| |
| |||||||
Log-Analyse und Auswertung: Frst und addition logfilesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.11.2014, 12:11
| #1 |
 |  Frst und addition logfiles VIELEN DANK IM VORAUS FÜR EURE HILFE HOFFE ES IST RICHTIG WIE ICH ES GEMACHT HABE Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2014 01 Ran by mario (administrator) on MARIO-PC on 13-11-2014 18:23:24 Running from C:\Users\mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXNLI2QR Loaded Profiles: mario & UpdatusUser (Available profiles: mario & UpdatusUser) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (mst software GmbH, Germany) C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfSdkS.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (Teruten) C:\Windows\System32\FsUsbExService.Exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE () C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Ashampoo Development GmbH & Co. KG) C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTuner.exe (Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Google) C:\Program Files\Google\Drive\googledrivesync.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (Skillbrains) C:\Users\mario\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira) C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Google) C:\Program Files\Google\Drive\googledrivesync.exe (Dropbox, Inc.) C:\Users\mario\AppData\Roaming\Dropbox\bin\Dropbox.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8092192 2009-11-17] (Realtek Semiconductor) HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTuner.exe [2656680 2011-09-28] (Ashampoo Development GmbH & Co. KG) HKLM\...\Run: [NPSStartup] => [X] HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.) HKLM\...\Run: [MailCheck IE Broker] => C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1810496 2014-04-24] (1und1 Mail und Media GmbH) HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [EPSON1A5D7B (Epson Stylus SX420W)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [200704 2009-09-14] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2009-04-02] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [EPSON SX420W Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [200704 2009-09-14] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-06-14] (Samsung) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [Facebook Update] => C:\Users\mario\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-02] (Facebook Inc.) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [LightShot] => C:\Users\mario\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] () HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [AviraSpeedup] => C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe [5395192 2014-10-03] (Avira) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-11-07] (Google Inc.) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\MountPoints2: {2e6f69a6-e937-11e1-bbef-001e101f7f74} - E:\AutoRun.exe HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\MountPoints2: {b0f9344c-df70-11d4-9acf-00a0d1ad0be0} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\index.html HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\MountPoints2: {b817d815-e92d-11e1-95fe-00a0d1ad0be0} - E:\AutoRun.exe HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\MountPoints2: {b817d82c-e92d-11e1-95fe-00a0d1ad0be0} - E:\AutoRun.exe HKU\S-1-5-21-943191095-2846990741-2943127497-1001\...\MountPoints2: {b817d84b-e92d-11e1-95fe-00a0d1ad0be0} - E:\AutoRun.exe HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe [5395192 2014-10-03] (Avira) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\mario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) BootExecute: autocheck autochk * bootdelete GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4C56FBDE1CBCCC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1409769840&from=tugs&uid=ST9500325AS_5VE0Z7EZXXXX5VE0Z7EZ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409769840&from=tugs&uid=ST9500325AS_5VE0Z7EZXXXX5VE0Z7EZ&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1409769840&from=tugs&uid=ST9500325AS_5VE0Z7EZXXXX5VE0Z7EZ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1409769840&from=tugs&uid=ST9500325AS_5VE0Z7EZXXXX5VE0Z7EZ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409769840&from=tugs&uid=ST9500325AS_5VE0Z7EZXXXX5VE0Z7EZ&q={searchTerms} URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Users\mario\AppData\LocalLow\DVDVideoSoftTB\prxtbDVDV.dll (ClientConnect Ltd.) URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Users\mario\AppData\LocalLow\DVDVideoSoftTB\prxtbDVDV.dll (ClientConnect Ltd.) HKU\S-1-5-21-943191095-2846990741-2943127497-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1409769840&from=tugs&uid=ST9500325AS_5VE0Z7EZXXXX5VE0Z7EZ SearchScopes: HKCU - {22FAACBA-E5CE-4A7E-8C1A-32B5C840F4D9} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} SearchScopes: HKCU - {462DBD11-50B6-4729-A19B-6CEFEB16DCD0} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKCU - {4B0E8FA1-5355-41B8-981D-A32F6C1D8362} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKCU - {99F56934-85E6-4298-83E6-529910F9802A} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKCU - {C3FB7335-8FD3-46D3-BDFD-9A923343E753} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKCU - {C89738FB-E293-45FF-92B5-01EF65686D1B} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyHBv6JC2&i=26 SearchScopes: HKCU - {FC7E5970-0E3B-43FA-80E5-7D4E0290DA1B} URL = https://www.google.com/search?q={searchTerms} BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Users\mario\AppData\LocalLow\DVDVideoSoftTB\prxtbDVDV.dll (ClientConnect Ltd.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Users\mario\AppData\LocalLow\DVDVideoSoftTB\prxtbDVDV.dll (ClientConnect Ltd.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{5863A184-9385-4DFA-BFB2-A6562BDC40C0}: [NameServer] 212.52.97.25 193.70.152.25 Tcpip\..\Interfaces\{95112B73-AD06-42EF-A679-B7309AE7DC15}: [NameServer] 212.52.97.25 193.70.152.25 Tcpip\..\Interfaces\{9D70F6C1-8888-4D2B-A03E-3F30228CDCD5}: [NameServer] 193.70.152.25 212.52.97.25 FireFox: ======== FF ProfilePath: C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF DefaultSearchEngine: istartsurf FF SelectedSearchEngine: istartsurf FF Homepage: www.facebook.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\searchplugins\babylon1.xml FF SearchPlugin: C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\searchplugins\delta.xml FF SearchPlugin: C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\searchplugins\MyStart Search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\ddg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Browsers App - C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\Extensions\herman.thorne45@outlook.com [2014-10-03] FF Extension: WEB.DE MailCheck - C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\Extensions\toolbar@web.de [2014-10-03] FF Extension: DVDVideoSoftTB - C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2014-09-03] FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-11-01] FF Extension: midikar - C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\Extensions\{e97a8b1d-ea32-4839-9c97-b92ab27cb15e} [2014-11-13] FF Extension: ProxTube - C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\t3k3gzn5.default\Extensions\ich@maltegoetz.de.xpi [2014-10-11] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-13] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-11-13] FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2001-01-01] Chrome: ======= CHR HomePage: Default -> https://www.facebook.com/logout.php CHR StartupUrls: Default -> "https://www.facebook.com/index.php?stype=lo&lh=Ac8dWS5ReYw4q_9A" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google :inputType}{google:cursorPosition}{google:currentPageUrl}{google  ageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}s ugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-20] CHR Extension: (Google Docs) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-20] CHR Extension: (Google Drive) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-20] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-20] CHR Extension: (YouTube) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-20] CHR Extension: (Google-Suche) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-20] CHR Extension: (Google Tabellen) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-20] CHR Extension: (Avira Browser Safety) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-26] CHR Extension: (Avira SafeSearch) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2014-10-26] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-11] CHR Extension: (Google Wallet) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-20] CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-10-20] CHR Extension: (Google Mail) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-20] CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG) R2 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe [406016 2009-08-24] (mst software GmbH, Germany) [File not signed] R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2009-09-14] (SEIKO EPSON CORPORATION) [File not signed] R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2009-09-14] (SEIKO EPSON CORPORATION) [File not signed] R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-03-31] (Teruten) [File not signed] S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-03] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-03] (globalUpdate) [File not signed] R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2014-11-13] (SurfRight B.V.) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [246112 2012-08-18] () S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed] R2 WO_LiveService; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [885160 2011-09-28] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 51110541; C:\Windows\System32\DRIVERS\51110541.sys [128016 2009-09-25] (Kaspersky Lab) R0 51110542; C:\Windows\System32\DRIVERS\51110542.sys [37392 2009-10-22] (Kaspersky Lab) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG) R2 EpmPsd; C:\Windows\system32\drivers\epm-psd.sys [4096 2004-07-19] (Acer Value Labs, USA) [File not signed] R2 EpmShd; C:\Windows\system32\drivers\epm-shd.sys [78208 2005-04-07] (Acer Value Labs, USA) [File not signed] R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed] R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Atheros Communications, Inc.) R2 LiveTunerPM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor32.sys [12696 2011-03-08] () R1 setup_9.0.0.722_17.12.2011_15-25drv; C:\Windows\System32\DRIVERS\5111054.sys [311312 2009-10-09] (Kaspersky Lab) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH) S3 TTCinergyT2; C:\Windows\System32\drivers\TTCinergyT2BDA.sys [22528 2005-10-06] (TerraTec Electronic GmbH) S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.) [File not signed] S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [106752 2011-01-13] (ZTE Incorporated) S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X] S3 ute4njq3; \??\C:\Windows\system32\Drivers\ute4njq3.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-13 18:37 - 2014-11-13 18:37 - 00000000 ____D () C:\31cd9b6eea04efa7fe74 2014-11-13 18:37 - 2014-11-13 18:37 - 00000000 _____ () C:\Users\mario\Downloads\avira-eu-cleaner_de_exe.82d1sna.partial 2014-11-13 18:30 - 2014-11-13 18:30 - 00045928 _____ () C:\Windows\system32\.crusader 2014-11-13 18:24 - 2014-11-13 18:24 - 00000000 _____ () C:\Users\mario\Downloads\hmpalert_exe.vo44ku4.partial 2014-11-13 18:23 - 2014-11-13 18:23 - 00000000 ____D () C:\FRST 2014-11-13 18:20 - 2014-11-13 18:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-11-13 18:19 - 2014-11-13 18:19 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-11-13 18:13 - 2014-11-13 18:13 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk 2014-11-13 18:13 - 2014-11-13 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2014-11-13 18:13 - 2014-11-13 18:13 - 00000000 ____D () C:\Program Files\HitmanPro 2014-11-13 18:12 - 2014-11-13 18:30 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-11-13 18:12 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-13 18:12 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-13 18:12 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-13 18:12 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-13 18:12 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-13 18:12 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-13 18:12 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-13 18:12 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-13 18:12 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-13 18:12 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-13 18:12 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-13 18:12 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-13 18:12 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-13 18:12 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-13 18:12 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-13 18:12 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-13 18:12 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-13 18:12 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-13 18:12 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-13 18:12 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-13 18:11 - 2014-11-13 18:12 - 10284408 _____ (SurfRight B.V.) C:\Users\mario\Downloads\hitmanpro.exe 2014-11-13 18:11 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-13 18:11 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-13 18:11 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-13 18:11 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-13 18:11 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-13 18:11 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-13 18:11 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-13 18:11 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-13 18:11 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-13 18:11 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-13 18:11 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-13 18:11 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-13 18:11 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-13 18:11 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-13 18:11 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-13 18:11 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-13 18:11 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-13 18:11 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-13 18:11 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-13 18:11 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-13 18:11 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-13 18:11 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-13 18:11 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-13 18:11 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-13 18:11 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-13 18:11 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-13 18:11 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-13 18:11 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-13 18:11 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-13 18:11 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-13 18:11 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-13 18:11 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-13 18:11 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-13 18:11 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-13 18:11 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-13 18:11 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-13 18:11 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-13 18:01 - 2014-11-13 18:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak 2014-11-13 17:56 - 2014-11-13 17:56 - 00000000 __SHD () C:\Users\mario\AppData\Local\EmieBrowserModeList 2014-11-13 17:52 - 2014-11-13 17:54 - 00000112 _____ () C:\Windows\setupact.log 2014-11-13 17:52 - 2014-11-13 17:52 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-07 18:41 - 2014-11-08 18:48 - 00002125 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-07 18:41 - 2014-11-07 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-01 17:26 - 2014-11-01 17:27 - 36865528 _____ () C:\Users\mario\Downloads\WEB.DE_Firefox_Setup.exe 2014-11-01 17:25 - 2014-11-13 17:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-01 17:25 - 2014-11-01 17:25 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-11-01 17:25 - 2014-11-01 17:25 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-10-26 16:01 - 2014-10-26 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-10-26 16:01 - 2014-10-26 16:01 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-10-20 18:49 - 2014-10-20 18:49 - 00000000 ____D () C:\Users\mario\AppData\Roaming\Opera Software 2014-10-20 18:49 - 2014-10-20 18:49 - 00000000 ____D () C:\Users\mario\AppData\Local\Opera Software 2014-10-20 18:47 - 2014-10-20 18:47 - 00868168 _____ (Opera Software) C:\Users\mario\Downloads\Opera_NI_stable.exe 2014-10-20 18:22 - 2014-10-26 16:01 - 00002016 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-10-20 18:22 - 2014-10-26 16:01 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-10-20 18:13 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-20 18:13 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-20 18:13 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-20 18:13 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-20 18:13 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-10-20 18:13 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-10-20 18:13 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-20 18:13 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-20 18:13 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-20 18:13 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-20 18:13 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-20 18:13 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-20 18:13 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-20 18:13 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-14 17:34 - 2014-10-14 17:34 - 00210775 _____ () C:\Users\mario\Downloads\7W8NY.zip 2014-10-14 17:28 - 2014-10-14 17:28 - 00000000 ____D () C:\Users\mario\Documents\EBAY 2014-10-14 15:46 - 2014-11-01 17:14 - 00001099 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-10-14 15:45 - 2014-10-14 15:45 - 00323672 _____ (Dropbox, Inc.) C:\Users\mario\Downloads\DropboxInstaller.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-13 18:52 - 2014-01-24 21:56 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-13 18:51 - 2014-01-25 22:23 - 00000376 _____ () C:\Windows\Tasks\update-S-1-5-21-943191095-2846990741-2943127497-1001.job 2014-11-13 18:41 - 2012-05-06 19:09 - 00069120 ___SH () C:\Users\mario\Documents\Thumbs.db 2014-11-13 18:38 - 2013-08-15 10:06 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-13 18:37 - 2001-01-01 00:07 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-13 18:35 - 2012-05-01 15:12 - 03550720 ___SH () C:\Users\mario\Downloads\Thumbs.db 2014-11-13 18:34 - 2013-09-02 14:29 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-943191095-2846990741-2943127497-1001UA.job 2014-11-13 18:29 - 2014-09-03 19:47 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-11-13 18:19 - 2014-09-10 16:19 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-13 18:17 - 2014-09-10 16:18 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-11-13 18:17 - 2014-09-10 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-13 18:17 - 2001-01-01 15:13 - 00000000 ____D () C:\Program Files\Java 2014-11-13 18:10 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-13 18:04 - 2011-12-16 18:38 - 01431970 _____ () C:\Windows\WindowsUpdate.log 2014-11-13 18:04 - 2009-07-14 05:34 - 00022576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-13 18:04 - 2009-07-14 05:34 - 00022576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-13 18:00 - 2014-04-28 15:42 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-13 18:00 - 2011-12-16 18:54 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-13 17:59 - 2012-04-04 17:07 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-11-13 17:59 - 2012-04-04 17:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-13 17:59 - 2012-02-06 19:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-11-13 17:57 - 2013-10-19 13:04 - 00000000 ___RD () C:\Users\mario\Dropbox 2014-11-13 17:57 - 2013-10-19 13:02 - 00000000 ____D () C:\Users\mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-11-13 17:57 - 2013-10-19 12:57 - 00000000 ____D () C:\Users\mario\AppData\Roaming\Dropbox 2014-11-13 17:56 - 2014-01-24 22:01 - 00000000 ___RD () C:\Users\mario\Google Drive 2014-11-13 17:55 - 2014-09-03 19:49 - 00002750 _____ () C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-1.job 2014-11-13 17:55 - 2014-09-03 19:49 - 00002422 _____ () C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5_user.job 2014-11-13 17:55 - 2014-09-03 19:49 - 00002422 _____ () C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5.job 2014-11-13 17:55 - 2014-09-03 19:47 - 00003446 _____ () C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-6.job 2014-11-13 17:55 - 2014-09-03 19:47 - 00003446 _____ () C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-4.job 2014-11-13 17:55 - 2014-09-03 19:47 - 00003110 _____ () C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-7.job 2014-11-13 17:55 - 2014-09-03 19:46 - 00004472 _____ () C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-11.job 2014-11-13 17:55 - 2014-09-03 19:46 - 00003110 _____ () C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-3.job 2014-11-13 17:55 - 2014-09-03 19:46 - 00000898 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2014-11-13 17:55 - 2014-01-24 21:56 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-13 17:55 - 2012-11-10 12:00 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-11-13 17:54 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-13 17:54 - 2009-07-14 05:33 - 00289816 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-13 17:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-11-08 18:32 - 2011-12-16 19:10 - 00000000 ____D () C:\Users\mario\AppData\Local\Google 2014-11-07 18:42 - 2014-08-14 23:48 - 00000000 ____D () C:\Users\mario\AppData\Local\Adobe 2014-11-07 18:42 - 2012-02-06 18:47 - 00000000 ____D () C:\ProgramData\Google 2014-11-07 18:42 - 2011-12-16 19:10 - 00000000 ____D () C:\Program Files\Google 2014-11-07 17:52 - 2014-01-24 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-11-01 17:14 - 2014-03-14 18:40 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-01 17:14 - 2014-03-14 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-11-01 17:14 - 2014-03-14 18:40 - 00000000 ____D () C:\Program Files\Avira 2014-10-31 16:55 - 2014-01-25 22:23 - 00000376 _____ () C:\Windows\Tasks\update-sys.job 2014-10-26 16:49 - 2012-11-05 20:20 - 00000000 ___RD () C:\Users\mario\Desktop\karaoke 2014-10-26 16:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-10-26 16:15 - 2011-12-18 12:13 - 00000000 ____D () C:\Program Files\Opera 2014-10-20 18:30 - 2014-08-28 19:29 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-10-20 18:30 - 2014-08-28 19:29 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-20 17:59 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-14 18:01 - 2012-07-21 17:59 - 00352256 ___SH () C:\Users\mario\Desktop\Thumbs.db 2014-10-14 17:39 - 2012-06-15 22:34 - 00000000 ____D () C:\Users\mario\Desktop\fotos allgemein 2014-10-14 15:37 - 2014-03-23 10:37 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-10-14 15:37 - 2014-03-14 18:43 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-10-14 15:37 - 2014-03-14 18:43 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys Files to move or delete: ==================== C:\Users\mario\start32bitprogram.exe Some content of TEMP: ==================== C:\Users\mario\AppData\Local\Temp\avgnt.exe C:\Users\mario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphzt_4y.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-11 17:54 ==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-11-2014 01 Ran by mario at 2014-11-13 18:24:53 Running from C:\Users\mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXNLI2QR Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated) Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - ) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.) AnalogX Vocal Remover (HKLM\...\AnalogX Vocal Remover) (Version: - AnalogX) Ashampoo WinOptimizer 8 v.8.13 (HKLM\...\Ashampoo WinOptimizer 8_is1) (Version: 8.1.3 - Ashampoo GmbH & Co. KG) Avira (HKLM\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Avira (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira) Avira System Speedup (HKLM\...\AviraSpeedup) (Version: 1.3.1.9970 - Avira System Speedup) BtwMfcMM (HKLM\...\{D5B46D30-F054-4C64-9C0F-97C8451E7D04}) (Version: 6.00.0000 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Cinergy XS Series V5.09.0304.00a (HKLM\...\Cinergy XS Series) (Version: 5.09.0304.00a - ) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.3 - DivX, LLC) DVBViewer TERRATEC Edition (HKLM\...\DVBViewer TERRATEC Edition_is1) (Version: - CM&V) DVDVideoSoftTB Toolbar for IE (HKLM\...\IECT2269050) (Version: 6.20.0.10 - DVDVideoSoftTB) Epson Easy Photo Print 2 (HKLM\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION) Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Free Studio version 5.3.2 (HKLM\...\Free Studio_is1) (Version: - DVDVideoSoft Ltd.) Free Video to Samsung Phones Converter version 5.0.20.1031 (HKLM\...\Free Video to Samsung Phones Converter_is1) (Version: 5.0.20.1031 - DVDVideoSoft Ltd.) Free YouTube Download version 3.1.39.1015 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.39.1015 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.) Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.) Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden KaraFun 1.18 (HKLM\...\KaraFun_is1) (Version: - Recisio) KaraokeMedia Home PC (Version: 1.0.0 - ECLIPSE PRODUCCIONES S.L) Hidden K-Lite Codec Pack 6.1.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.1.0 - ) Lightshot-5.1.4.17 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.17 - Skillbrains) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Camera Codec Pack (HKLM\...\{908C5B2E-D684-425E-A54D-FE77D5C5A076}) (Version: 16.4.1970.0624 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation) Mobile Partner (HKLM\...\Mobile Partner) (Version: 21.003.25.02.51 - Huawei Technologies Co.,Ltd) Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla) MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia) Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photomizer (HKLM\...\{A00F8237-F496-44D2-0001-E3CCF8CD58AE}) (Version: 1.0.10.0827 - Engelmann Media GmbH) PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.02.10270 - Sony Corporation) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5983 - Realtek Semiconductor Corp.) RMPrepUSB (HKLM\...\RMPrepUSB) (Version: - ) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - ) Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.) SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung) Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - ) TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) vanBasco's Karaoke Player (HKLM\...\VMidi) (Version: - ) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden WEB.DE Desktop Icons (HKLM\...\1&1 Mail & Media GmbH 1und1DesktopIconsInstaller) (Version: 3.0.3.0 - 1&1 Mail & Media GmbH) WEB.DE MailCheck für Internet Explorer (HKLM\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.5.1.0 - 1&1 Mail & Media GmbH) WEB.DE Softwareaktualisierung (HKLM\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.0.55 - 1&1 Mail & Media GmbH) WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation) Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\mario\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{55cbb4a1-515f-5947-9e5e-931ec3e954ea}\InprocServer32 -> C:\Users\mario\AppData\Local\PagePlace\npPagePlaceStarter.dll (Deutsche Telekom AG) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\mario\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\mario\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\InprocServer32 -> C:\Users\mario\AppData\LocalLow\DVDVideoSoftTB\prxtbDVDV.dll (ClientConnect Ltd.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\mario\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\mario\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\mario\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\mario\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\mario\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\mario\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}\InprocServer32 -> C:\Users\mario\AppData\LocalLow\DVDVideoSoftTB\prxtbDVDV.dll (ClientConnect Ltd.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\mario\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\mario\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\FileSyncApi.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-943191095-2846990741-2943127497-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 20-10-2014 17:24:52 Windows Update 13-11-2014 16:58:05 Windows Update 13-11-2014 17:11:32 Prüfpunkt von HitmanPro 13-11-2014 17:28:07 Prüfpunkt von HitmanPro 13-11-2014 17:29:35 Prüfpunkt von HitmanPro 13-11-2014 17:35:28 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {03CB802F-112B-49F3-87DB-868B62B43716} - System32\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-4 => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-4.exe <==== ATTENTION Task: {082530D3-26DA-42B3-96CB-6F6842A4AB66} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {12758D70-1112-415E-8C53-061DDA7066D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-24] (Google Inc.) Task: {1AE3379E-7DC5-4FB8-BD37-57D955021049} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-943191095-2846990741-2943127497-1001UA => C:\Users\mario\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-02] (Facebook Inc.) Task: {1DD25F6A-C164-4FAE-B82F-68B9922D3CA0} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-09-03] (globalUpdate) <==== ATTENTION Task: {23225D99-23E9-4883-8B96-7D892214EFC7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {28D377D4-0EDD-4B6C-895D-F486311630C6} - System32\Tasks\VisualBeeRecovery => C:\Users\mario\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe [2012-03-14] () <==== ATTENTION Task: {2A58B47A-EA43-4758-9D74-A3627E22DBCA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-943191095-2846990741-2943127497-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {2CEC042C-FB6F-4980-AF79-C31880B2D054} - System32\Tasks\AviraSpeedup => C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe [2014-10-03] (Avira) Task: {32007FB4-69E9-4260-8717-653C6A7C9CB0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {33F3912B-B39F-437F-8007-92C30BCDBD78} - System32\Tasks\{554D785F-1C63-4CC7-90FF-EA80F1D498A6} => C:\Users\mario\Desktop\wichtig\OpenOffice.org 3.3 (de) Installation Files\java\jre-windows-i586.exe [2011-01-19] (Sun Microsystems, Inc.) Task: {3F40672C-8952-433E-A489-CC0B423DBAB6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: {458797B4-917C-4936-A94F-72AAFEA7DA2C} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] () Task: {5423B9D1-D22C-44A4-8EC4-F43EAD894DA2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {564DE98C-ED8F-43C7-9913-94D891948E88} - System32\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5 => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5.exe <==== ATTENTION Task: {6F4B03CE-18C9-4472-A441-8B1678289726} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13] (Adobe Systems Incorporated) Task: {7588A398-1D8B-4835-ACCB-13CD95AB0395} - System32\Tasks\Registration 1und1 Task => C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH) Task: {77F73005-7BA9-4A2D-96FE-FADAA67DC60A} - System32\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-1 => C:\Program Files\Browsers Apps -\Browsers Apps --codedownloader.exe <==== ATTENTION Task: {788239D0-5E3C-4089-9EE3-C5367895B28B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-09-03] (globalUpdate) <==== ATTENTION Task: {7A709350-60B9-4591-B61B-2580565ECAD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-24] (Google Inc.) Task: {8A8F676A-92F1-45C9-9729-A40E5A3C65F1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft) Task: {92C81F91-BE25-4066-91CB-4100579C1613} - System32\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-3 => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-3.exe <==== ATTENTION Task: {B60431CF-BBE2-4EBE-9B4C-2A998108AE2F} - System32\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-7 => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-7.exe <==== ATTENTION Task: {C1F7D1B8-EFD9-4526-8930-F4983B5586EB} - System32\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-11 => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-11.exe <==== ATTENTION Task: {D0BD6414-F12F-442F-896F-C8005C5E9FD0} - System32\Tasks\update-S-1-5-21-943191095-2846990741-2943127497-1001 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] () Task: {D1EBA97C-223E-482C-BA1B-BFE26EB10296} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-943191095-2846990741-2943127497-1001Core => C:\Users\mario\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-02] (Facebook Inc.) Task: {D7CE95B5-D30E-461E-BDA7-0AB604C44D48} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-943191095-2846990741-2943127497-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {D8F28C98-84ED-490E-848B-B998C299BD65} - System32\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5_user => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5.exe <==== ATTENTION Task: {E6A0B6EE-36B8-41DE-AEDC-4C8557796757} - System32\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-6 => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-6.exe <==== ATTENTION Task: {EFBF8436-50D1-404B-ADCF-71BDEBF3D84C} - System32\Tasks\{5B97EEF1-A9C5-4A44-AE4F-4B760011545E} => C:\Users\mario\Desktop\wichtig\OpenOffice.org 3.3 (de) Installation Files\java\jre-windows-i586.exe [2011-01-19] (Sun Microsystems, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-1.job => C:\Program Files\Browsers Apps -\Browsers Apps --codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-11.job => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-11.exe <==== ATTENTION Task: C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-3.job => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-3.exe <==== ATTENTION Task: C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-4.job => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-4.exe <==== ATTENTION Task: C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5.job => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5.exe <==== ATTENTION Task: C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5_user.job => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-5.exe <==== ATTENTION Task: C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-6.job => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-6.exe <==== ATTENTION Task: C:\Windows\Tasks\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-7.job => C:\Program Files\Browsers Apps -\f25128c7-bbfe-4598-b1d8-0fd17d6e8375-7.exe <==== ATTENTION Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-943191095-2846990741-2943127497-1001Core.job => C:\Users\mario\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-943191095-2846990741-2943127497-1001UA.job => C:\Users\mario\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\update-S-1-5-21-943191095-2846990741-2943127497-1001.job => C:\Program Files\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe ==================== Loaded Modules (whitelisted) ============= 2011-03-14 16:27 - 2011-03-14 16:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe 2012-08-18 13:15 - 2012-08-18 13:14 - 00246112 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe 2012-08-18 13:15 - 2012-08-18 13:14 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll 2012-08-18 13:15 - 2012-08-18 13:14 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll 2012-08-18 13:15 - 2012-08-18 13:14 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll 2012-08-18 13:15 - 2012-08-18 13:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll 2012-08-18 13:15 - 2012-08-18 13:14 - 00384512 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll 2012-08-18 13:15 - 2012-08-18 13:14 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll 2001-01-01 05:01 - 2011-09-28 09:45 - 00885160 _____ () C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe 2012-12-18 18:57 - 2013-08-30 00:08 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2014-11-13 17:55 - 2014-11-13 17:55 - 00098816 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32api.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00110080 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\pywintypes27.dll 2014-11-13 17:55 - 2014-11-13 17:55 - 00364544 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\pythoncom27.dll 2014-11-13 17:55 - 2014-11-13 17:55 - 00045568 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\_socket.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 01160704 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\_ssl.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00320512 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32com.shell.shell.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00713216 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\_hashlib.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 01175040 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\wx._core_.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00805888 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\wx._gdi_.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00811008 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\wx._windows_.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 01062400 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\wx._controls_.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00735232 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\wx._misc_.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00128512 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\_elementtree.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00127488 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\pyexpat.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00557056 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\pysqlite2._sqlite.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00087552 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\_ctypes.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00119808 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32file.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00108544 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32security.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00007168 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\hashobjs_ext.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00167936 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32gui.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00018432 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32event.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00038912 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32inet.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00011264 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32crypt.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00070656 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\wx._html2.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00027136 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\_multiprocessing.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00035840 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32process.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00686080 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\unicodedata.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00122368 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\wx._wizard.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00024064 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32pipe.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00025600 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32pdh.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00525640 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\windows._lib_cacheinvalidation.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00010240 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\select.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00017408 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32profile.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00022528 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\win32ts.pyd 2014-11-13 17:55 - 2014-11-13 17:55 - 00078336 _____ () C:\Users\mario\AppData\Local\Temp\_MEI35082\wx._animate.pyd 2014-11-13 17:56 - 2014-11-13 17:56 - 00043008 _____ () c:\users\mario\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphzt_4y.dll 2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\mario\AppData\Roaming\Dropbox\bin\libcef.dll 2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-943191095-2846990741-2943127497-500 - Administrator - Disabled) Gast (S-1-5-21-943191095-2846990741-2943127497-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-943191095-2846990741-2943127497-1008 - Limited - Enabled) mario (S-1-5-21-943191095-2846990741-2943127497-1001 - Administrator - Enabled) => C:\Users\mario UpdatusUser (S-1-5-21-943191095-2846990741-2943127497-1005 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/13/2014 05:58:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17420, Zeitstempel: 0x545ad233 Name des fehlerhaften Moduls: nvd3dum.dll, Version: 9.18.13.2702, Zeitstempel: 0x521fbdc1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00697af3 ID des fehlerhaften Prozesses: 0x1524 Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0 Pfad der fehlerhaften Anwendung: iexplore.exe1 Pfad des fehlerhaften Moduls: iexplore.exe2 Berichtskennung: iexplore.exe3 Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x0000014c,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,01D9FAF0.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000009c4,(null),0,REG_BINARY,0498F170.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Generatorname: MSSearch Service Writer Generatorinstanz-ID: {cc3f4313-4eba-4fbf-8702-5ef03b72e175} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000007d4,(null),0,REG_BINARY,018FEBF8.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Generatorname: WMI Writer Generatorinstanz-ID: {7f6105d1-3504-48e4-b88c-fcad8cfbfa7b} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000004b0,(null),0,REG_BINARY,0309EA98.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {6c0a7c25-135f-468a-bd78-637ea44f3b1e} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000007d4,(null),0,REG_BINARY,018FEBE4.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Generatorname: WMI Writer Generatorinstanz-ID: {7f6105d1-3504-48e4-b88c-fcad8cfbfa7b} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001f4,(null),0,REG_BINARY,0102F638.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {46240fb9-d5ee-44f5-ba12-3feda14c5a04} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000009c4,(null),0,REG_BINARY,0498F15C.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Generatorname: MSSearch Service Writer Generatorinstanz-ID: {cc3f4313-4eba-4fbf-8702-5ef03b72e175} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000004b0,(null),0,REG_BINARY,0309EA84.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {6c0a7c25-135f-468a-bd78-637ea44f3b1e} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001a8,(null),0,REG_BINARY,00DCF6B8.64)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485} Generatorname: Registry Writer Generatorinstanz-ID: {42e004be-5b65-46d4-81c4-14072086eed5} System errors: ============= Error: (11/13/2014 05:56:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (11/13/2014 05:54:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/13/2014 05:54:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht. Error: (11/13/2014 05:59:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (11/13/2014 05:57:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde mit folgendem dienstspezifischem Fehler beendet: %%0. Error: (11/13/2014 05:54:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (11/13/2014 05:53:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/13/2014 05:53:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht. Error: (11/13/2014 06:29:56 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (11/13/2014 06:29:56 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Microsoft Office Sessions: ========================= Error: (11/13/2014 05:58:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.17420545ad233nvd3dum.dll9.18.13.2702521fbdc1c000000500697af3152401cfff6322663768C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\nvd3dum.dll50cec5db-6b56-11e4-932c-00a0d1ad0be0 Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x0000014c,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,01D9FAF0.64)0x80070005, Zugriff verweigert Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000009c4,(null),0,REG_BINARY,0498F170.64)0x80070005, Zugriff verweigert Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Generatorname: MSSearch Service Writer Generatorinstanz-ID: {cc3f4313-4eba-4fbf-8702-5ef03b72e175} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000007d4,(null),0,REG_BINARY,018FEBF8.64)0x80070005, Zugriff verweigert Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Generatorname: WMI Writer Generatorinstanz-ID: {7f6105d1-3504-48e4-b88c-fcad8cfbfa7b} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000004b0,(null),0,REG_BINARY,0309EA98.64)0x80070005, Zugriff verweigert Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {6c0a7c25-135f-468a-bd78-637ea44f3b1e} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000007d4,(null),0,REG_BINARY,018FEBE4.64)0x80070005, Zugriff verweigert Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Generatorname: WMI Writer Generatorinstanz-ID: {7f6105d1-3504-48e4-b88c-fcad8cfbfa7b} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000001f4,(null),0,REG_BINARY,0102F638.64)0x80070005, Zugriff verweigert Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {46240fb9-d5ee-44f5-ba12-3feda14c5a04} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000009c4,(null),0,REG_BINARY,0498F15C.64)0x80070005, Zugriff verweigert Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Generatorname: MSSearch Service Writer Generatorinstanz-ID: {cc3f4313-4eba-4fbf-8702-5ef03b72e175} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000004b0,(null),0,REG_BINARY,0309EA84.64)0x80070005, Zugriff verweigert Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {6c0a7c25-135f-468a-bd78-637ea44f3b1e} Error: (11/13/2014 06:30:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000001a8,(null),0,REG_BINARY,00DCF6B8.64)0x80070005, Zugriff verweigert Vorgang: BackupShutdown-Ereignis Kontext: Ausführungskontext: Writer Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485} Generatorname: Registry Writer Generatorinstanz-ID: {42e004be-5b65-46d4-81c4-14072086eed5} CodeIntegrity Errors: =================================== Date: 2014-01-24 21:39:55.566 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-09 19:41:39.944 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-09 19:41:21.676 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-09 19:43:05.386 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-09 19:42:17.164 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz Percentage of memory in use: 48% Total physical RAM: 3068.96 MB Available physical RAM: 1583.61 MB Total Pagefile: 6136.22 MB Available Pagefile: 4220.81 MB Total Virtual: 2047.88 MB Available Virtual: 1906.34 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:465.76 GB) (Free:231.42 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DVDVolume) (CDROM) (Total:4.01 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4EBF5754) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
Baum-Darstellung