Alles rund um Windows: CMD.exe blinkt nur kurz auf und schließt wieder
Problem: CMD.exe blinkt nur kurz auf und schließt wieder Hey Leute wollte grad CMD.exe öffnen aber es schließt sofort wieder . Habe Windows 7 Wäre nett wenn ihr mir helfen könntet danke im Voraus
CMD.exe blinkt nur kurz auf und schließt wieder Anleitung / Hilfe Hi,
__________________beschreib bitte genau was du machst.
CMD.exe blinkt nur kurz auf und schließt wieder Details Also ich gebe unten bei Windows 7 bei Start CMD ein damit sich eig. Die Eingabeaufforderung öffnet. Aber das Fenster blinkt nur kurz auf und schließt wieder
Lösung: CMD.exe blinkt nur kurz auf und schließt wieder Drück mal Windows-Taste+R, dann CMD reinschreiben und Enter. Oder Start > alle Programme > Systemprogramme > Eingabeaufforderung.
Wie CMD.exe blinkt nur kurz auf und schließt wieder Passiert wieder das gleiche das CMD Fenster blinkt nur kurz auf und schließt wieder.
Wo CMD.exe blinkt nur kurz auf und schließt wieder Lösung! hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
CMD.exe blinkt nur kurz auf und schließt wieder hey, Danke habe alles erledigt weiss nur nicht wie ich die dateien hier posten kann
CMD.exe blinkt nur kurz auf und schließt wieder
dann wollen wir mal von schrauber seinen Hinweis Dir zur Unterstützung senden. "So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor: Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C. Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke . Setze den Curser zwischen die CODE-Tags und drücke STRG+V. Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten." Hoffe es ist für Dich verständlich. Lg JF
CMD.exe blinkt nur kurz auf und schließt wieder danke Und hier nochmal mit Bildchen: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
CMD.exe blinkt nur kurz auf und schließt wieder [gelöst] FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02 Ran by Ali (administrator) on PC on 13-10-2014 22:33:36 Running from C:\Users\Ali\Downloads Loaded Profile: Ali (Available profiles: Ali) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\stacsv64.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe () C:\Windows\System32\DlProtectSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Microsoft Corporation) C:\Windows\System32\dllhost.exe (APN LLC.) C:\Users\Ali\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe (APN LLC.) C:\Users\Ali\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe () C:\Windows\System32\mfmjqegdec.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe (LULU Software) C:\Program Files (x86)\Soda PDF 5\ConversionService.exe () C:\Program Files (x86)\Tor\tor.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe () C:\Program Files (x86)\Opera\24.0.1558.64\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [456192 2009-08-13] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated) HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [101694776 2014-09-15] (Microsoft Corporation) HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.) HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-09-22] (APN) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Run: [NvCplDaemonTool] => rundll32.exe HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [3872080 2010-04-16] (Microsoft Corporation) HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company) HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59280 2012-08-29] (Apple Inc.) HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard) HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59280 2012-09-10] (Apple Inc.) HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\MountPoints2: {a19fe4c0-ade9-11df-9986-806e6f6e6963} - F:\Autorun.exe HKU\S-1-5-21-894228880-3332534058-2322090658-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation) Startup: C:\Users\Ali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11406&pf=V7&trgb=IE&p2=%5EBBE%5EOSJ000%5EYY%5EDE&gct=hp&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=Launcher.exe_0_20.0.1387.91&apn_uid=94983868-347B-4D31-B0A8-AC862CDC2D6A&itbv= HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5DA21AA9B13FCB01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de SearchScopes: HKLM - DefaultScope {63CC86D7-A923-408C-98AD-8ABDC2B809C0} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {63CC86D7-A923-408C-98AD-8ABDC2B809C0} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {63CC86D7-A923-408C-98AD-8ABDC2B809C0} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.7&ts=1378895843613.000009&tguid=66920-6787-1378895843613-9784823C5CB4BFDF19B4B2FC702635C4&q={searchTerms} SearchScopes: HKCU - {22B65E55-4D40-411E-A464-EEEF799B8079} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EDE&gct=&itbv={searchTerms}&psv= SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = BHO: SmmarrtCompare -> {7028435E-7E11-F502-F0C5-2C6DC4ADBB18} -> C:\ProgramData\SmmarrtCompare\TF.x64.dll No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{9120F2C7-DC5A-4AB4-8A8F-D59409A793D9}\{CEDFEAAB-41A6-4842-820A-044E6BF49C40}.bin (Download Protect) BHO: easytoshop -> {C98E3512-E6F6-47B8-B833-84525EE54AD4} -> C:\ProgramData\easytoshop\EC.x64.dll No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: saVerneett -> {FB674FA3-EAF4-3287-1360-76B5AB9B5C76} -> C:\ProgramData\saVerneett\mq.x64.dll No File BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO-x32: SmmarrtCompare -> {7028435E-7E11-F502-F0C5-2C6DC4ADBB18} -> C:\ProgramData\SmmarrtCompare\TF.dll No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files (x86)\{AA90D71A-A4FA-4AA6-9212-553836AFAB9B}\{8EBFAC06-A6DB-4EE8-9F0D-A6BA6F527AD4}.bin (Download Protect) BHO-x32: Soda PDF 5 IE Helper -> {C737F472-1193-4281-BF53-A00B67AB3E19} -> C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software) BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent64.dll (soft Xpansion) Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.) Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software) Toolbar: HKLM-x32 - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion) Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-11-09] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll No File FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin HKCU: @coreonline.com/run3d,version=1.0 -> C:\Users\Ali\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-24] FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext [2012-11-03] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-04] FF HKLM-x32\...\Firefox\Extensions: [{FB6F591A-61A3-40F8-8D61-D34BE391A0A6}] - C:\Windows\Installer\{59D60946-105A-433E-9DE7-0BE0595193FD}\{FB6F591A-61A3-40F8-8D61-D34BE391A0A6}.xpi FF Extension: Download Protect - C:\Windows\Installer\{59D60946-105A-433E-9DE7-0BE0595193FD}\{FB6F591A-61A3-40F8-8D61-D34BE391A0A6}.xpi [2014-10-13] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll () CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll () CHR Plugin: (Babylon ToolBar) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\BabylonChromeToolBar.dll No File CHR Plugin: (Application Manager) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (Gutscheinmieze-Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll No File CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll No File CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Square Enix Secure Launcher) - C:\Users\Ali\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Download Protect) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbajebpgoheckgkoibgoaghaeimihape [2014-10-09] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-08] CHR Extension: (YouTube) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-03] CHR Extension: (Google-Suche) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-03] CHR Extension: (Google Wallet) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01] CHR Extension: (Google Mail) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-03] CHR Extension: (SmmarrtCompare) - C:\ProgramData\okjcahkbijkiancdefijchnhhmepcija\ [2012-11-03] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-09] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-09] (Avira Operations GmbH & Co. KG) R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-22] (APN LLC.) R2 DlProtectSvc; C:\Windows\System32\DlProtectSvc.exe [126976 2014-04-17] () [File not signed] R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed] R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [File not signed] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed] S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 rdrlfakdiag; C:\Windows\system32\mfmjqegdec.exe [118784 2014-04-17] () [File not signed] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] () S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [615936 2010-06-14] (Nokia) [File not signed] R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1364824 2012-10-24] (LULU Software) R2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [905560 2012-10-24] (LULU Software) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe [240640 2009-08-13] (IDT, Inc.) R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-09] () [File not signed] S4 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-09] (Avira GmbH) S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-15] (AVG Technologies) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-09] (Avira GmbH) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-12-15] (Avira GmbH) R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-13] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.) S1 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-01-07] () [File not signed] S3 nmwcdcx64; system32\drivers\ccdcmbox64.sys [X] S3 nmwcdx64; system32\drivers\ccdcmbx64.sys [X] S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X] S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltx64j.sys [X] S1 zephmcoa; \??\C:\Windows\system32\drivers\zephmcoa.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-13 22:33 - 2014-10-13 22:34 - 00029129 _____ () C:\Users\Ali\Downloads\FRST.txt 2014-10-13 22:33 - 2014-10-13 22:33 - 00000000 ____D () C:\FRST 2014-10-13 22:32 - 2014-10-13 22:33 - 02110464 _____ (Farbar) C:\Users\Ali\Downloads\FRST64.exe 2014-10-13 22:32 - 2014-10-13 22:32 - 01101824 _____ (Farbar) C:\Users\Ali\Downloads\FRST.exe 2014-10-13 22:25 - 2014-10-13 22:25 - 00000000 ____D () C:\Program Files\{9120F2C7-DC5A-4AB4-8A8F-D59409A793D9} 2014-10-13 22:25 - 2014-10-13 22:25 - 00000000 ____D () C:\Program Files (x86)\{AA90D71A-A4FA-4AA6-9212-553836AFAB9B} 2014-10-10 14:11 - 2014-10-10 14:12 - 00000000 ____D () C:\Windows\pss 2014-10-10 13:58 - 2014-10-13 12:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-10 13:58 - 2014-10-10 13:58 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-10 13:58 - 2014-10-10 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-10 13:58 - 2014-10-10 13:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-10 13:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-10 13:58 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-10 13:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-10 13:57 - 2014-10-10 13:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ali\Downloads\mbam-setup- (1).exe 2014-10-10 13:56 - 2014-10-10 13:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ali\Downloads\mbam-setup- 2014-10-10 13:21 - 2014-10-10 14:23 - 00000000 ____D () C:\Program Files\{860B872C-D118-4B58-9CD9-F2802B25A1AC} 2014-10-10 13:21 - 2014-10-10 14:23 - 00000000 ____D () C:\Program Files (x86)\{686F595D-16EF-4FA7-AD82-6A218799F203} 2014-10-09 14:19 - 2014-10-09 14:19 - 00000082 ____H () C:\Users\Ali\Downloads\.~lock.Personalfragebogen für Auszubildende nach AGG (2).doc# 2014-10-09 13:08 - 2014-10-10 13:34 - 00000000 ____D () C:\Users\Ali\Desktop\Chemikant 2014-10-09 13:01 - 2014-10-10 13:03 - 00000000 ____D () C:\Program Files\{45854B62-D2EB-471F-AD85-0E1D7BABB5BA} 2014-10-08 16:10 - 2014-10-08 16:10 - 00000082 ____H () C:\Users\Ali\Downloads\.~lock.Personalfragebogen für Auszubildende nach AGG (1).doc# 2014-10-08 13:40 - 2014-10-08 13:40 - 00051925 _____ () C:\Users\Ali\Desktop\kaufmann ali lebenslauf neu.odt 2014-10-08 13:40 - 2014-10-08 13:40 - 00000082 ____H () C:\Users\Ali\Desktop\.~lock.kaufmann ali lebenslauf neu.odt# 2014-10-07 10:04 - 2014-10-07 14:29 - 00000000 ____D () C:\Program Files\{F853DC9C-D6C8-4A71-92F4-23F64A39B8A7} 2014-10-05 14:08 - 2014-10-07 16:58 - 00022750 _____ () C:\Users\Ali\Desktop\chemiekant muster.odt 2014-10-05 14:08 - 2014-10-07 16:58 - 00000082 ____H () C:\Users\Ali\Desktop\.~lock.chemiekant muster.odt# 2014-10-05 13:27 - 2014-10-05 13:42 - 00051486 _____ () C:\Users\Ali\Desktop\chemiekant lebenslauuf.odt 2014-10-05 12:54 - 2014-10-05 13:24 - 00051668 _____ () C:\Users\Ali\Desktop\Unbenannt 1.odt 2014-09-30 23:55 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-09-30 23:55 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-24 11:43 - 2014-09-24 11:43 - 00000000 ____D () C:\ProgramData\Free Download Manager 2014-09-24 11:42 - 2014-10-06 10:56 - 00000000 ____D () C:\Users\Ali\AppData\Roaming\Free Download Manager 2014-09-24 11:42 - 2014-09-24 11:42 - 00001027 _____ () C:\Users\Ali\Desktop\Free Download Manager.lnk 2014-09-24 11:42 - 2014-09-24 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager 2014-09-24 11:41 - 2014-09-24 11:42 - 00000000 ____D () C:\Program Files (x86)\Free Download Manager 2014-09-24 11:35 - 2014-09-24 11:37 - 07830845 _____ (FreeDownloadManager.ORG ) C:\Users\Ali\Desktop\fdminst- 2014-09-23 22:40 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-23 22:40 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-15 03:15 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-15 03:15 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-15 03:15 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-15 03:15 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-15 03:15 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-15 03:15 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-15 03:15 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-15 03:15 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-15 03:15 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-15 03:15 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-15 03:15 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-15 03:15 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-15 03:15 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-15 03:15 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-15 03:15 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-15 03:15 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-15 03:15 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-15 03:15 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-15 03:15 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-15 03:15 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-15 03:15 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-15 03:15 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-15 03:15 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-15 03:15 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-15 03:15 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-15 03:15 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-15 03:15 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-15 03:15 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-15 03:15 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-15 03:15 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-15 03:15 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-15 03:15 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-15 03:15 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-15 03:15 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-15 03:15 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-15 03:15 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-15 03:15 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-15 03:15 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-15 03:15 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-15 03:15 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-15 03:15 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-15 03:15 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-15 03:15 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-15 03:15 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-15 03:15 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-15 03:15 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-15 03:15 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-15 03:15 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-15 03:15 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-15 03:15 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-15 03:15 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-15 03:15 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-15 03:15 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-15 03:14 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-15 03:14 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-15 03:14 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-15 03:01 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-15 03:01 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-14 12:10 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-14 12:10 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-14 12:05 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-14 12:05 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-14 12:05 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-14 12:05 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-14 12:05 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-14 12:05 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-14 12:05 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-14 12:04 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-14 12:04 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-13 22:31 - 2009-07-14 06:45 - 00025968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-13 22:31 - 2009-07-14 06:45 - 00025968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-13 22:27 - 2009-11-05 02:32 - 02042046 _____ () C:\Windows\WindowsUpdate.log 2014-10-13 22:26 - 2012-11-03 15:00 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-13 22:25 - 2014-02-01 05:17 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-10-13 22:25 - 2013-06-03 09:20 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2014-10-13 22:25 - 2012-11-03 15:00 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-13 22:23 - 2011-04-03 03:38 - 00089077 _____ () C:\Windows\setupact.log 2014-10-13 22:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-13 21:54 - 2014-02-14 01:54 - 00000284 _____ () C:\Windows\Tasks\Digital Sites.job 2014-10-12 13:25 - 2010-06-19 22:45 - 00000000 ____D () C:\Users\Ali\AppData\Roaming\Skype 2014-10-10 23:31 - 2011-05-07 13:50 - 00303994 _____ () C:\Windows\PFRO.log 2014-10-10 14:23 - 2014-08-07 15:05 - 00000000 ____D () C:\Program Files (x86)\{0E9501A3-2175-40C7-B4E6-3829374960EC} 2014-10-10 14:23 - 2014-08-07 15:04 - 00000000 ____D () C:\Program Files\{8687AC91-A666-489D-B82D-5F526511AD7C} 2014-10-10 14:23 - 2014-07-31 00:51 - 00000000 ____D () C:\Program Files\{CE8E0FC4-5CE8-4CF8-80DE-74F8C1CB889E} 2014-10-10 14:23 - 2014-07-31 00:51 - 00000000 ____D () C:\Program Files (x86)\{2A4EBA66-F909-4126-AA3E-FA685B62EA81} 2014-10-10 14:23 - 2014-02-01 05:18 - 00000000 ____D () C:\ProgramData\PDFVieweur 2014-10-10 13:58 - 2014-03-04 23:41 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-10 13:34 - 2013-11-20 15:06 - 00000000 ____D () C:\Users\Ali\Desktop\Alt 2014-10-09 14:17 - 2010-07-05 23:27 - 00002982 _____ () C:\Users\Ali\AppData\Roaming\wklnhst.dat 2014-10-09 14:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-10-08 10:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-07 00:44 - 2014-06-17 13:32 - 00000000 ____D () C:\Users\Ali\Desktop\Aktuell Bewerbungen 2014-09-27 05:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-26 15:57 - 2014-09-03 02:04 - 00003842 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1397689657 2014-09-26 15:57 - 2014-04-17 01:07 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-15 09:06 - 2010-06-19 15:26 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-15 03:13 - 2014-01-29 04:08 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-15 03:13 - 2009-11-09 21:55 - 00699682 _____ () C:\Windows\system32\perfh007.dat 2014-09-15 03:13 - 2009-11-09 21:55 - 00149790 _____ () C:\Windows\system32\perfc007.dat 2014-09-15 03:13 - 2009-07-14 07:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-15 03:02 - 2013-07-16 03:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-15 03:02 - 2011-02-16 21:13 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-15 03:00 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel Some content of TEMP: ==================== C:\Users\Ali\AppData\Local\Temp\APNSetup.exe C:\Users\Ali\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-06 00:58 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02 Ran by Ali at 2014-10-13 22:35:04 Running from C:\Users\Ali\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Disabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Disabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky) ActiveCheck component for HP Active Support Library (x32 Version: - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: - Adobe Systems Inc.) Adobe AIR (x32 Version: - Adobe Systems Inc.) Hidden Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated) Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated) Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.) Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: - Apple Inc.) Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C1101}) (Version: - APN, LLC) <==== ATTENTION Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: - Apple Inc.) BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden Cisco Systems VPN Client (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.) CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.) Hidden CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3325 - CyberLink Corp.) CyberLink MediaShow (x32 Version: 4.1.3325 - CyberLink Corp.) Hidden CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: - CyberLink Corp.) CyberLink PowerDVD 8 (x32 Version: - CyberLink Corp.) Hidden CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.) CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) Hidden D1600 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: - DivX, Inc. ) DJ_SF_06_D1600_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Download Protect (HKCU\...\{132401a7-2006-4342-b43c-ccf5f02c2b01}) (Version: - Download Protect) ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - ) FoxyDeal (HKLM-x32\...\FoxyDeal) (Version: 1.1.0 - R&E Media GmbH) Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG) Free Pdf Perfect Prereq (HKLM-x32\...\{8a8f0ec0-a24b-4eb8-b811-2cf05c4d1c85}) (Version: - Covus Freemium GmbH) Free Pdf Perfect Prereq (x32 Version: - Covus Freemium GmbH) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Update Helper (x32 Version: - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard) HP Customer Experience Enhancements (x32 Version: - Hewlett-Packard) Hidden HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Deskjet D1600 Printer Driver Software 13.0 Rel .6 (HKLM\...\{2CD0168D-FBBC-4667-8810-105CB6EC6348}) (Version: 13.0 - HP) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: - WildTangent) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: - Hewlett-Packard) HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Support Assistant (HKLM-x32\...\{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}) (Version: - Hewlett-Packard) HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: - Hewlett-Packard) HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard) HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: - Hewlett-Packard) HPAsset component for HP Active Support Library (x32 Version: - Hewlett-Packard) Hidden HPPhotoGadget (x32 Version: - Hewlett-Packard) Hidden hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden iCloud (HKLM\...\{4BC310C4-B898-46E2-B5FB-B85A30AA7142}) (Version: - Apple Inc.) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6230.0 - IDT) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) ipswDownloader 1.5 (HKLM-x32\...\ipswDownloader) (Version: 1.5 - Sergey 'iOrange' Kudlay) iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: - Apple Inc.) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle) Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: - Sun Microsystems, Inc.) Hidden Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden K-Lite Codec Pack 6.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.2.0 - ) LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: - LightScribe) Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS) Malwarebytes Anti-Malware Version (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: - Malwarebytes Corporation) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (x32 Version: - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 Design Tools DEU (HKLM-x32\...\{E32260E7-0B10-43C7-9B77-AB9F4184676D}) (Version: 3.5.5386.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 DEU (HKLM-x32\...\{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}) (Version: 3.5.5386.0 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual Basic 2008 Express Edition - DEU (HKLM-x32\...\Microsoft Visual Basic 2008 Express Edition - DEU) (Version: - Microsoft Corporation) Microsoft Visual Basic 2008 Express Edition - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}) (Version: 3.5.21022 - Microsoft) Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) MiPony 2.0.2 (HKLM-x32\...\MiPony) (Version: 2.0.2 - ) MSVC80_x64_v2 (Version: - Nokia) Hidden MSVC80_x86_v2 (x32 Version: - Nokia) Hidden MSVC90_x64 (Version: - Nokia) Hidden MSVC90_x86 (x32 Version: - Nokia) Hidden MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: - muvee Technologies Pte Ltd) ODF Add-In für Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team) OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA) PC Connectivity Solution (HKLM-x32\...\{45DF6D99-666D-41FA-8D62-0E183B6240F3}) (Version: - Nokia) PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: - pdfforge GmbH) PDF Reader Packages (HKCU\...\PDF Reader Packages) (Version: - ) <==== ATTENTION PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge) Plants vs. Zombies - Game of the Year (x32 Version: - WildTangent) Hidden PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.) Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.) PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden Protegere (HKLM-x32\...\Protegere) (Version: - ) QLBCASL (x32 Version: - Hewlett-Packard) Hidden Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden scilab-5.3.2 (64-bit) (HKLM\...\scilab-5.3.2 (64-bit)_is1) (Version: - DIGITEO) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Snap.Do (HKLM-x32\...\{E5A86F9E-CCC8-4417-B8B1-5A4A89B2E025}) (Version: - ReSoft Ltd.) <==== ATTENTION Snap.Do Engine (HKCU\...\{31dad11c-55ff-41cd-afa8-be7bda5b3722}) (Version: - ReSoft Ltd.) <==== ATTENTION Soda PDF 5 (HKLM-x32\...\{D7B38FE9-07F8-4E65-98A1-7C71D03174F7}) (Version: - LULU Software) SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Square Enix Secure Launcher (HKCU\...\Square Enix Secure Launcher) (Version: - Square Enix) Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: - Synaptics Incorporated) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden WebReg (x32 Version: - Hewlett-Packard) Hidden WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: - WildTangent) WildTangent Games App (x32 Version: - WildTangent) Hidden WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: - WildTangent) Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Utils (HKLM-x32\...\Windows Utils) (Version: - ) Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 - Nokia) WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Wondershare PDF Editor(Build 3.2.1) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: - Wondershare Software Co.,Ltd.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 22-09-2014 08:27:12 Windows-Sicherung 23-09-2014 20:40:40 Windows Update 24-09-2014 08:42:35 Windows Update 29-09-2014 08:03:46 Windows-Sicherung 30-09-2014 21:55:08 Windows Update 01-10-2014 01:00:13 Windows Update 05-10-2014 08:12:57 Windows Update 06-10-2014 08:06:16 Windows-Sicherung 08-10-2014 13:26:35 Windows Update 13-10-2014 10:27:03 Windows-Sicherung ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {00954C82-4F0D-4155-BB75-585B4BA733F1} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION Task: {21012270-92F3-436E-8F76-6F5AFE81A649} - System32\Tasks\Opera scheduled Autoupdate 1397689657 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software) Task: {3214ABA2-FE7A-4963-A989-0007D9A70DD4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {3373BFB9-1074-4222-91B5-6A2F279B9BA1} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{415A28DA-01A3-4A3B-852E-04312A679731}.exe Task: {358759D6-AFB8-4B7D-877E-AE928976496A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-03] (Google Inc.) Task: {523CCD67-2C0D-4681-A85B-E86A3554B7C0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {5E662098-3B5D-47DA-B913-C7EE6EB5DCA4} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe [2009-01-08] (Adobe Systems Incorporated) Task: {6127C38B-DA61-4389-827B-5D686A801834} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => C:\Program Files\Java\jre6\bin\jusched.exe Task: {6C70DFEF-C9FE-46D3-8118-7C6683255E49} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-03] (Google Inc.) Task: {8AEE9058-4686-4206-961B-547FE0ACFFFF} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-06-03] () Task: {8BA0E041-A9D5-4BF6-8DF5-05B48DCDAEC7} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION Task: {A3AFD5FE-D936-498F-A467-EB94B5C74084} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard) Task: {A6F51FD9-EFF7-4626-9B46-EDDACD913FFF} - \DigitalSite No Task File <==== ATTENTION Task: {AD821E8C-F7EC-4105-8C1B-A2A01BCD4DB9} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08] (Hewlett-Packard) Task: {C223A856-48BA-468B-81DA-98BA6153FA65} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] () Task: {C483CA74-F8AE-4C5A-9421-B8A6ED07FAC1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {CADD3968-B775-4161-89BB-78D514077973} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard) Task: {D27834A1-B1EF-43BB-A897-06C7F37D0DB0} - System32\Tasks\Digital Sites => C:\Users\Ali\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {E27E9E84-F7F7-4749-9F16-9DA9F2C7E531} - \Browser Manager No Task File <==== ATTENTION Task: {E391FFD7-A065-41FF-9111-C2D6CE67B578} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E75BDF56-F78A-4FB1-9084-99A7437C5DA8} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] () Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{415A28DA-01A3-4A3B-852E-04312A679731}.exe Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Ali\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-17 01:03 - 2014-04-17 01:03 - 00126976 _____ () C:\Windows\System32\DlProtectSvc.exe 2014-04-17 01:03 - 2014-04-17 01:03 - 00118784 _____ () C:\Windows\system32\mfmjqegdec.exe 2009-11-09 15:02 - 2009-07-06 21:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2013-08-20 02:40 - 2013-09-09 12:46 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe 2010-08-02 19:31 - 2009-08-11 21:22 - 00580096 _____ () C:\Windows\system32\ac3filter64.acm 2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe 2014-09-26 15:57 - 2014-09-26 15:57 - 01372280 _____ () C:\Program Files (x86)\Opera\24.0.1558.64\opera_crashreporter.exe 2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll 2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll 2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll 2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2009-09-29 16:25 - 2009-09-29 16:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll 2009-09-29 16:25 - 2009-09-29 16:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll 2009-09-29 16:25 - 2009-09-29 16:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll 2009-09-29 16:25 - 2009-09-29 16:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll 2009-09-29 16:25 - 2009-09-29 16:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll 2009-09-29 16:25 - 2009-09-29 16:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll 2009-09-29 16:25 - 2009-09-29 16:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll 2009-09-29 16:25 - 2009-09-29 16:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll 2011-01-17 16:19 - 2011-08-24 18:10 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2014-09-26 15:57 - 2014-09-26 15:57 - 01378936 _____ () C:\Program Files (x86)\Opera\24.0.1558.64\libglesv2.dll 2014-09-26 15:57 - 2014-09-26 15:57 - 00182392 _____ () C:\Program Files (x86)\Opera\24.0.1558.64\libegl.dll 2014-09-26 15:57 - 2014-09-26 15:57 - 00974968 _____ () C:\Program Files (x86)\Opera\24.0.1558.64\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:373E1720 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-894228880-3332534058-2322090658-500 - Administrator - Disabled) Ali (S-1-5-21-894228880-3332534058-2322090658-1001 - Administrator - Enabled) => C:\Users\Ali Gast (S-1-5-21-894228880-3332534058-2322090658-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-894228880-3332534058-2322090658-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (10/13/2014 10:24:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version:, Zeitstempel: 0x5318d363 Name des fehlerhaften Moduls: mbamservice.exe, Version:, Zeitstempel: 0x5318d363 Ausnahmecode: 0x40000015 Fehleroffset: 0x0007da8a ID des fehlerhaften Prozesses: 0xb64 Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0 Pfad der fehlerhaften Anwendung: mbamservice.exe1 Pfad des fehlerhaften Moduls: mbamservice.exe2 Berichtskennung: mbamservice.exe3 Error: (10/13/2014 10:23:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version:, Zeitstempel: 0x5339cec3 Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e Ausnahmecode: 0x40000015 Fehleroffset: 0x0008d6fd ID des fehlerhaften Prozesses: 0x6ec Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0 Pfad der fehlerhaften Anwendung: mbamscheduler.exe1 Pfad des fehlerhaften Moduls: mbamscheduler.exe2 Berichtskennung: mbamscheduler.exe3 Error: (10/13/2014 02:06:29 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8876 Error: (10/13/2014 02:06:29 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8876 Error: (10/13/2014 02:06:29 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/13/2014 02:06:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7878 Error: (10/13/2014 02:06:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7878 Error: (10/13/2014 02:06:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/13/2014 02:06:27 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6864 Error: (10/13/2014 02:06:27 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6864 System errors: ============= Error: (10/13/2014 10:24:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/13/2014 10:23:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (10/13/2014 10:23:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht. Error: (10/13/2014 10:23:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Avira Echtzeit Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (10/13/2014 10:23:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit Scanner erreicht. Error: (10/13/2014 10:23:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (10/13/2014 10:23:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht. Error: (10/13/2014 10:23:18 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 13.10.2014 um 22:22:14 unerwartet heruntergefahren. Error: (10/13/2014 09:22:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (10/13/2014 00:19:33 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {4991D34B-80A1-4291-83B6-3328366B9097} Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Percentage of memory in use: 53% Total physical RAM: 3998.93 MB Available physical RAM: 1866.09 MB Total Pagefile: 7996.03 MB Available Pagefile: 5562.25 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:285.21 GB) (Free:98.85 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:12.68 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 11C88990) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=285.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
CMD.exe blinkt nur kurz auf und schließt wieder [gelöst] Lade Dir bitte von hier
Scan mit Combofix
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
CMD.exe blinkt nur kurz auf und schließt wieder [gelöst]Code:
ATTFilter ComboFix 14-10-15.01 - Ali 15.10.2014 23:13:57.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3999.2480 [GMT 2:00] ausgeführt von:: C:\Users\Ali\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) C:\install.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ((((((((((((((((((((((( Dateien erstellt von 2014-09-15 bis 2014-10-15 )))))))))))))))))))))))))))))) 2014-10-15 21:23:19 . 2014-10-15 21:23:19 -------- d-----w- C:\Users\Default\AppData\Local\temp 2014-10-15 20:38:22 . 2014-10-15 20:38:22 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2014-10-15 12:38:07 . 2014-10-15 12:38:07 -------- d-----w- C:\Program Files (x86)\{74CE1B8C-8250-4AF6-89B2-29617B3C5303} 2014-10-15 12:37:58 . 2014-10-15 12:37:59 -------- d-----w- C:\Program Files\{A2213132-053F-488F-B379-694BC9A946B0} 2014-10-15 02:05:34 . 2014-09-09 02:05:58 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1E6D2C61-07B6-4ADB-B3B2-70BD0E472744}\mpengine.dll 2014-10-13 20:33:18 . 2014-10-13 20:35:48 -------- d-----w- C:\FRST 2014-10-10 11:58:55 . 2014-10-13 10:32:43 122584 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-10-10 11:58:15 . 2014-05-12 05:26:10 63704 ----a-w- C:\Windows\system32\drivers\mwac.sys 2014-10-10 11:58:15 . 2014-05-12 05:26:00 91352 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys 2014-10-10 11:58:15 . 2014-05-12 05:25:56 25816 ----a-w- C:\Windows\system32\drivers\mbam.sys 2014-10-10 11:58:14 . 2014-10-10 11:58:17 -------- d-----w- C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-10 11:21:03 . 2014-10-10 12:23:37 -------- d-----w- C:\Program Files (x86)\{686F595D-16EF-4FA7-AD82-6A218799F203} 2014-10-10 11:21:01 . 2014-10-10 12:23:37 -------- d-----w- C:\Program Files\{860B872C-D118-4B58-9CD9-F2802B25A1AC} 2014-10-09 11:01:19 . 2014-10-10 11:03:20 -------- d-----w- C:\Program Files\{45854B62-D2EB-471F-AD85-0E1D7BABB5BA} 2014-10-08 23:07:14 . 2014-10-08 23:07:14 893552 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2014-10-08 23:06:48 . 2014-10-08 23:06:48 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2014-10-07 08:04:51 . 2014-10-07 12:29:28 -------- d-----w- C:\Program Files\{F853DC9C-D6C8-4A71-92F4-23F64A39B8A7} 2014-09-30 21:55:02 . 2014-09-25 02:08:38 371712 ----a-w- C:\Windows\system32\qdvd.dll 2014-09-30 21:55:01 . 2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll 2014-09-24 09:43:35 . 2014-09-24 09:43:35 -------- d-----w- C:\ProgramData\Free Download Manager 2014-09-24 09:42:43 . 2014-10-06 08:56:23 -------- d-----w- C:\Users\Ali\AppData\Roaming\Free Download Manager 2014-09-24 09:41:58 . 2014-09-24 09:42:00 -------- d-----w- C:\Program Files (x86)\Free Download Manager 2014-09-23 20:40:45 . 2014-09-09 22:11:04 2048 ----a-w- C:\Windows\system32\tzres.dll 2014-09-23 20:40:45 . 2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) 2014-10-08 23:06:44 . 2010-11-16 20:46:27 1236816 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2014-09-15 07:06:02 . 2010-06-19 13:26:10 278152 ------w- C:\Windows\system32\MpSigStub.exe 2014-09-15 01:02:07 . 2011-02-16 19:13:39 101694776 ----a-w- C:\Windows\system32\MRT.exe 2014-09-05 02:10:43 . 2014-09-14 10:04:25 578048 ----a-w- C:\Windows\system32\aepdu.dll 2014-09-05 02:05:42 . 2014-09-14 10:04:25 424448 ----a-w- C:\Windows\system32\aeinv.dll 2014-08-23 02:07:00 . 2014-08-27 22:38:42 404480 ----a-w- C:\Windows\system32\gdi32.dll 2014-08-23 01:45:55 . 2014-08-27 22:38:42 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll 2014-08-23 00:59:01 . 2014-08-27 22:38:43 3163648 ----a-w- C:\Windows\system32\win32k.sys 2014-08-19 18:05:24 . 2014-09-15 01:15:07 374968 ----a-w- C:\Windows\system32\iedkcs32.dll 2014-08-18 23:01:00 . 2014-09-15 01:15:05 23591424 ----a-w- C:\Windows\system32\mshtml.dll 2014-08-18 22:29:49 . 2014-09-15 01:15:11 2724864 ----a-w- C:\Windows\system32\mshtml.tlb 2014-08-18 22:29:35 . 2014-09-15 01:15:10 4096 ----a-w- C:\Windows\system32\ieetwcollectorres.dll 2014-08-18 22:20:17 . 2014-09-15 01:15:02 2793984 ----a-w- C:\Windows\system32\iertutil.dll 2014-08-18 22:19:53 . 2014-09-15 01:15:01 5833728 ----a-w- C:\Windows\system32\jscript9.dll 2014-08-18 22:15:34 . 2014-09-15 01:15:09 547328 ----a-w- C:\Windows\system32\vbscript.dll 2014-08-18 22:15:09 . 2014-09-15 01:15:08 66048 ----a-w- C:\Windows\system32\iesetup.dll 2014-08-18 22:14:38 . 2014-09-15 01:15:05 48640 ----a-w- C:\Windows\system32\ieetwproxystub.dll 2014-08-18 22:14:10 . 2014-09-15 01:15:10 83968 ----a-w- C:\Windows\system32\MshtmlDac.dll 2014-08-18 22:08:57 . 2014-09-15 01:15:08 51200 ----a-w- C:\Windows\system32\jsproxy.dll 2014-08-18 22:08:55 . 2014-09-15 01:15:00 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-08-18 22:08:08 . 2014-09-15 01:15:10 33792 ----a-w- C:\Windows\system32\iernonce.dll 2014-08-18 22:05:01 . 2014-09-15 01:15:12 596480 ----a-w- C:\Windows\system32\ieui.dll 2014-08-18 22:03:47 . 2014-09-15 01:15:10 139264 ----a-w- C:\Windows\system32\ieUnatt.exe 2014-08-18 22:03:37 . 2014-09-15 01:15:04 111616 ----a-w- C:\Windows\system32\ieetwcollector.exe 2014-08-18 22:03:01 . 2014-09-15 01:15:10 758272 ----a-w- C:\Windows\system32\jscript9diag.dll 2014-08-18 21:57:44 . 2014-09-15 01:15:11 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-08-18 21:56:17 . 2014-09-15 01:15:04 940032 ----a-w- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-18 21:51:29 . 2014-09-15 01:15:10 446464 ----a-w- C:\Windows\system32\dxtmsft.dll 2014-08-18 21:46:26 . 2014-09-15 01:15:09 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll 2014-08-18 21:45:23 . 2014-09-15 01:15:08 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-08-18 21:45:12 . 2014-09-15 01:15:10 72704 ----a-w- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-18 21:44:44 . 2014-09-15 01:15:05 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-08-18 21:44:09 . 2014-09-15 01:15:10 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll 2014-08-18 21:40:29 . 2014-09-15 01:15:09 195584 ----a-w- C:\Windows\system32\msrating.dll 2014-08-18 21:39:13 . 2014-09-15 01:15:08 85504 ----a-w- C:\Windows\system32\mshtmled.dll 2014-08-18 21:38:12 . 2014-09-15 01:15:10 289280 ----a-w- C:\Windows\system32\dxtrans.dll 2014-08-18 21:36:07 . 2014-09-15 01:15:10 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-08-18 21:35:24 . 2014-09-15 01:15:06 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-08-18 21:25:40 . 2014-09-15 01:15:08 727040 ----a-w- C:\Windows\system32\msfeeds.dll 2014-08-18 21:25:16 . 2014-09-15 01:15:08 707072 ----a-w- C:\Windows\system32\ie4uinit.exe 2014-08-18 21:23:17 . 2014-09-15 01:15:00 2104832 ----a-w- C:\Windows\system32\inetcpl.cpl 2014-08-18 21:23:16 . 2014-09-15 01:15:04 1249280 ----a-w- C:\Windows\system32\mshtmlmedia.dll 2014-08-18 21:22:48 . 2014-09-15 01:15:06 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2014-08-18 21:16:25 . 2014-09-15 01:14:58 13588480 ----a-w- C:\Windows\system32\ieframe.dll 2014-08-18 21:15:13 . 2014-09-15 01:15:02 2310656 ----a-w- C:\Windows\system32\wininet.dll 2014-08-18 21:08:54 . 2014-09-15 01:15:00 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-08-18 21:07:44 . 2014-09-15 01:15:04 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll 2014-08-18 20:55:05 . 2014-09-15 01:15:00 1447424 ----a-w- C:\Windows\system32\urlmon.dll 2014-08-18 20:46:48 . 2014-09-15 01:15:01 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-08-18 20:38:41 . 2014-09-15 01:15:05 775168 ----a-w- C:\Windows\system32\ieapfltr.dll 2014-08-01 11:53:22 . 2014-09-14 10:10:01 1031168 ----a-w- C:\Windows\system32\TSWorkspace.dll 2014-08-01 11:35:06 . 2014-09-14 10:10:01 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll 2014-07-25 00:35:46 . 2014-07-25 00:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll 2014-07-24 21:47:06 . 2014-07-24 21:47:06 869544 ----a-w- C:\Windows\system32\msvcr120_clr0400.dll |
![]() | #13 |
CMD.exe blinkt nur kurz auf und schließt wieder [gelöst] Whoami, hast du eigentlich auf den Treffer "cmd.exe", den dir die Startsuche liefert, nur geklickt, oder hast du mit der rechten Maustaste draufgeklickt und "Als Administrator starten" gewählt, wie man es soll?
__________________ . Intel Core i3 540, 8 GB RAM, 2 SATA-HDD je 640 GB, Win7 64-Bit mit Classic Shell von Ivo Beltchev, Microsoft Security Essentials, WinPatrol PLUS, Fx 68.0.1 mit NoScript, Tb 60.8.0 (POP3) |
CMD.exe blinkt nur kurz auf und schließt wieder [gelöst]
Downloade Dir bitte
Downloade Dir bitte
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
![]() Downloade Dir bitte ![]()
Downloade Dir bitte ![]()
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu CMD.exe blinkt nur kurz auf und schließt wieder
ask toolbar entfernen, blinkt, fehlercode 0x40000015, fehlercode 22, leute, pdf reader packages entfernen, snap.do engine entfernen, snap.do entfernen, sofort, this device is disabled. (code 22), öffnen