
2014-08-17 11:48 - 2014-08-17 11:48 - 00000784 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk
2014-08-17 11:48 - 2014-08-17 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2014-08-17 11:47 - 2014-08-17 11:48 - 00000000 ____D () C:\Program Files\PDF Architect 2
2014-08-17 11:47 - 2014-08-17 11:47 - 00000000 ____D () C:\Users\zuppy\Documents\PDF Architect 2
2014-08-17 11:47 - 2014-08-17 11:47 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-08-17 11:45 - 2014-08-17 11:51 - 00000000 ____D () C:\Program Files\PDFCreator
2014-08-17 11:45 - 2014-08-17 11:45 - 00000790 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-08-17 11:45 - 2014-08-17 11:45 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\pdfforge
2014-08-17 11:45 - 2014-08-17 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-08-17 11:45 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCT2.OCX
2014-08-17 11:45 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\system32\MSMAPI32.OCX
2014-08-17 11:45 - 2014-04-25 17:44 - 00095416 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-08-17 11:45 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\MSMPIDE.DLL
2014-08-17 11:45 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\system32\VB6DE.DLL
2014-08-17 11:45 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCDE.DLL
2014-08-17 11:45 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\MSCC2DE.DLL
2014-08-17 11:42 - 2014-08-17 11:43 - 27843432 _____ (pdfforge ) C:\Users\zuppy\Downloads\PDFCreator-1_7_3_setup.exe
2014-08-17 11:40 - 2014-08-17 11:40 - 00000000 _____ () C:\Users\zuppy\Downloads\SetupWordToPDF_237_v2.9.exe.28bypr0.partial
2014-08-17 11:37 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 11:37 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 11:37 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 11:36 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 15:12 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 15:12 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 15:12 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 15:12 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 15:12 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 15:12 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 15:12 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 15:12 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 15:11 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 15:11 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 15:11 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 15:11 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 15:11 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 15:11 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 15:11 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 15:11 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 15:11 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 15:11 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 15:11 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 15:11 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 15:11 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 15:11 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 15:11 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 15:11 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 15:11 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 15:11 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 15:11 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 15:11 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 15:11 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 14:46 - 2014-08-14 14:46 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-10 08:46 - 2014-08-10 08:46 - 00001626 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-10 08:46 - 2014-08-10 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-10 08:45 - 2014-08-10 08:46 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 09:19 - 2014-09-04 09:18 - 00022369 _____ () C:\Users\zuppy\Downloads\FRST.txt
2014-09-04 09:18 - 2014-09-04 09:18 - 00000000 ____D () C:\FRST
2014-09-04 09:18 - 2014-09-04 09:17 - 01096704 _____ (Farbar) C:\Users\zuppy\Downloads\FRST.exe
2014-09-04 09:16 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-04 09:16 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-04 09:15 - 2014-09-04 09:15 - 00000472 _____ () C:\Users\zuppy\Downloads\defogger_disable.log
2014-09-04 09:15 - 2014-09-04 09:15 - 00000000 _____ () C:\Users\zuppy\defogger_reenable
2014-09-04 09:15 - 2008-04-24 12:24 - 00000000 ____D () C:\Users\zuppy
2014-09-04 09:14 - 2014-09-04 09:14 - 00050477 _____ () C:\Users\zuppy\Downloads\Defogger.exe
2014-09-04 09:13 - 2014-08-17 12:08 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 09:10 - 2008-04-26 20:38 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\Skype
2014-09-04 08:48 - 2008-04-21 18:30 - 01869918 _____ () C:\Windows\WindowsUpdate.log
2014-09-04 08:39 - 2012-04-11 10:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-04 08:34 - 2014-08-17 12:08 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-04 08:32 - 2009-01-15 14:45 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-04 08:32 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-04 08:32 - 2006-11-02 14:47 - 03736840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-04 08:25 - 2006-11-02 15:01 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-03 19:08 - 2011-11-10 19:30 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Akamai
2014-09-03 19:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2014-09-03 19:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-09-03 19:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-09-03 19:08 - 2006-11-02 12:22 - 51118080 _____ () C:\Windows\system32\config\software_previous
2014-09-03 19:08 - 2006-11-02 12:22 - 34340864 _____ () C:\Windows\system32\config\system_previous
2014-09-03 18:57 - 2006-11-02 12:22 - 50331648 _____ () C:\Windows\system32\config\components_previous
2014-09-03 18:57 - 2006-11-02 12:22 - 00061440 _____ () C:\Windows\system32\config\sam_previous
2014-09-03 18:21 - 2014-01-23 18:55 - 00001893 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-09-03 18:21 - 2014-01-23 18:55 - 00001833 _____ () C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
2014-09-03 18:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\tracing
2014-08-29 12:49 - 2006-11-02 12:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-08-29 12:49 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-08-28 17:18 - 2008-12-07 15:38 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\EndNote
2014-08-28 17:18 - 2008-05-09 16:58 - 00000000 ____D () C:\Users\zuppy\Documents\Bewerbungen und Briefe
2014-08-28 16:26 - 2014-07-07 19:01 - 00000000 ____D () C:\Users\zuppy\Desktop\Bewerbungskram
2014-08-28 12:35 - 2014-08-28 12:35 - 00011740 _____ () C:\Users\zuppy\Downloads\Rechnung Svenja Hartwig (0013,14).xlsx
2014-08-23 03:03 - 2014-09-04 08:22 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-09-04 08:22 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-18 17:22 - 2013-05-31 14:30 - 00019456 _____ () C:\Users\zuppy\Documents\OP-Katalog Assistenten.xls
2014-08-18 14:38 - 2014-08-18 14:38 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\Oracle
2014-08-18 14:36 - 2014-08-18 14:36 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-18 14:36 - 2013-09-25 20:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-18 14:35 - 2014-08-18 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-18 14:34 - 2014-08-18 14:35 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-18 14:34 - 2014-08-18 14:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-18 14:34 - 2014-08-18 14:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-18 14:34 - 2014-08-18 14:35 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-18 14:34 - 2014-08-18 14:34 - 00000000 ____D () C:\Program Files\Java
2014-08-17 21:43 - 2013-12-02 18:43 - 02177536 _____ () C:\Users\zuppy\Documents\Route Zuppy2014.xls
2014-08-17 21:07 - 2014-08-17 21:07 - 00067342 _____ () C:\Users\zuppy\Downloads\vietnam visum
2014-08-17 19:08 - 2008-05-09 17:30 - 00000000 ____D () C:\Users\zuppy\Documents\Zuppys Sammelsorium
2014-08-17 14:50 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-17 13:35 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-17 13:23 - 2010-01-03 09:48 - 01567294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 13:11 - 2008-04-21 19:03 - 00445828 _____ () C:\Windows\PFRO.log
2014-08-17 13:09 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-17 12:10 - 2014-08-17 12:10 - 00001925 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-17 12:10 - 2014-08-17 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-17 12:09 - 2008-04-21 18:51 - 00000000 ____D () C:\Program Files\Google
2014-08-17 12:07 - 2014-08-17 12:07 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Deployment
2014-08-17 12:07 - 2014-08-17 12:07 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Apps\2.0
2014-08-17 11:55 - 2014-08-17 11:55 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\PDF Architect 2
2014-08-17 11:52 - 2013-08-10 21:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 11:51 - 2014-08-17 11:45 - 00000000 ____D () C:\Program Files\PDFCreator
2014-08-17 11:48 - 2014-08-17 11:48 - 00000784 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk
2014-08-17 11:48 - 2014-08-17 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2014-08-17 11:48 - 2014-08-17 11:47 - 00000000 ____D () C:\Program Files\PDF Architect 2
2014-08-17 11:47 - 2014-08-17 11:47 - 00000000 ____D () C:\Users\zuppy\Documents\PDF Architect 2
2014-08-17 11:47 - 2014-08-17 11:47 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-08-17 11:45 - 2014-08-17 11:45 - 00000790 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-08-17 11:45 - 2014-08-17 11:45 - 00000000 ____D () C:\Users\zuppy\AppData\Roaming\pdfforge
2014-08-17 11:45 - 2014-08-17 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-08-17 11:44 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-17 11:43 - 2014-08-17 11:42 - 27843432 _____ (pdfforge ) C:\Users\zuppy\Downloads\PDFCreator-1_7_3_setup.exe
2014-08-17 11:40 - 2014-08-17 11:40 - 00000000 _____ () C:\Users\zuppy\Downloads\SetupWordToPDF_237_v2.9.exe.28bypr0.partial
2014-08-14 14:46 - 2014-08-14 14:46 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-14 14:46 - 2008-04-26 18:22 - 00000000 ____D () C:\ProgramData\Skype
2014-08-12 18:39 - 2013-09-25 12:28 - 00003218 _____ () C:\Windows\setupact.log
2014-08-12 18:39 - 2008-04-26 18:24 - 00000000 ____D () C:\Users\zuppy\AppData\Local\Adobe
2014-08-10 08:46 - 2014-08-10 08:46 - 00001626 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-10 08:46 - 2014-08-10 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-10 08:46 - 2014-08-10 08:45 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-10 08:46 - 2010-04-03 08:03 - 00000000 ____D () C:\Program Files\iTunes
2014-08-10 08:45 - 2010-10-03 09:26 - 00000000 ____D () C:\Program Files\iPod
2014-08-10 08:45 - 2008-04-24 13:45 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-10 07:55 - 2008-07-21 13:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-08 09:14 - 2010-06-04 09:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-05 09:20 - 2009-10-03 01:38 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\ProgramData\ezsid.dat
C:\Users\zuppy\avira_antivir_personal_de.exe
C:\Users\zuppy\dell_support_center.exe
C:\Users\zuppy\DivXInstaller.exe
C:\Users\zuppy\JuniperSetupClientInstaller.exe
C:\Users\zuppy\server.dll
C:\Users\zuppy\uawin32.dll


Some content of TEMP:
====================
C:\Users\zuppy\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\zuppy\AppData\Local\Temp\avgnt.exe
C:\Users\zuppy\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\zuppy\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\zuppy\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\zuppy\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\zuppy\AppData\Local\Temp\ResetDevice.exe
C:\Users\zuppy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\zuppy\AppData\Local\Temp\_is4652.exe
C:\Users\zuppy\AppData\Local\Temp\_isB2F9.exe
C:\Users\zuppy\AppData\Local\Temp\_isD4CB.exe
C:\Users\zuppy\AppData\Local\Temp\_isF425.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-04 08:37

==================== End Of Log ============================


dditional scan result of Farbar Recovery Scan Tool (x86) Version: 03-09-2014
Ran by zuppy at 2014-09-04 09:20:04
Running from C:\Users\zuppy\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 8.3.1 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Pro Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Benutzerhandbuch (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite (HKLM\...\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}) (Version: 1.00 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J415W (HKLM\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J5910DW (HKLM\...\{830F55B6-4398-4B72-A0D8-66397B902C0E}) (Version: 1.1.1.0 - Brother Industries, Ltd.)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
Dell Handbuch zum Einstieg (HKLM\...\{FD023F61-65E9-465C-B558-7C64EB2B97E6}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.08100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.102.15.61 - Dell Inc.)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
EndNote X1 (HKLM\...\{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}) (Version: 11.0.0.2571 - Thomson ResearchSoft)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
Juniper Networks Network Connect 6.0.0 (HKLM\...\Juniper Network Connect 6.0.0) (Version: 6.0.0.14137 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\JuniperSetupClient) (Version: 1.1.0.0 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\JuniperSetupClient Activex Control) (Version: 1.1.0.0 - Juniper Networks)
Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.)
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2000 Disc 2 (HKLM\...\{00040407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{710BF966-43C8-4216-A8EC-BC4E169FF7C1}) (Version: 3.1.8.0 - Apple Inc.)
Modem-Diagnose-Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Architect 2 (HKLM\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 8.2.17 - Dell Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - )
Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
Samsung PC Studio (Version: 3.0.0.50903 - Samsung Electronics Co., Ltd.) Hidden
ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5207.0 - SigmaTel)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steuer Update 14.01 (Version: 14.01 - Lexware) Hidden
TAXMAN 2008 (Version: 14.00 - Lexware) Hidden
Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.0 (HKLM\...\Uninstall_is1) (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live installer (HKLM\...\{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}) (Version: 12.0.1471.1025 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-674920860-3319793373-282348367-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-674920860-3319793373-282348367-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)

==================== Restore Points =========================

03-09-2014 16:40:56 Windows Update
04-09-2014 06:21:14 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2009-07-17 13:17 - 00000759 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0095BE75-F80C-4DAD-8030-55BD325E1E71} - System32\Tasks\{3F3986D8-C83C-415C-9E00-98151FD048F5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.120/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered
Task: {111E33D8-AE44-4977-A944-DA3FE835755A} - System32\Tasks\AdobeAAMUpdater-1.0-Laptop-Zuppy-zuppy => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2D5822C8-BB73-4303-BA2E-4EF25B96311C} - System32\Tasks\{C1B4FB68-4F24-4758-B6B6-23A4C743B4C5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.112.210/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered
Task: {2E7A8485-0DE8-4992-A245-3444DCEE84F9} - System32\Tasks\{6F020FC3-4B8E-4BB4-A121-782D1A9285C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.116.210/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered
Task: {332A1E0B-2D95-4DE3-B779-FB51E049B858} - System32\Tasks\{8D88EE3E-5C40-4DC5-AC35-6CF9A0049944} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111.210/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chromeffered-installed;madedefault
Task: {332C1A39-B3AB-474D-A2E1-1FDC641F033D} - System32\Tasks\{777EABD7-0780-4196-9809-FE179DD174DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.112.210/de/abandoninstall?page=tsDownload&installinfo=google-toolbarffered-notinstalled,google-chrome:notoffered;toolbaroffered
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {621DF182-42D8-4650-8EAF-BB32F0D09DA9} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - zuppy => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {7850DF3C-415F-48F3-9653-795DA96D4603} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17] (Google Inc.)
Task: {7D7C5FCA-AD6A-4C65-97AB-09C36A896AED} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {88416C57-77BC-4801-9BF5-0E9F8528F810} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {9E1FB878-0BD8-4949-86EE-734FAF1868B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14] (Adobe Systems Incorporated)
Task: {AE2284DD-E5E7-408C-A1C4-D699987CC5A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DD498F21-3BFA-478A-914A-1DA8BCBF485F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {F7073345-06C8-47AF-965C-9C781BADADA5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-15] (AVAST Software)
Task: {FF8F1D98-9CC5-4741-8F1A-2204CA44A378} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-04-21 18:42 - 2007-03-21 21:33 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2008-04-21 18:42 - 2007-03-21 21:33 - 00065536 _____ () C:\Windows\System32\bcmwlrmt.dll
2014-01-23 18:53 - 2014-07-15 18:02 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-03 18:25 - 2014-09-03 18:25 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-07 12:30 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2008-04-24 13:01 - 2007-09-20 18:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-23 18:53 - 2014-07-15 18:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2014-08-17 12:10 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-17 12:10 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-17 12:10 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-17 12:10 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 06:10:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
Generatordaten werden gesammelt

Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {29420848-3613-409b-b2b3-864d4e3386aa}

Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\RETINA> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)


System errors:
=============
Error: (09/04/2014 08:32:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: adfs%%2

Error: (09/04/2014 08:32:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (09/04/2014 08:24:55 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (09/04/2014 08:16:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: adfs%%2

Error: (09/04/2014 08:16:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (09/03/2014 06:25:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86

Error: (09/03/2014 06:23:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: adfs%%2

Error: (09/03/2014 06:23:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (09/03/2014 06:18:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (09/03/2014 06:17:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update


Microsoft Office Sessions:
=========================
Error: (09/03/2014 06:10:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
Generatordaten werden gesammelt

Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {29420848-3613-409b-b2b3-864d4e3386aa}

Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES

Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES

Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS

Error: (08/14/2014 03:38:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK

Error: (08/14/2014 03:38:38 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\ZUPPY\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\RETINA


CodeIntegrity Errors:
===================================
Date: 2013-12-27 20:39:50.994
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:39:50.073
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:39:49.157
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:39:48.185
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:39:47.179
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:39:46.241
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:35:55.448
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:35:54.396
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:35:53.353
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-12-27 20:35:52.370
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz
Percentage of memory in use: 58%
Total physical RAM: 2037.31 MB
Available physical RAM: 849.41 MB
Total Pagefile: 4315.87 MB
Available Pagefile: 2831.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.15 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:136.46 GB) (Free:22.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.39 GB) NTFS
Drive g: () (Removable) (Total:1.92 GB) (Free:1.91 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: A0000000)
Partition 1: (Not Active) - (Size=94 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=136.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2.5 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

Themen zu acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht.
adware, akamai, antivirus, avira, bonjour, browser, cpu, desktop, error, fehler, flash player, google, home, iexplore.exe, mozilla, registry, rundll, scan, security, services.exe, software, svchost.exe, system, windows, wlan




Ähnliche Themen: acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht.


  1. Datei in System32/Drivers kann nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 24.04.2015 (7)
  2. Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 22.10.2014 (25)
  3. Infiziertes Windows wiederbers ? Laufwerk funktioniert nicht
    Alles rund um Windows - 06.12.2013 (4)
  4. Win 8, Entfernung von Popups,... und von DoSearches, nicht möglich!
    Plagegeister aller Art und deren Bekämpfung - 25.11.2013 (7)
  5. WIN 8 Booten von CD Laufwerk nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (10)
  6. system32\drivers\ wird unter 32bit shell nicht gelistet
    Alles rund um Windows - 07.01.2013 (1)
  7. CD/DVD-Laufwerk funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 13.10.2012 (1)
  8. AVG findet Rootkits in C:\Windows\System32\drivers und kann sie nicht entfernen
    Log-Analyse und Auswertung - 24.06.2012 (8)
  9. Nach entfernung von Virenbefall funktioniert Windows Installer nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (3)
  10. Problem mit Trojaner Virtumonde - Entfernung nicht möglich
    Log-Analyse und Auswertung - 25.04.2011 (24)
  11. HDDLOW auf PC! Entfernung funktioniert nicht!
    Plagegeister aller Art und deren Bekämpfung - 31.03.2011 (11)
  12. Datei in System32/Drivers kann nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (5)
  13. Backdoor BDS/Papras.GX - Entfernung nicht möglich
    Log-Analyse und Auswertung - 11.06.2010 (1)
  14. Rootkit.Agent bringe ich nicht los C:\Windows\system32\Drivers\rlmij.sys
    Plagegeister aller Art und deren Bekämpfung - 24.05.2010 (12)
  15. DVD-Laufwerk funktioniert nicht mehr richtig
    Netzwerk und Hardware - 19.05.2010 (3)
  16. IE funktioniert nach gewisser Zeit nicht mehr, Task-Manager-Start nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 28.09.2008 (3)
  17. Java funktioniert nicht, deinstallation nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 04.09.2008 (4)

Zum Thema acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht. - Hallo! Beim Virenscan mit Avast kommt die Meldung über eine Bedrohung und zwar Win32:evo-gen in C:\windows\system32\drivers\acedrv01.sys. Wenn ich die empfohlene Aktion ausführe (in Virencontainer schieben, Datei löschen) und dann nach - acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht....
Archiv
Du betrachtest: acedrv01-03 sys in C:\windows\system32\drivers\acedrv01.sys, Entfernung nicht möglich, CD Laufwerk funktioniert nicht. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.