| |
| |||||||
Log-Analyse und Auswertung: Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bitWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.04.2015, 13:16
| #1 |
| |  Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Moin zusammen, bei allen Browsern laden Tabs selbstständig mit Reklame. Teilweise bis zu 10 direkt hintereinander. Vorwiegend ptp24 dot com. Ich habe das Problem bei 2 weiteren Computern mit W7 64bit und XP ebenfalls. Ich bitte um Hilfe, da ich nicht mit den bekannten Programmen weiterkomme. Mein System ist ein W7 32bit. AVG verwende ich als Antivirenprogramm. Hier die ersten Logfiles. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:29 on 15/04/2015 (VB)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-04-2015
Ran by VB (administrator) on THINKPAD_X61 on 15-04-2015 12:36:50
Running from C:\Users\VB\Desktop
Loaded Profiles: VB (Available profiles: VB)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files\Join Air\AssistantServices.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\Join Air\UIExec.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Fred's Software) C:\Program Files\PrintKey2000\Printkey2000.exe
(Dropbox, Inc.) C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe
(telegate MEDIA AG) C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TrackPointSrv] => C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [95264 2011-11-01] (Lenovo Group Limited)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [338216 2013-06-20] (Lenovo.)
HKLM\...\Run: [UIExec] => C:\Program Files\Join Air\UIExec.exe [138072 2010-04-27] ()
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {09af47db-ac51-11e4-a974-001d729afb15} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Vertriebsportal.exe
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {5d7880e2-f505-11e2-9c5b-001d729afb15} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Vertriebsportal.exe
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {8f3eb0a2-b334-11e3-add6-001d729afb15} - Explorer.exe UserGuild.htm
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-23] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
ShortcutTarget: Printkey2000.lnk -> C:\Program Files\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\klickTel OEM Herbst 2012 - Schnellstarter.lnk
ShortcutTarget: klickTel OEM Herbst 2012 - Schnellstarter.lnk -> C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe (telegate MEDIA AG)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001 -> DefaultScope {BCCA108C-500D-4861-8772-C7205C900E67} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001 -> {BCCA108C-500D-4861-8772-C7205C900E67} URL = https://www.google.com/search?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-25] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-25] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\VB\AppData\Roaming\Mozilla\Firefox\Profiles\74wxll2b.default-1424900660657
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-19] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Edge - C:\Users\VB\AppData\Roaming\Mozilla\Firefox\Profiles\74wxll2b.default-1424900660657\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-03-11]
Chrome:
=======
CHR Profile: C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-23]
CHR Extension: (Google Docs) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (YouTube) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Google Search) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Google Sheets) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-23]
CHR Extension: (Google Wallet) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Gmail) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [110128 2014-05-27] (Lenovo Group Limited)
S3 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [1664808 2013-06-26] (Lenovo Group Limited)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [49136 2015-03-27] ()
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [116208 2014-06-10] (Lenovo Group Limited)
R2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [247152 2010-04-27] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [224736 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [11976 2011-05-30] (Authentec Inc.)
R3 Tp4Track; C:\Windows\System32\DRIVERS\tp4track.sys [24872 2011-11-01] (Lenovo Group Limited)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-15 12:15 - 2015-04-15 12:15 - 00000056 _____ () C:\Windows\setupact.log
2015-04-15 12:15 - 2015-04-15 12:15 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-13 17:57 - 2015-04-13 17:57 - 00000000 ____D () C:\Users\VB\Downloads\Install_Power_Commander_5_v1.0.6.4
2015-04-13 17:55 - 2015-04-13 17:56 - 11938322 _____ () C:\Users\VB\Downloads\Install_Power_Commander_5_v1.0.6.4.zip
2015-04-13 17:49 - 2015-04-13 17:50 - 02347384 _____ (ESET) C:\Users\VB\Downloads\esetsmartinstaller_deu(1).exe
2015-04-09 11:56 - 2015-04-09 11:57 - 00031075 _____ () C:\Users\VB\Desktop\Addition.txt
2015-04-09 11:54 - 2015-04-15 12:37 - 00017784 _____ () C:\Users\VB\Desktop\FRST.txt
2015-04-09 11:50 - 2015-04-15 12:31 - 01136640 _____ (Farbar) C:\Users\VB\Desktop\FRST.exe
2015-04-09 11:50 - 2015-04-15 12:29 - 00000466 _____ () C:\Users\VB\Desktop\defogger_disable.log
2015-04-09 11:50 - 2015-04-09 10:57 - 00380416 _____ () C:\Users\VB\Desktop\Gmer-19357(1).exe
2015-04-09 11:50 - 2015-04-09 10:43 - 00050477 _____ () C:\Users\VB\Desktop\Defogger.exe
2015-04-09 11:50 - 2015-03-20 07:29 - 00602112 _____ (OldTimer Tools) C:\Users\VB\Desktop\OTL.exe
2015-04-09 11:41 - 2015-04-09 11:54 - 00010610 _____ () C:\Users\VB\Desktop\gmer.log
2015-04-09 10:57 - 2015-04-09 10:57 - 00380416 _____ () C:\Users\VB\Downloads\Gmer-19357(1).exe
2015-04-09 10:50 - 2015-04-09 10:52 - 00026765 _____ () C:\Users\VB\Downloads\Addition.txt
2015-04-09 10:49 - 2015-04-09 10:52 - 00039697 _____ () C:\Users\VB\Downloads\FRST.txt
2015-04-09 10:47 - 2015-04-15 12:37 - 00000000 ____D () C:\FRST
2015-04-09 10:46 - 2015-04-09 10:46 - 01135104 _____ (Farbar) C:\Users\VB\Downloads\FRST.exe
2015-04-09 10:45 - 2015-04-09 10:46 - 00000466 _____ () C:\Users\VB\Downloads\defogger_disable.log
2015-04-09 10:45 - 2015-04-09 10:45 - 00000000 _____ () C:\Users\VB\defogger_reenable
2015-04-09 10:43 - 2015-04-09 10:43 - 00050477 _____ () C:\Users\VB\Downloads\Defogger.exe
2015-04-08 17:15 - 2015-04-08 17:15 - 00000818 _____ () C:\Users\VB\Desktop\JRT.txt
2015-04-08 17:02 - 2015-04-08 17:02 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-THINKPAD_X61-Windows-7-Ultimate-(32-bit).dat
2015-04-08 17:02 - 2015-04-08 17:02 - 00000000 ____D () C:\RegBackup
2015-04-08 17:01 - 2015-04-07 17:36 - 02686959 _____ (Thisisu) C:\Users\VB\Desktop\JRT_NEW.exe
2015-04-08 15:33 - 2015-04-08 15:34 - 05344528 _____ (Piriform Ltd) C:\Users\VB\Downloads\ccsetup504.exe
2015-03-25 11:23 - 2015-03-25 11:23 - 00224736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-03-20 13:11 - 2015-03-20 13:11 - 00817286 _____ () C:\Users\VB\Downloads\Betrieblicher_Vorsorgerechner.zip
2015-03-20 13:11 - 2015-03-20 13:11 - 00000000 ____D () C:\Users\VB\Downloads\Betrieblicher_Vorsorgerechner
2015-03-20 08:44 - 2015-03-20 08:44 - 16342352 _____ (Geek Software GmbH ) C:\Users\VB\Downloads\pdf24-creator-6.9.2.exe
2015-03-20 08:28 - 2015-03-20 08:29 - 00000000 ____D () C:\Users\VB\Desktop\Tor Browser
2015-03-20 08:17 - 2015-03-20 08:17 - 00000000 ____D () C:\Users\VB\Downloads\MicrosoftFixit.malware.Run
2015-03-20 07:59 - 2015-03-20 07:59 - 00000000 ____D () C:\Users\VB\AppData\Local\MetaGeek,_LLC
2015-03-20 07:57 - 2015-03-20 07:57 - 00002477 _____ () C:\Users\Public\Desktop\inSSIDer Home.lnk
2015-03-20 07:57 - 2015-03-20 07:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-03-20 07:57 - 2015-03-20 07:57 - 00000000 ____D () C:\Program Files\MetaGeek
2015-03-20 07:55 - 2015-03-20 07:55 - 04767744 _____ () C:\Users\VB\Downloads\inSSIDer31-installer.msi
2015-03-20 07:54 - 2015-03-20 07:54 - 00211231 _____ () C:\Users\VB\Downloads\MicrosoftFixit.malware.Run.zip
2015-03-20 07:50 - 2015-03-20 07:51 - 34670726 _____ () C:\Users\VB\Downloads\torbrowser-install-4.0.4_de.exe
2015-03-20 07:48 - 2015-03-20 07:48 - 01319328 _____ (File Repair ) C:\Users\VB\Downloads\file-repair-setup.exe
2015-03-20 07:45 - 2015-03-20 07:45 - 04954736 _____ (Microsoft Corporation) C:\Users\VB\Downloads\WindowsSetupBox.exe
2015-03-20 07:29 - 2015-03-20 07:29 - 00602112 _____ (OldTimer Tools) C:\Users\VB\Downloads\OTL.exe
2015-03-20 07:22 - 2015-03-20 07:23 - 00000565 _____ () C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2015-03-20 00:36 - 2015-03-20 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-20 00:34 - 2015-03-20 00:36 - 00000000 ____D () C:\Program Files\QuickTime
2015-03-19 23:10 - 2015-03-19 23:10 - 05490752 _____ (Secunia) C:\Users\VB\Downloads\PSISetup10004.exe
2015-03-19 23:10 - 2015-03-19 23:10 - 00000000 ____D () C:\Users\VB\AppData\Local\Secunia PSI
2015-03-19 23:10 - 2015-03-19 23:10 - 00000000 ____D () C:\Program Files\Secunia
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-15 12:21 - 2009-07-14 06:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-15 12:21 - 2009-07-14 06:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-15 12:20 - 2013-07-22 23:59 - 00000000 ___RD () C:\Dropbox
2015-04-15 12:20 - 2013-07-22 14:18 - 01817320 _____ () C:\Windows\WindowsUpdate.log
2015-04-15 12:17 - 2013-07-23 07:31 - 00000000 ____D () C:\Users\VB\AppData\Roaming\Dropbox
2015-04-15 12:15 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-15 12:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-04-15 12:07 - 2015-01-23 18:13 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-15 11:33 - 2014-09-12 19:29 - 00000000 ____D () C:\Program Files\DVAG Online-System
2015-04-15 10:10 - 2013-07-23 07:33 - 00000000 ____D () C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-15 10:03 - 2015-01-19 16:53 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-14 14:37 - 2014-04-14 12:37 - 00000000 ____D () C:\Program Files\StarMoney 9.0
2015-04-09 13:12 - 2014-12-16 16:37 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-04-09 12:48 - 2010-02-09 21:56 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 10:45 - 2013-07-22 14:31 - 00000000 ____D () C:\Users\VB
2015-04-09 10:28 - 2015-01-19 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-09 10:24 - 2013-07-22 21:37 - 00001554 _____ () C:\Users\VB\Desktop\A U S.lnk
2015-04-08 15:34 - 2013-07-22 20:19 - 00000974 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-08 15:34 - 2013-07-22 20:19 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-08 14:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-08 11:43 - 2013-07-22 22:14 - 00000000 ____D () C:\ProgramData\Lenovo
2015-04-08 11:42 - 2013-07-22 20:24 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-04-08 11:41 - 2013-07-22 20:22 - 00000000 ____D () C:\Program Files\Lenovo
2015-04-08 11:18 - 2015-03-10 22:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-20 00:27 - 2013-07-22 20:02 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-03-20 00:27 - 2013-07-22 20:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-03-19 23:06 - 2014-08-15 10:27 - 00000000 ____D () C:\Windows\rescache
2015-03-19 22:26 - 2014-08-20 13:59 - 00000000 ____D () C:\Users\VB\AppData\Local\Adobe
==================== Files in the root of some directories =======
2013-08-19 07:44 - 2013-09-24 08:46 - 0007596 _____ () C:\Users\VB\AppData\Local\resmon.resmoncfg
2013-07-22 15:39 - 2013-07-22 15:39 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\VB\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzqsgei.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 10:32
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-04-2015
Ran by VB at 2015-04-15 12:38:26
Running from C:\Users\VB\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 17 ActiveX (HKLM\...\{8C901387-B304-404D-93C0-E2E0C2D53D90}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM\...\Canon MX920 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (Version: 5.5.708 - Avery) Hidden
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Elevated Installer (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Energie-Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.55 - )
FixFoto 3.30 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
Freizeitkarte_ALPS (Ausgabe 13.09) (HKLM\...\Freizeitkarte_ALPS) (Version: - )
Freizeitkarte_AUT+ (Ausgabe 13.09) (HKLM\...\Freizeitkarte_AUT+) (Version: - )
Freizeitkarte_BEL (Ausgabe 13.09) (HKLM\...\Freizeitkarte_BEL) (Version: - )
Freizeitkarte_BEL_NLD_LUX (Ausgabe 13.09) (HKLM\...\Freizeitkarte_BEL_NLD_LUX) (Version: - )
Freizeitkarte_CHE+ (Ausgabe 13.09) (HKLM\...\Freizeitkarte_CHE+) (Version: - )
Freizeitkarte_DEU+ (Ausgabe 13.09) (HKLM\...\Freizeitkarte_DEU+) (Version: - )
Freizeitkarte_FRA (Ausgabe 13.09) (HKLM\...\Freizeitkarte_FRA) (Version: - )
Freizeitkarte_ITA (Ausgabe 13.09) (HKLM\...\Freizeitkarte_ITA) (Version: - )
Garmin BaseCamp (HKLM\...\{7C69F731-6471-48FE-899B-1C40F80042C7}) (Version: 4.4.2 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2015.20 (HKLM\...\{EF144B2A-E433-45ED-959C-FD913ABCE5D8}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM\...\{F0D44E64-51EE-4888-A1FD-F13108B75A43}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin VIRB Edit (HKLM\...\{0CCE02C9-1020-46D8-AD46-B138CC379958}) (Version: 2.6.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
inSSIDer Home (HKLM\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1867 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Join Air (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ZTE Corporation)
Keyman Package - GreekClassical (HKLM\...\Keyman Package GreekClassical) (Version: - )
klickTel OEM Herbst 2012 (HKLM\...\{3BE928ED-DFAD-4AE2-9EE2-FD635612866B}) (Version: 1.00.0000 - telegate MEDIA AG)
Lenovo Patch Utility (HKLM\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0034 - Lenovo)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PrintKey2000 (HKLM\...\PrintKey2000) (Version: - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0027.00 - Lenovo Group Limited)
Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7255 - Analog Devices)
StarMoney (Version: 4.0.4.16 - StarFinanz) Hidden
StarMoney 9.0 (HKLM\...\{6D06E570-8F56-4589-A65E-3112F512BDEB}) (Version: 9.0 - Star Finanz GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tavultesoft Keyman 6.0 (HKLM\...\Tavultesoft Keyman 6.0) (Version: - )
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad TrackPoint Driver (HKLM\...\TrackPoint) (Version: 4.73.1.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinMerge 2.14.0 (HKLM\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
13-04-2015 14:00:33 Windows-Sicherung
15-04-2015 11:34:14 Removed iTunes
15-04-2015 11:36:37 Removed Partition Manager 8.5 Enterprise Server Edition
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04A7767C-E899-4979-8EE3-39EDF9CB4571} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {201E8AF9-2AD0-4859-8E50-F611D3EE13EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {20286C40-4533-459D-9650-54C07AA3A217} - System32\Tasks\{91BA3ACA-2F9F-4EAE-B402-FB6655F89350} => C:\WU Temp\PrintKey 2000 - CHIP-Downloader.exe
Task: {2DE01F74-A019-42C7-A9C4-102716371E29} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {3A77DB6C-F1DA-4C60-ACBB-EC984ADD2F9D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3B956D18-B55B-417F-B750-066DB71DB5D5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3C5E6E2A-BD9B-428E-9210-3A93A4545C8D} - System32\Tasks\{3174844E-54BA-4883-BB4B-84BD8635F16D} => pcalua.exe -a D:\lenovo\BIOS.exe -d D:\lenovo
Task: {4C3B278D-EE21-44D3-87E2-D780748A438E} - System32\Tasks\{4B19F265-141B-46B6-B51B-76EF73F5728A} => pcalua.exe -a "C:\WU Temp\7mwc03ww.exe" -d "C:\WU Temp"
Task: {67CA7FC8-A5EA-4D60-B527-3C65001E12A9} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {6E281B41-559C-4FDA-BF78-5808A6E98E03} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {77ABAFC9-CDAC-4A57-B2AB-EEB6480E3807} - System32\Tasks\{CCBD5CED-D3B8-4151-9500-B06BC0797129} => pcalua.exe -a D:\lenovo\tvtvrnr43_1027fi.exe -d D:\lenovo
Task: {789908AD-55B6-44C2-94A3-EFE3892EDA4B} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {9994D70A-3A18-4C80-91F3-4C8A03DECBC8} - System32\Tasks\{CBB3FBC8-5D31-4494-9FAF-E56405B8BFA8} => pcalua.exe -a "C:\Program Files\DVAG Online-System\smartclient\smartclient.exe" -d "C:\Program Files\DVAG Online-System\smartclient\" -c -profile de
Task: {9F327FD7-3B81-4AB8-9D17-C8B5AD15BD0E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A07E1EA2-06F5-493E-A54B-F607559F3550} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {A2BFC3BB-5494-48C2-8D98-81BC92581156} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A9EB6D1C-0CAA-48FD-B7B2-A76C56D34A0A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B2DC7E45-988B-4CF6-90EC-F931C5588201} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {BC97B9D5-3E03-48B2-9F7F-8DD0DAD6E3FB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {C448DBEB-535E-4C4B-A408-4CEA79FA0BC7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E3BB47B1-C439-444F-9E3E-158E88E71223} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2015-03-27] ()
Task: {EE7E91B5-94C1-435B-A107-28B71BA53269} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-20] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-07-23 07:41 - 2013-06-06 08:24 - 00019448 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\TeamViewer_PrintProcessor.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-16 17:07 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2014-08-06 10:07 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files\StarMoney 9.0\ouservice\PATCHW32.dll
2013-08-03 00:47 - 2010-04-27 16:57 - 00247152 _____ () C:\Program Files\Join Air\AssistantServices.exe
2013-08-03 00:47 - 2010-04-27 17:06 - 00138072 _____ () C:\Program Files\Join Air\UIExec.exe
2013-07-22 22:13 - 2013-06-26 06:55 - 00095232 _____ () C:\Program Files\ThinkPad\Utilities\GR\PWMRT32V.DLL
2012-06-14 22:11 - 2012-06-14 22:11 - 00325968 _____ () C:\ProgramData\Microsoft\Windows\WER\lua5.1.dll
2015-04-15 12:16 - 2015-04-15 12:16 - 00043008 _____ () c:\users\vb\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzqsgei.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VB\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VR-NetWorld Auftragsprüfung.lnk => C:\Windows\pss\VR-NetWorld Auftragsprüfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^VB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Officejet Pro 8500 A910 (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Officejet Pro 8500 A910 (Netzwerk).lnk.Startup
MSCONFIG\startupreg: Launch Backup Service Once => C:\Program Files\Lenovo\Rescue and Recovery\rrstrigger.exe -start
MSCONFIG\startupreg: PSQLLauncher => "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
==================== Accounts: =============================
Administrator (S-1-5-21-1530652611-3691238261-3748657044-500 - Administrator - Disabled)
Gast (S-1-5-21-1530652611-3691238261-3748657044-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1530652611-3691238261-3748657044-1002 - Limited - Enabled)
Scanner (S-1-5-21-1530652611-3691238261-3748657044-1003 - Limited - Enabled)
VB (S-1-5-21-1530652611-3691238261-3748657044-1001 - Administrator - Enabled) => C:\Users\VB
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2015 00:15:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/15/2015 00:15:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/15/2015 00:15:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (04/15/2015 00:16:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (04/15/2015 00:15:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (04/15/2015 00:15:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (04/15/2015 00:15:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
CodeIntegrity Errors:
===================================
Date: 2015-04-15 12:16:38.178
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-15 12:16:27.438
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-15 12:14:18.221
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-15 11:43:30.070
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-15 11:43:06.973
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-15 11:41:04.170
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-15 10:03:20.325
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-15 09:58:45.576
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-15 09:58:43.541
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-14 14:36:02.614
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz
Percentage of memory in use: 47%
Total physical RAM: 3062.3 MB
Available physical RAM: 1602.23 MB
Total Pagefile: 6122.89 MB
Available Pagefile: 4381.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1914.75 MB
==================== Drives ================================
Drive c: (Bobby) (Fixed) (Total:172.78 GB) (Free:43.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:292.97 GB) (Free:126.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1678649D)
Partition 1: (Active) - (Size=172.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-15 13:16:16
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9500420AS rev.0002SDM1 465,76GB
Running: Gmer-19357(1).exe; Driver: C:\Users\VB\AppData\Local\Temp\uwdyakob.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0x912016E0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0x91201800]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0x91201010]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenThread [0x912014D0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendProcess [0x91201300]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendThread [0x912013E0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0x91201120]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0x91201210]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0x912015E0]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRequestWaitReplyPort + 1495 830509E5 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8308A312 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1357 830917DC 2 Bytes [E0, 16] {LOOPNZ 0x18}
.text ntkrnlpa.exe!KeRemoveQueueEx + 135A 830917DF 3 Bytes [91, 00, 18] {XCHG ECX, EAX; ADD [EAX], BL}
.text ntkrnlpa.exe!KeRemoveQueueEx + 135E 830917E3 1 Byte [91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 139F 83091824 4 Bytes [10, 10, 20, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 13BF 83091844 4 Bytes [D0, 14, 20, 91] {RCL BYTE [EAX], 0x1; XCHG ECX, EAX}
.text ...
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\SearchIndexer.exe[1680] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\SearchIndexer.exe[1680] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\SearchIndexer.exe[1680] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\Dwm.exe[2528] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\Dwm.exe[2528] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\Dwm.exe[2528] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[2560] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[2560] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[2560] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\Explorer.EXE[2580] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\Explorer.EXE[2580] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\Explorer.EXE[2580] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[2604] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[2604] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[2604] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\wbem\unsecapp.exe[2876] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\wbem\unsecapp.exe[2876] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\wbem\unsecapp.exe[2876] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe[2940] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe[2940] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe[2940] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe[2948] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe[2948] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe[2948] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\Zoom\TpScrex.exe[3072] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\Zoom\TpScrex.exe[3072] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\Zoom\TpScrex.exe[3072] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\shtctky.exe[3080] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\shtctky.exe[3080] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\shtctky.exe[3080] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3396] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3396] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3396] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE[3524] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE[3524] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE[3524] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3572] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3572] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3572] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe[3652] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe[3652] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe[3652] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3740] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3740] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\svchost.exe[3740] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe[3756] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe[3756] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe[3756] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe[3824] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe[3824] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe[3824] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Join Air\AssistantServices.exe[3848] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Join Air\AssistantServices.exe[3848] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Join Air\AssistantServices.exe[3848] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE[3888] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE[3888] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE[3888] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\DRIVERS\xaudio.exe[3952] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\DRIVERS\xaudio.exe[3952] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\DRIVERS\xaudio.exe[3952] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[3984] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[3984] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[3984] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe[4080] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe[4080] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe[4080] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE[4212] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE[4212] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE[4212] KERNEL32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\wbem\wmiprvse.exe[4252] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\wbem\wmiprvse.exe[4252] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\wbem\wmiprvse.exe[4252] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\TrackPoint\tp4serv.exe[4520] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\TrackPoint\tp4serv.exe[4520] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Lenovo\TrackPoint\tp4serv.exe[4520] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\TeamViewer\Version8\TeamViewer.exe[4528] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\TeamViewer\Version8\TeamViewer.exe[4528] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\TeamViewer\Version8\TeamViewer.exe[4528] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\TpShocks.exe[4564] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\TpShocks.exe[4564] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\TpShocks.exe[4564] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Join Air\UIExec.exe[4596] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Join Air\UIExec.exe[4596] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Join Air\UIExec.exe[4596] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\hkcmd.exe[4608] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\hkcmd.exe[4608] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\hkcmd.exe[4608] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE[4620] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE[4620] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE[4620] KERNEL32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[4644] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[4644] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[4644] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe[4748] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe[4748] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe[4748] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\AVG\AVG2015\avgui.exe[4800] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\AVG\AVG2015\avgui.exe[4800] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\AVG\AVG2015\avgui.exe[4800] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\igfxtray.exe[4832] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\igfxtray.exe[4832] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\igfxtray.exe[4832] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\rundll32.exe[4840] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\rundll32.exe[4840] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\rundll32.exe[4840] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\iTunes\iTunesHelper.exe[4868] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\iTunes\iTunesHelper.exe[4868] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\iTunes\iTunesHelper.exe[4868] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\ProgramData\Microsoft\Windows\WER\wermgr.exe[4876] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\ProgramData\Microsoft\Windows\WER\wermgr.exe[4876] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\ProgramData\Microsoft\Windows\WER\wermgr.exe[4876] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\igfxpers.exe[4900] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\igfxpers.exe[4900] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\igfxpers.exe[4900] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\igfxsrvc.exe[4916] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\igfxsrvc.exe[4916] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\igfxsrvc.exe[4916] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Windows Sidebar\sidebar.exe[4984] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Windows Sidebar\sidebar.exe[4984] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Windows Sidebar\sidebar.exe[4984] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Garmin\Express Tray\ExpressTray.exe[4996] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Garmin\Express Tray\ExpressTray.exe[4996] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Garmin\Express Tray\ExpressTray.exe[4996] KERNEL32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\PrintKey2000\Printkey2000.exe[5108] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\PrintKey2000\Printkey2000.exe[5108] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\PrintKey2000\Printkey2000.exe[5108] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe[5140] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe[5140] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe[5140] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe[5264] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe[5264] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe[5264] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\taskeng.exe[5332] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\taskeng.exe[5332] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\taskeng.exe[5332] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\iPod\bin\iPodService.exe[5412] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\iPod\bin\iPodService.exe[5412] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\iPod\bin\iPodService.exe[5412] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\CCleaner\CCleaner.exe[5536] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\CCleaner\CCleaner.exe[5536] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\CCleaner\CCleaner.exe[5536] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\CCleaner\CCleaner.exe[5536] USER32.dll!SetScrollRange 75C08EC5 5 Bytes JMP 013A7DE4 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[5536] USER32.dll!GetScrollInfo 75C12DA3 5 Bytes JMP 013A7D77 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[5536] USER32.dll!SetScrollInfo 75C148DA 5 Bytes JMP 013A7E1B C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[5536] USER32.dll!GetScrollRange 75C3045A 5 Bytes JMP 013A7D1A C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[5536] USER32.dll!SetScrollPos 75C304BE 5 Bytes JMP 013A7CF5 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[5536] USER32.dll!GetScrollPos 75C30E43 5 Bytes JMP 013A7D52 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[5536] USER32.dll!EnableScrollBar 75C319CE 5 Bytes JMP 013A7E4F C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[5536] USER32.dll!ShowScrollBar 75C33C89 5 Bytes JMP 013A7DAA C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\TeamViewer\Version8\tv_w32.exe[5668] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\TeamViewer\Version8\tv_w32.exe[5668] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\TeamViewer\Version8\tv_w32.exe[5668] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\svchost.exe[5724] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\svchost.exe[5724] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\System32\svchost.exe[5724] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5940] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5940] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5940] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\ctfmon.exe[5992] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\ctfmon.exe[5992] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\ctfmon.exe[5992] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\igfxext.exe[6156] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\igfxext.exe[6156] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Windows\system32\igfxext.exe[6156] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe[7268] ntdll.dll!NtMapViewOfSection 778F5C68 5 Bytes JMP 67FF1460 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe[7268] ntdll.dll!NtWriteVirtualMemory 778F6AD8 5 Bytes JMP 67FF1120 C:\Program Files\AVG\AVG2015\avghookx.dll
.text C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe[7268] kernel32.dll!CreateProcessInternalW 74E60852 5 Bytes JMP 67FF1260 C:\Program Files\AVG\AVG2015\avghookx.dll
---- Devices - GMER 2.1 ----
Device \Driver\kbdclass \Device\KeyboardClass0 Tppwr32v.sys
Device \Driver\kbdclass \Device\KeyboardClass1 Tppwr32v.sys
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269c6b540
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269c6b540@00162032508e 0x63 0xE2 0xED 0x8E ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269c6b540 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269c6b540@00162032508e 0x63 0xE2 0xED 0x8E ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
15.04.2015, 13:31
| #2 |
| /// the machine /// TB-Ausbilder    | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Hi,
__________________Router auf Werkseinstellungen zurücksetzen, Verbindungsdaten neu eingeben. Dann auf allen Rechnern alle Browser einmal komplett zurücksetzen.
__________________ |
|
16.04.2015, 11:19
| #3 |
| | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Danke für den Tipp. Leider hat es nicht funktioniert. ptp24 dot com öffnet sich wieder.
__________________Oder habe ich etwas falsch gemacht? Ich habe die Sicherungsdatei von der FritzBox wieder eingelesen. Das war wohl Blödsinn. |
|
16.04.2015, 18:26
| #4 |
| /// the machine /// TB-Ausbilder | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Wenn ich schreibe zurücksetzen auf Werkseinstellungen, bedeutet das nicht Backup einspielen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.04.2015, 18:55
| #5 |
| | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Jau, schon klar. Ich gelobe Besserung!  |
|
17.04.2015, 06:17
| #6 |
| /// the machine /// TB-Ausbilder | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Ok, mach das, dann Firmware updaten auf dem Router und an allen REchnern die Browser. Wenn mehr als ein Rechner im gleichen Netz identische Probleme hat ist es zu 99% der Router, 1% durch Zufall die gleiche Infektion auf mehreren Geräten.
__________________ --> Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit |
|
17.04.2015, 13:06
| #7 |
| | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Moin schrauber, auf diesem System (W7 32bit) starten gerade wieder zwei Tabs mit PTP24 bei Firefox 37.0.1. Beim W7 64bit System haben sich in Chrome von 9 - 13.30 Uhr 16 Tabs mit PTP24 geöffnet. Firefox Developer Edition blieb verschont. Beide Browser waren geöffnet. Und ich habe alle Browser zurückgesetzt und die neuesten Versionen installiert. Ebenso beim Router. Von Hand alles eingetragen und nach dem neuesten Update geschaut. Es war aber schon installiert. Was habe ich diesmal falsch gemacht? Ratlos..... |
|
18.04.2015, 07:52
| #8 |
| /// the machine /// TB-Ausbilder | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Dann poste mal folgende Logs von beiden Rechnern. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.04.2015, 12:12
| #9 |
| | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Gerne. Hier W7 64bit FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01
Ran by NN (administrator) on I3 on 18-04-2015 12:55:41
Running from C:\Users\NN\Desktop
Loaded Profiles: NN (Available profiles: NN)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Dropbox, Inc.) C:\Users\NN\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Mozilla Corporation) C:\Program Files\Firefox Developer Edition\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files\Firefox Developer Edition\plugin-container.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-03-25] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\MountPoints2: {4f875e64-ce4e-11e4-b190-e03f498397fc} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Vertriebsportal.exe
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\MountPoints2: {d551186e-9c17-11e4-b85e-915197496b56} - F:\pushinst.exe
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\MountPoints2: {d6844535-9c1b-11e4-99a1-c22db5732756} - F:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\Users\NN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\NN\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\NN\AppData\Roaming\Mozilla\Firefox\Profiles\t5wetv4i.default-1424854607948
FF Homepage: https://www.mozilla.org/de/|hxxp://www.tecchannel.de/pc_mobile/tipps/2040364/internet_explorer_10_unter_windows_7_deinstallieren/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\NN\AppData\Roaming\Mozilla\Firefox\Profiles\t5wetv4i.default-1424854607948\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-08]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Firefox Developer Edition\firefox.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
S2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 arusb_lhx; C:\Windows\System32\DRIVERS\arusb_lhx.sys [539136 2008-07-24] (Atheros Communications, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 12:55 - 2015-04-18 12:55 - 00000000 ____D () C:\Users\NN\Desktop\FRST-OlderVersion
2015-04-17 16:23 - 2015-04-17 16:23 - 00000000 ____D () C:\Program Files\Firefox Developer Edition
2015-04-16 22:43 - 2015-04-16 22:43 - 00264846 _____ () C:\Users\NN\Downloads\FRITZ.Box Fon WLAN 7270 v3 (UI) 74.06.05_16.04.15_2243.export
2015-04-16 21:19 - 2015-04-16 21:19 - 00012231 _____ () C:\Users\NN\Downloads\FRITZ.Box_Telefonbuch_16.04.15_2119.xml
2015-04-16 21:19 - 2015-04-16 21:19 - 00010251 _____ () C:\Users\NN\Downloads\FRITZ.Box_Telefonbuch_Volkers Telephonbuch_16.04.15_2119.xml
2015-04-16 21:18 - 2015-04-16 21:18 - 00609001 _____ () C:\Users\NN\Downloads\FRITZ.Box Fon WLAN 7270 v3 (UI) 74.06.05_16.04.15_2118.export
2015-04-16 21:07 - 2015-04-16 21:07 - 00000630 _____ () C:\Windows\PFRO.log
2015-04-16 20:22 - 2015-04-16 20:22 - 01203488 _____ () C:\Users\NN\Downloads\Firefox 39 Developer Edition 64 Bit - CHIP-Installer.exe
2015-04-16 20:22 - 2015-04-16 20:22 - 00002069 _____ () C:\Users\NN\Desktop\Firefox 39 Developer Edition (64 Bit) - CHIP Downloader.lnk
2015-04-16 12:40 - 2015-04-16 12:40 - 00001268 _____ () C:\Users\NN\Desktop\Revo Uninstaller.lnk
2015-04-16 12:40 - 2015-04-16 12:40 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-04-16 12:39 - 2015-04-16 12:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\NN\Downloads\revosetup.exe
2015-04-15 16:00 - 2015-04-15 16:01 - 00607936 _____ () C:\Users\NN\Downloads\FRITZ.Box Fon WLAN 7270 v3 (UI) 74.06.05_15.04.15_1600.export
2015-04-15 15:05 - 2015-04-15 15:05 - 00011961 _____ () C:\Users\NN\Downloads\FRITZ.Box_Telefonbuch_15.04.15_1505.xml
2015-04-15 15:05 - 2015-04-15 15:05 - 00010230 _____ () C:\Users\NN\Downloads\FRITZ.Box_Telefonbuch_Volkers Telephonbuch_15.04.15_1505.xml
2015-04-15 15:00 - 2015-04-15 15:00 - 00610272 _____ () C:\Users\NN\Downloads\FRITZ.Box Fon WLAN 7270 v3 (UI) 74.06.05_15.04.15_1500.export
2015-04-15 14:01 - 2015-04-15 14:01 - 00000618 _____ () C:\Users\NN\Desktop\JRT.txt
2015-04-15 13:57 - 2015-04-15 13:57 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-I3-Windows-7-Ultimate-(64-bit).dat
2015-04-15 13:57 - 2015-04-15 13:57 - 00000000 ____D () C:\RegBackup
2015-04-15 13:49 - 2015-04-15 13:49 - 02347384 _____ (ESET) C:\Users\NN\Desktop\esetsmartinstaller_deu.exe
2015-04-15 13:48 - 2015-04-15 13:48 - 02687136 _____ (Thisisu) C:\Users\NN\Desktop\JRT.exe
2015-04-15 13:30 - 2015-04-15 13:30 - 00001206 _____ () C:\Users\NN\Desktop\Malwarescan.txt
2015-04-15 12:54 - 2015-04-15 12:54 - 00031777 _____ () C:\Users\NN\Desktop\Addition.txt
2015-04-15 12:53 - 2015-04-18 12:55 - 00013531 _____ () C:\Users\NN\Desktop\FRST.txt
2015-04-15 12:52 - 2015-04-15 12:52 - 00000466 _____ () C:\Users\NN\Desktop\defogger_disable.log
2015-04-09 18:41 - 2015-04-09 18:41 - 00000000 ____D () C:\Users\NN\Downloads\Install_Power_Commander_5_v1.0.6.4
2015-04-09 18:38 - 2015-04-09 18:38 - 00000000 ____D () C:\Users\NN\Downloads\PC5Moto v0.1.10.6.pvu
2015-04-09 18:33 - 2015-04-09 18:33 - 00224219 _____ () C:\Users\NN\Downloads\PC5Moto v0.1.10.6.pvu.zip
2015-04-09 18:24 - 2015-04-09 18:24 - 00122182 _____ (Dynojet Research, Inc.) C:\Users\NN\Downloads\M12-001-all.exe
2015-04-09 15:27 - 2015-04-09 15:27 - 00097637 _____ (Oleg N. Scherbakov) C:\Users\NN\Downloads\m12-002-All(1).exe
2015-04-09 14:54 - 2015-04-18 12:40 - 00001176 _____ () C:\Windows\setupact.log
2015-04-09 14:54 - 2015-04-09 14:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-09 14:50 - 2015-04-09 18:42 - 00001032 _____ () C:\Users\Public\Desktop\Power Commander 5.lnk
2015-04-09 14:50 - 2015-04-09 18:42 - 00000000 ____D () C:\Program Files (x86)\Power Commander 5
2015-04-09 12:07 - 2015-04-18 12:55 - 02098176 _____ (Farbar) C:\Users\NN\Desktop\FRST64.exe
2015-04-09 12:07 - 2015-04-09 12:06 - 00380416 _____ () C:\Users\NN\Desktop\Gmer-19357.exe
2015-04-09 12:07 - 2015-04-09 11:25 - 00050477 _____ () C:\Users\NN\Desktop\Defogger.exe
2015-04-09 12:07 - 2015-04-09 11:21 - 02217984 _____ () C:\Users\NN\Desktop\adwcleaner_4.201.exe
2015-04-09 12:06 - 2015-04-09 12:06 - 00380416 _____ () C:\Users\NN\Downloads\Gmer-19357.exe
2015-04-09 11:26 - 2015-04-09 11:26 - 00000466 _____ () C:\Users\NN\Downloads\defogger_disable.log
2015-04-09 11:25 - 2015-04-09 11:26 - 00028764 _____ () C:\Users\NN\Downloads\Addition.txt
2015-04-09 11:25 - 2015-04-09 11:26 - 00023700 _____ () C:\Users\NN\Downloads\FRST.txt
2015-04-09 11:25 - 2015-04-09 11:25 - 02095616 _____ (Farbar) C:\Users\NN\Downloads\FRST64.exe
2015-04-09 11:25 - 2015-04-09 11:25 - 00050477 _____ () C:\Users\NN\Downloads\Defogger.exe
2015-04-08 12:06 - 2015-04-08 12:06 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-08 11:41 - 2015-04-08 11:41 - 00000000 ____D () C:\Users\NN\Downloads\PC5Moto v0.1.10.6.pvu(1)
2015-03-27 18:29 - 2015-03-27 18:29 - 00224219 _____ () C:\Users\NN\Downloads\PC5Moto v0.1.10.6.pvu(1).zip
2015-03-27 18:21 - 2015-04-09 18:42 - 00000000 ____D () C:\Users\NN\Documents\Power Commander 5
2015-03-27 18:20 - 2015-03-27 18:20 - 00097637 _____ (Oleg N. Scherbakov) C:\Users\NN\Downloads\m12-002-All.exe
2015-03-27 17:59 - 2015-04-09 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Commander 5
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-19 22:43 - 2015-03-19 22:43 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2015-03-19 19:52 - 2015-04-08 11:10 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-03-19 19:33 - 2015-03-19 19:37 - 182341048 _____ (AVG Technologies) C:\Users\NN\Downloads\avg_free_x645856_all_2015_ltst_221.exe
2015-03-19 18:36 - 2015-03-19 18:36 - 00000000 ____D () C:\Users\NN\AppData\Local\CrashRpt
2015-03-19 18:36 - 2015-03-19 18:36 - 00000000 ____D () C:\ProgramData\AVG
2015-03-19 18:33 - 2015-04-18 12:44 - 00117679 _____ () C:\Windows\WindowsUpdate.log
2015-03-19 18:14 - 2015-03-19 22:39 - 00000383 _____ () C:\DelFix.txt
2015-03-19 18:14 - 2015-03-19 18:14 - 00000000 ____D () C:\Windows\ERUNT
2015-03-19 18:04 - 2015-03-27 18:50 - 00000000 ____D () C:\Windows\Minidump
2015-03-19 17:58 - 2015-03-19 17:58 - 00000000 ____D () C:\rsit
2015-03-19 17:58 - 2015-03-19 17:58 - 00000000 ____D () C:\Program Files (x86)\trend micro
2015-03-19 17:50 - 2015-04-18 12:55 - 00000000 ____D () C:\FRST
2015-03-19 17:46 - 2015-04-08 17:04 - 00000000 ____D () C:\Malware
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 12:51 - 2015-01-28 19:45 - 00000000 ____D () C:\Program Files (x86)\DVAG Online-System
2015-04-18 12:48 - 2009-07-14 06:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:48 - 2009-07-14 06:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:46 - 2015-01-16 14:52 - 00003894 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1404E68D-D479-427F-85CC-B75727716C99}
2015-04-18 12:45 - 2015-01-15 18:14 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-18 12:43 - 2015-02-09 14:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 12:43 - 2015-01-15 18:44 - 00000000 ___RD () C:\Users\NN\Dropbox
2015-04-18 12:41 - 2015-01-15 18:39 - 00000000 ____D () C:\Users\NN\AppData\Roaming\Dropbox
2015-04-18 12:40 - 2015-01-30 12:26 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-04-18 12:40 - 2015-01-16 15:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 12:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 14:56 - 2015-01-14 20:47 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-17 14:55 - 2015-01-14 20:47 - 00000000 ____D () C:\Users\NN\AppData\Local\Google
2015-04-17 08:05 - 2015-02-25 10:12 - 00000000 ____D () C:\Users\NN\Desktop\Alte Firefox-Daten
2015-04-16 22:36 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-04-16 19:58 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-04-15 13:27 - 2015-02-23 14:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 13:07 - 2015-02-23 15:29 - 00000000 ____D () C:\AdwCleaner
2015-04-15 11:43 - 2015-02-09 14:50 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 11:43 - 2015-02-09 14:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 11:43 - 2015-02-09 14:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 09:53 - 2015-01-15 18:41 - 00000000 ____D () C:\Users\NN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 10:24 - 2009-07-14 19:58 - 00821220 _____ () C:\Windows\system32\perfh007.dat
2015-04-09 10:24 - 2009-07-14 19:58 - 00190336 _____ () C:\Windows\system32\perfc007.dat
2015-04-09 10:24 - 2009-07-14 07:13 - 01921648 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 17:09 - 2015-01-15 16:45 - 00001346 _____ () C:\Users\NN\Desktop\AUS.lnk
2015-04-08 13:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-08 12:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-04-08 11:24 - 2015-02-24 16:22 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-08 11:24 - 2015-02-24 16:22 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-08 11:10 - 2015-02-03 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-27 18:37 - 2015-01-14 20:04 - 00000000 ____D () C:\Users\NN\AppData\Local\VirtualStore
2015-03-19 20:16 - 2015-01-28 19:48 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-19 20:15 - 2015-02-23 22:18 - 00000000 ____D () C:\Program Files (x86)\7a0a8602-d927-415e-a813-0db6c69aa6a4
2015-03-19 18:40 - 2015-01-16 16:28 - 00000000 ____D () C:\Users\NN\AppData\Local\Adobe
2015-03-19 18:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-19 18:04 - 2009-07-14 07:08 - 00032570 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2015-01-25 18:12 - 2015-01-25 18:12 - 0001248 _____ () C:\Users\NN\AppData\Roaming\UZKBXKDL
2015-01-25 18:12 - 2015-01-25 18:12 - 0002086 _____ () C:\Users\NN\AppData\Roaming\ZXW
2015-02-20 19:29 - 2015-02-20 19:29 - 0007605 _____ () C:\Users\NN\AppData\Local\Resmon.ResmonCfg
2015-01-14 20:29 - 2015-01-14 20:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\NN\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp681tp3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 11:19
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-04-2015 01
Ran by NN at 2015-04-18 12:56:58
Running from C:\Users\NN\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (x32 Version: 5.5.708 - Avery) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Firefox Developer Edition 39.0a2 (x64 de) (HKLM\...\Firefox Developer Edition 39.0a2 (x64 de)) (Version: 39.0a2 - Mozilla)
FixFoto 3.50 X64 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Garmin BaseCamp (HKLM-x32\...\{31A67F6C-D79D-47B9-9F0B-13C0FCF3C3A8}) (Version: 4.4.6 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2015.20 (HKLM-x32\...\{EF144B2A-E433-45ED-959C-FD913ABCE5D8}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM-x32\...\{F0D44E64-51EE-4888-A1FD-F13108B75A43}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin VIRB Edit (HKLM-x32\...\{7FE515DE-36C8-4948-9786-496CE891BBFB}) (Version: 2.9.1 - Garmin Ltd or its subsidiaries)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0a2 - Mozilla)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - )
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
TL-WN821N-Drahtlos-Tool (HKLM-x32\...\{E74A1D67-FFFE-4A15-9287-50B3C0465454}) (Version: 7.0 - TP-LINK)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
version 1.0.3.1 (HKLM-x32\...\{021AC692-8CAC-43B3-8A10-EC6DEC3F9333}_is1) (Version: - Dynojet Research Inc.)
version 1.0.6.4 (HKLM-x32\...\{A877D2BD-19D7-443E-95FD-DA0A8ECB88FA}_is1) (Version: - Dynojet Research Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
08-04-2015 13:44:20 Geplanter Prüfpunkt
16-04-2015 13:33:41 Geplanter Prüfpunkt
17-04-2015 14:53:50 Revo Uninstaller's restore point - Google Chrome
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-07 23:13 - 2014-09-07 23:13 - 00000888 ____A C:\Windows\system32\Drivers\etc\hosts
109.120.169.64 albert.apple.com.
109.120.169.64 gs.apple.com.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1E4C1969-E83E-475D-9671-7F042508DEAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {24B57C20-65D4-4EA2-A5BC-580FDDC64E69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {764F2688-666A-4D77-9BB6-3E0CF4D8B0D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {A7C59E88-7D75-4EC5-A3D2-FDF5D3748AF6} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {AB71F702-52C4-428B-A733-29AF031251EF} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B8D181FA-0C52-46C3-B915-A3D7313B7241} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Loaded Modules (whitelisted) ==============
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-14 20:48 - 2013-05-07 09:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-04-15 11:43 - 2015-04-15 11:43 - 23071408 _____ () C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
2015-01-14 20:48 - 2015-04-18 12:40 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-01-14 20:48 - 2013-05-07 09:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-18 12:40 - 2015-04-18 12:40 - 00043008 _____ () c:\users\nn\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp681tp3.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\NN\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\NN\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\NN\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\NN\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-06-14 22:11 - 2012-06-14 22:11 - 00325968 _____ () C:\ProgramData\Microsoft\Windows\WER\lua5.1.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:A5B56640
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-2645552766-4084710074-1429449726-500 - Administrator - Disabled)
Gast (S-1-5-21-2645552766-4084710074-1429449726-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2645552766-4084710074-1429449726-1002 - Limited - Enabled)
NN (S-1-5-21-2645552766-4084710074-1429449726-1000 - Administrator - Enabled) => C:\Users\NN
==================== Faulty Device Manager Devices =============
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/16/2015 10:21:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/16/2015 01:28:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 03:23:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 02:38:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 02:02:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 02:01:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 02:01:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (04/18/2015 00:40:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/18/2015 00:40:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/18/2015 00:40:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht.
Error: (04/17/2015 03:13:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/17/2015 03:13:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/17/2015 03:13:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (04/17/2015 03:12:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/17/2015 03:12:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht.
Error: (04/17/2015 08:08:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/17/2015 08:08:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (04/16/2015 10:21:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
Error: (04/16/2015 01:28:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (04/15/2015 03:23:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
Error: (04/15/2015 02:38:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (04/15/2015 02:02:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
Error: (04/15/2015 02:01:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
Error: (04/15/2015 02:01:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 73%
Total physical RAM: 3966.24 MB
Available physical RAM: 1059.61 MB
Total Pagefile: 7930.66 MB
Available Pagefile: 3249.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.39 GB) (Free:59.41 GB) NTFS
Drive d: () (Fixed) (Total:319.28 GB) (Free:319.14 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D4E5D4E5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Chrome habe ich bei beiden Systemen entfernt, FF Developer bei beiden neu installiert. Und dabei ploppen die Tabs auch nicht mehr auf. Nur noch beim IE und beim FF 37.0.1 Hier die Files vom W7 32bit System FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-04-2015 01
Ran by VB (administrator) on THINKPAD_X61 on 18-04-2015 12:59:07
Running from C:\Users\VB\Desktop
Loaded Profiles: VB (Available profiles: VB)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files\Join Air\AssistantServices.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\Join Air\UIExec.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Fred's Software) C:\Program Files\PrintKey2000\Printkey2000.exe
(Dropbox, Inc.) C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe
(telegate MEDIA AG) C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(Mozilla Corporation) C:\Program Files\Firefox Developer Edition\firefox.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TrackPointSrv] => C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [95264 2011-11-01] (Lenovo Group Limited)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [338216 2013-06-20] (Lenovo.)
HKLM\...\Run: [UIExec] => C:\Program Files\Join Air\UIExec.exe [138072 2010-04-27] ()
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {09af47db-ac51-11e4-a974-001d729afb15} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Vertriebsportal.exe
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {5d7880e2-f505-11e2-9c5b-001d729afb15} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Vertriebsportal.exe
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {8f3eb0a2-b334-11e3-add6-001d729afb15} - Explorer.exe UserGuild.htm
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-23] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
ShortcutTarget: Printkey2000.lnk -> C:\Program Files\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\klickTel OEM Herbst 2012 - Schnellstarter.lnk
ShortcutTarget: klickTel OEM Herbst 2012 - Schnellstarter.lnk -> C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe (telegate MEDIA AG)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-25] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-25] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\VB\AppData\Roaming\Mozilla\Firefox\Profiles\zwl4nuwt.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-23]
CHR Extension: (Google Docs) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (YouTube) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Google Search) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Google Sheets) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Gmail) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [110128 2014-05-27] (Lenovo Group Limited)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [1664808 2013-06-26] (Lenovo Group Limited)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [49136 2015-03-27] ()
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [116208 2014-06-10] (Lenovo Group Limited)
R2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [247152 2010-04-27] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [224736 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [11976 2011-05-30] (Authentec Inc.)
R3 Tp4Track; C:\Windows\System32\DRIVERS\tp4track.sys [24872 2011-11-01] (Lenovo Group Limited)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 12:57 - 2015-04-18 12:57 - 00000000 ____D () C:\Users\VB\Desktop\FRST-OlderVersion
2015-04-18 12:40 - 2015-04-18 12:40 - 00000326 _____ () C:\Windows\PFRO.log
2015-04-18 12:40 - 2015-04-18 12:40 - 00000056 _____ () C:\Windows\setupact.log
2015-04-18 12:40 - 2015-04-18 12:40 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-17 20:36 - 2015-04-17 20:36 - 00001196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2015-04-17 20:36 - 2015-04-17 20:36 - 00001184 _____ () C:\Users\Public\Desktop\Firefox Developer Edition.lnk
2015-04-17 20:36 - 2015-04-17 20:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-17 20:36 - 2015-04-17 20:36 - 00000000 ____D () C:\Program Files\Firefox Developer Edition
2015-04-17 18:38 - 2015-04-17 18:38 - 00001321 _____ () C:\Users\VB\Desktop\JRT.txt
2015-04-17 17:18 - 2015-04-17 17:18 - 40510536 _____ () C:\Users\VB\Downloads\firefox-39.0a2.de.win32.installer.exe
2015-04-17 15:47 - 2015-04-17 15:47 - 40676944 _____ () C:\Users\VB\Downloads\Firefox Setup 37.0.1.exe
2015-04-17 14:18 - 2015-04-17 14:18 - 00001231 _____ () C:\Users\VB\Desktop\Revo Uninstaller.lnk
2015-04-17 14:18 - 2015-04-17 14:18 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-04-17 14:17 - 2015-04-17 14:17 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VB\Downloads\revosetup95.exe
2015-04-17 08:31 - 2015-04-17 08:56 - 393494439 _____ () C:\Users\VB\Downloads\DVAG_Online-System_Vers.7.4.0.exe
2015-04-15 15:10 - 2015-04-15 15:10 - 00001213 _____ () C:\Users\VB\Desktop\Malwarebytes.txt
2015-04-15 14:28 - 2015-04-15 14:28 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 14:27 - 2015-04-15 14:27 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-15 14:27 - 2015-04-15 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-04-15 14:27 - 2015-04-15 14:27 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2015-04-15 14:27 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-15 14:27 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-15 14:27 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-15 14:24 - 2015-04-15 14:24 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\VB\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-15 14:17 - 2015-04-18 12:56 - 00000466 _____ () C:\Users\VB\Desktop\defogger_disable.log
2015-04-15 13:34 - 2015-04-17 18:14 - 02686254 _____ (Thisisu) C:\Users\VB\Desktop\JRT.exe
2015-04-13 17:57 - 2015-04-13 17:57 - 00000000 ____D () C:\Users\VB\Downloads\Install_Power_Commander_5_v1.0.6.4
2015-04-13 17:55 - 2015-04-13 17:56 - 11938322 _____ () C:\Users\VB\Downloads\Install_Power_Commander_5_v1.0.6.4.zip
2015-04-13 17:49 - 2015-04-13 17:50 - 02347384 _____ (ESET) C:\Users\VB\Downloads\esetsmartinstaller_deu(1).exe
2015-04-09 11:56 - 2015-04-17 19:09 - 00033207 _____ () C:\Users\VB\Desktop\Addition.txt
2015-04-09 11:54 - 2015-04-18 12:59 - 00017643 _____ () C:\Users\VB\Desktop\FRST.txt
2015-04-09 11:50 - 2015-04-18 12:57 - 01137664 _____ (Farbar) C:\Users\VB\Desktop\FRST.exe
2015-04-09 11:50 - 2015-04-09 10:57 - 00380416 _____ () C:\Users\VB\Desktop\Gmer-19357(1).exe
2015-04-09 11:50 - 2015-04-09 10:43 - 00050477 _____ () C:\Users\VB\Desktop\Defogger.exe
2015-04-09 11:50 - 2015-03-20 07:29 - 00602112 _____ (OldTimer Tools) C:\Users\VB\Desktop\OTL.exe
2015-04-09 11:41 - 2015-04-15 13:16 - 00038895 _____ () C:\Users\VB\Desktop\gmer.log
2015-04-09 11:41 - 2015-04-09 11:54 - 00010610 _____ () C:\Users\VB\Desktop\gmer1.log
2015-04-09 10:57 - 2015-04-09 10:57 - 00380416 _____ () C:\Users\VB\Downloads\Gmer-19357(1).exe
2015-04-09 10:50 - 2015-04-09 10:52 - 00026765 _____ () C:\Users\VB\Downloads\Addition.txt
2015-04-09 10:49 - 2015-04-09 10:52 - 00039697 _____ () C:\Users\VB\Downloads\FRST.txt
2015-04-09 10:47 - 2015-04-18 12:59 - 00000000 ____D () C:\FRST
2015-04-09 10:46 - 2015-04-09 10:46 - 01135104 _____ (Farbar) C:\Users\VB\Downloads\FRST.exe
2015-04-09 10:45 - 2015-04-09 10:46 - 00000466 _____ () C:\Users\VB\Downloads\defogger_disable.log
2015-04-09 10:45 - 2015-04-09 10:45 - 00000000 _____ () C:\Users\VB\defogger_reenable
2015-04-09 10:43 - 2015-04-09 10:43 - 00050477 _____ () C:\Users\VB\Downloads\Defogger.exe
2015-04-08 17:02 - 2015-04-08 17:02 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-THINKPAD_X61-Windows-7-Ultimate-(32-bit).dat
2015-04-08 17:02 - 2015-04-08 17:02 - 00000000 ____D () C:\RegBackup
2015-04-08 15:33 - 2015-04-08 15:34 - 05344528 _____ (Piriform Ltd) C:\Users\VB\Downloads\ccsetup504.exe
2015-03-25 11:23 - 2015-03-25 11:23 - 00224736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-03-20 13:11 - 2015-03-20 13:11 - 00817286 _____ () C:\Users\VB\Downloads\Betrieblicher_Vorsorgerechner.zip
2015-03-20 13:11 - 2015-03-20 13:11 - 00000000 ____D () C:\Users\VB\Downloads\Betrieblicher_Vorsorgerechner
2015-03-20 08:44 - 2015-03-20 08:44 - 16342352 _____ (Geek Software GmbH ) C:\Users\VB\Downloads\pdf24-creator-6.9.2.exe
2015-03-20 08:17 - 2015-03-20 08:17 - 00000000 ____D () C:\Users\VB\Downloads\MicrosoftFixit.malware.Run
2015-03-20 07:59 - 2015-03-20 07:59 - 00000000 ____D () C:\Users\VB\AppData\Local\MetaGeek,_LLC
2015-03-20 07:55 - 2015-03-20 07:55 - 04767744 _____ () C:\Users\VB\Downloads\inSSIDer31-installer.msi
2015-03-20 07:54 - 2015-03-20 07:54 - 00211231 _____ () C:\Users\VB\Downloads\MicrosoftFixit.malware.Run.zip
2015-03-20 07:50 - 2015-03-20 07:51 - 34670726 _____ () C:\Users\VB\Downloads\torbrowser-install-4.0.4_de.exe
2015-03-20 07:48 - 2015-03-20 07:48 - 01319328 _____ (File Repair ) C:\Users\VB\Downloads\file-repair-setup.exe
2015-03-20 07:45 - 2015-03-20 07:45 - 04954736 _____ (Microsoft Corporation) C:\Users\VB\Downloads\WindowsSetupBox.exe
2015-03-20 07:29 - 2015-03-20 07:29 - 00602112 _____ (OldTimer Tools) C:\Users\VB\Downloads\OTL.exe
2015-03-20 07:22 - 2015-03-20 07:23 - 00000565 _____ () C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2015-03-20 00:36 - 2015-03-20 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-20 00:34 - 2015-03-20 00:36 - 00000000 ____D () C:\Program Files\QuickTime
2015-03-19 23:10 - 2015-03-19 23:10 - 05490752 _____ (Secunia) C:\Users\VB\Downloads\PSISetup10004.exe
2015-03-19 23:10 - 2015-03-19 23:10 - 00000000 ____D () C:\Users\VB\AppData\Local\Secunia PSI
2015-03-19 23:10 - 2015-03-19 23:10 - 00000000 ____D () C:\Program Files\Secunia
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 12:50 - 2013-07-22 21:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-18 12:47 - 2013-07-22 14:18 - 01868406 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 12:46 - 2015-01-19 16:53 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-18 12:46 - 2013-07-22 23:59 - 00000000 ___RD () C:\Dropbox
2015-04-18 12:46 - 2009-07-14 06:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:46 - 2009-07-14 06:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:42 - 2013-07-23 07:31 - 00000000 ____D () C:\Users\VB\AppData\Roaming\Dropbox
2015-04-18 12:41 - 2014-04-14 12:37 - 00000000 ____D () C:\Program Files\StarMoney 9.0
2015-04-18 12:40 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 20:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-04-17 19:07 - 2015-01-23 18:13 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-17 08:47 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-16 20:10 - 2013-07-22 20:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-16 20:10 - 2013-07-22 20:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-15 10:10 - 2013-07-23 07:33 - 00000000 ____D () C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 12:48 - 2010-02-09 21:56 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 10:45 - 2013-07-22 14:31 - 00000000 ____D () C:\Users\VB
2015-04-09 10:28 - 2015-01-19 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-09 10:24 - 2013-07-22 21:37 - 00001554 _____ () C:\Users\VB\Desktop\A U S.lnk
2015-04-08 15:34 - 2013-07-22 20:19 - 00000974 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-08 15:34 - 2013-07-22 20:19 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-08 14:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-08 11:43 - 2013-07-22 22:14 - 00000000 ____D () C:\ProgramData\Lenovo
2015-04-08 11:42 - 2013-07-22 20:24 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-04-08 11:41 - 2013-07-22 20:22 - 00000000 ____D () C:\Program Files\Lenovo
2015-03-19 23:06 - 2014-08-15 10:27 - 00000000 ____D () C:\Windows\rescache
2015-03-19 22:26 - 2014-08-20 13:59 - 00000000 ____D () C:\Users\VB\AppData\Local\Adobe
==================== Files in the root of some directories =======
2013-08-19 07:44 - 2013-09-24 08:46 - 0007596 _____ () C:\Users\VB\AppData\Local\resmon.resmoncfg
2013-07-22 15:39 - 2013-07-22 15:39 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\VB\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_vist6.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 10:32
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-04-2015 01
Ran by VB at 2015-04-18 13:00:41
Running from C:\Users\VB\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 17 ActiveX (HKLM\...\{8C901387-B304-404D-93C0-E2E0C2D53D90}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM\...\Canon MX920 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (Version: 5.5.708 - Avery) Hidden
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Elevated Installer (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Energie-Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.55 - )
Firefox Developer Edition 39.0a2 (x86 de) (HKLM\...\Firefox Developer Edition 39.0a2 (x86 de)) (Version: 39.0a2 - Mozilla)
FixFoto 3.30 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
Garmin BaseCamp (HKLM\...\{7C69F731-6471-48FE-899B-1C40F80042C7}) (Version: 4.4.2 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2015.20 (HKLM\...\{EF144B2A-E433-45ED-959C-FD913ABCE5D8}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM\...\{F0D44E64-51EE-4888-A1FD-F13108B75A43}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin VIRB Edit (HKLM\...\{0CCE02C9-1020-46D8-AD46-B138CC379958}) (Version: 2.6.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1867 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Join Air (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ZTE Corporation)
Keyman Package - GreekClassical (HKLM\...\Keyman Package GreekClassical) (Version: - )
klickTel OEM Herbst 2012 (HKLM\...\{3BE928ED-DFAD-4AE2-9EE2-FD635612866B}) (Version: 1.00.0000 - telegate MEDIA AG)
Lenovo Patch Utility (HKLM\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0034 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0a2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PrintKey2000 (HKLM\...\PrintKey2000) (Version: - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0027.00 - Lenovo Group Limited)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7255 - Analog Devices)
StarMoney (Version: 4.0.4.16 - StarFinanz) Hidden
StarMoney 9.0 (HKLM\...\{6D06E570-8F56-4589-A65E-3112F512BDEB}) (Version: 9.0 - Star Finanz GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tavultesoft Keyman 6.0 (HKLM\...\Tavultesoft Keyman 6.0) (Version: - )
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad TrackPoint Driver (HKLM\...\TrackPoint) (Version: 4.73.1.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-04-2015 14:41:09 Revo Uninstaller's restore point - Freizeitkarte_ALPS (Ausgabe 13.09)
17-04-2015 14:44:05 Revo Uninstaller's restore point - Freizeitkarte_FRA (Ausgabe 13.09)
17-04-2015 14:46:23 Revo Uninstaller's restore point - Freizeitkarte_CHE+ (Ausgabe 13.09)
17-04-2015 14:49:35 Revo Uninstaller's restore point - Freizeitkarte_AUT+ (Ausgabe 13.09)
17-04-2015 14:52:34 Revo Uninstaller's restore point - Freizeitkarte_BEL (Ausgabe 13.09)
17-04-2015 14:54:27 Revo Uninstaller's restore point - Freizeitkarte_ITA (Ausgabe 13.09)
17-04-2015 14:56:17 Revo Uninstaller's restore point - Freizeitkarte_BEL_NLD_LUX (Ausgabe 13.09)
17-04-2015 15:00:03 Revo Uninstaller's restore point - Freizeitkarte_DEU+ (Ausgabe 13.09)
17-04-2015 15:11:54 Revo Uninstaller's restore point - WinMerge 2.14.0
17-04-2015 17:20:00 Revo Uninstaller's restore point - Mozilla Firefox 37.0.1 (x86 de)
17-04-2015 18:23:41 Revo Uninstaller's restore point - Mozilla Maintenance Service
17-04-2015 20:21:55 Revo Uninstaller's restore point - inSSIDer Home
17-04-2015 20:22:33 Removed inSSIDer Home
18-04-2015 12:48:15 Revo Uninstaller's restore point - DVAG Online-System
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04A7767C-E899-4979-8EE3-39EDF9CB4571} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {201E8AF9-2AD0-4859-8E50-F611D3EE13EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {20286C40-4533-459D-9650-54C07AA3A217} - System32\Tasks\{91BA3ACA-2F9F-4EAE-B402-FB6655F89350} => C:\WU Temp\PrintKey 2000 - CHIP-Downloader.exe
Task: {2DE01F74-A019-42C7-A9C4-102716371E29} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {3A77DB6C-F1DA-4C60-ACBB-EC984ADD2F9D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3B956D18-B55B-417F-B750-066DB71DB5D5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3C5E6E2A-BD9B-428E-9210-3A93A4545C8D} - System32\Tasks\{3174844E-54BA-4883-BB4B-84BD8635F16D} => pcalua.exe -a D:\lenovo\BIOS.exe -d D:\lenovo
Task: {4C3B278D-EE21-44D3-87E2-D780748A438E} - System32\Tasks\{4B19F265-141B-46B6-B51B-76EF73F5728A} => pcalua.exe -a "C:\WU Temp\7mwc03ww.exe" -d "C:\WU Temp"
Task: {67CA7FC8-A5EA-4D60-B527-3C65001E12A9} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {6E281B41-559C-4FDA-BF78-5808A6E98E03} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {77ABAFC9-CDAC-4A57-B2AB-EEB6480E3807} - System32\Tasks\{CCBD5CED-D3B8-4151-9500-B06BC0797129} => pcalua.exe -a D:\lenovo\tvtvrnr43_1027fi.exe -d D:\lenovo
Task: {789908AD-55B6-44C2-94A3-EFE3892EDA4B} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {9994D70A-3A18-4C80-91F3-4C8A03DECBC8} - System32\Tasks\{CBB3FBC8-5D31-4494-9FAF-E56405B8BFA8} => pcalua.exe -a "C:\Program Files\DVAG Online-System\smartclient\smartclient.exe" -d "C:\Program Files\DVAG Online-System\smartclient\" -c -profile de
Task: {9F327FD7-3B81-4AB8-9D17-C8B5AD15BD0E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A07E1EA2-06F5-493E-A54B-F607559F3550} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {A2BFC3BB-5494-48C2-8D98-81BC92581156} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A9EB6D1C-0CAA-48FD-B7B2-A76C56D34A0A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B2DC7E45-988B-4CF6-90EC-F931C5588201} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {BC97B9D5-3E03-48B2-9F7F-8DD0DAD6E3FB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {C448DBEB-535E-4C4B-A408-4CEA79FA0BC7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E3BB47B1-C439-444F-9E3E-158E88E71223} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2015-03-27] ()
Task: {EE7E91B5-94C1-435B-A107-28B71BA53269} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-07-23 07:41 - 2013-06-06 08:24 - 00019448 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\TeamViewer_PrintProcessor.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-06 10:07 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files\StarMoney 9.0\ouservice\PATCHW32.dll
2013-08-03 00:47 - 2010-04-27 16:57 - 00247152 _____ () C:\Program Files\Join Air\AssistantServices.exe
2013-08-03 00:47 - 2010-04-27 17:06 - 00138072 _____ () C:\Program Files\Join Air\UIExec.exe
2013-07-22 22:13 - 2013-06-26 06:55 - 00095232 _____ () C:\Program Files\ThinkPad\Utilities\GR\PWMRT32V.DLL
2012-06-14 22:11 - 2012-06-14 22:11 - 00325968 _____ () C:\ProgramData\Microsoft\Windows\WER\lua5.1.dll
2015-04-18 12:42 - 2015-04-18 12:42 - 00043008 _____ () c:\users\vb\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_vist6.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VB\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VR-NetWorld Auftragsprüfung.lnk => C:\Windows\pss\VR-NetWorld Auftragsprüfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^VB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Officejet Pro 8500 A910 (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Officejet Pro 8500 A910 (Netzwerk).lnk.Startup
MSCONFIG\startupreg: Launch Backup Service Once => C:\Program Files\Lenovo\Rescue and Recovery\rrstrigger.exe -start
MSCONFIG\startupreg: PSQLLauncher => "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
==================== Accounts: =============================
Administrator (S-1-5-21-1530652611-3691238261-3748657044-500 - Administrator - Disabled)
Gast (S-1-5-21-1530652611-3691238261-3748657044-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1530652611-3691238261-3748657044-1002 - Limited - Enabled)
Scanner (S-1-5-21-1530652611-3691238261-3748657044-1003 - Limited - Enabled)
VB (S-1-5-21-1530652611-3691238261-3748657044-1001 - Administrator - Enabled) => C:\Users\VB
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/18/2015 00:48:15 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7b7ce0e7-a3de-4d4a-a04e-31bf9e7bca79}
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (04/18/2015 00:41:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/17/2015 08:42:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/17/2015 08:42:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/17/2015 08:42:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Microsoft Office Sessions:
=========================
Error: (04/18/2015 00:48:15 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7b7ce0e7-a3de-4d4a-a04e-31bf9e7bca79}
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
CodeIntegrity Errors:
===================================
Date: 2015-04-18 12:42:00.961
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-18 12:41:15.820
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:36:00.565
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:35:36.290
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:21:30.354
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:19:31.255
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:19:24.012
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:16:26.092
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 19:06:26.771
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 15:20:32.225
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz
Percentage of memory in use: 47%
Total physical RAM: 3062.3 MB
Available physical RAM: 1599.38 MB
Total Pagefile: 6122.89 MB
Available Pagefile: 4276.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.76 MB
==================== Drives ================================
Drive c: (Bobby) (Fixed) (Total:172.78 GB) (Free:40.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:292.97 GB) (Free:135.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1678649D)
Partition 1: (Active) - (Size=172.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
18.04.2015, 19:52
| #10 |
| | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Und hier vom XP SP3 Netbook FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-04-2015 01
Ran by VB (administrator) on AKOYA on 18-04-2015 20:33:10
Running from C:\Dokumente und Einstellungen\VB\Desktop
Loaded Profiles: VB (Available profiles: VB & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Foxit Software Inc.) C:\Programme\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\WINDOWS\system32\PSIService.exe
() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\TeamViewer_Service.exe
() C:\Programme\Join Air\AssistantServices.exe
(Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2015\avgnsx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2015\avgemcx.exe
(Apple Inc.) C:\Programme\iTunes\iTunesHelper.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(CANON INC.) C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2015\avgui.exe
(Piriform Ltd) C:\Programme\CCleaner\CCleaner.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2015\avgrsx.exe
(Dropbox, Inc.) C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2015\avgcsrvx.exe
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Programme\Synaptics\SynTP\SynTPEnh.exe [1028096 2008-01-11] (Synaptics, Inc.)
HKLM\...\Run: [UCam_Menu] => C:\Programme\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-09-13] (CyberLink Corp.)
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Programme\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] => C:\Programme\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\...\Run: [CCleaner Monitoring] => C:\Programme\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\...\MountPoints2: {65dbbaf8-2a2a-11dd-86eb-0015afb79a11} - E:\LaunchU3.exe
HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\...\MountPoints2: {72645776-a291-11e4-8020-0015afbb904b} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Vertriebsportal.exe
Startup: C:\Dokumente und Einstellungen\VB\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Dokumente und Einstellungen\VB\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.web.de/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Programme\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll [2009-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Winsock: Catalog5 05 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Mozilla\Firefox\Profiles\p55oxyrv.default
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programme\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\programme\real\realplayer\Netscape6\nppl3260.dll [2013-09-25] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\programme\real\realplayer\Netscape6\nprpplugin.dll [2013-09-25] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Programme\BullGuard Software\BullGuard\antispam\tbspamfilter
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-08-28] (Apple Inc.)
R2 AVGIDSAgent; C:\Programme\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Programme\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-31] (Apple Inc.)
S3 FirebirdServerMAGIXInstance; C:\Programme\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
R2 FoxitCloudUpdateService; C:\Programme\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-03-13] (Foxit Software Inc.)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [107912 2014-10-28] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [107912 2014-10-28] (Google Inc.)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553288 2014-09-01] (Apple Inc.)
S2 MBAMService; C:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148592 2015-04-17] (Mozilla Foundation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [174656 2006-11-02] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [158856 2012-02-29] (Skype Technologies)
R2 TeamViewer; C:\Programme\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 UI Assistant Service; C:\Programme\Join Air\AssistantServices.exe [247152 2010-04-27] ()
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [209376 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 avmaura; C:\WINDOWS\System32\DRIVERS\avmaura.sys [105728 2013-02-12] (AVM Berlin) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CSRBC; C:\WINDOWS\System32\Drivers\csrbcxp.sys [27008 2008-10-24] (CSR) [File not signed]
S3 grmnusb; C:\WINDOWS\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R0 hotcore3; C:\WINDOWS\System32\drivers\hotcore3.sys [38448 2007-03-07] (Paragon Software Group)
S3 Ltn_stk7070P; C:\WINDOWS\System32\DRIVERS\Ltn_stk7070P.sys [466048 2007-10-19] (LITEON)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [572416 2007-11-15] (Ralink Technology, Corp.)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwhid; system32\DRIVERS\btwhid.sys [X]
S3 cpuz135; \??\C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys [X]
U3 DfSdkS; No ImagePath
S3 dtwmnic5; system32\DRIVERS\dtwmnic5.sys [X]
S4 IntelIde; No ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 Netaapl; system32\DRIVERS\netaapl.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 ulisa; System32\Drivers\ulisa.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
U1 WS2IFSL; No ImagePath
U4 WSearch; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 20:31 - 2015-04-18 20:31 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Desktop\FRST-OlderVersion
2015-04-17 23:54 - 2015-04-17 23:55 - 00003337 _____ () C:\WINDOWS\KB2900986.log
2015-04-17 23:27 - 2015-04-17 23:27 - 00000778 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Firefox Developer Edition.lnk
2015-04-17 23:27 - 2015-04-17 23:27 - 00000772 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Firefox Developer Edition.lnk
2015-04-17 23:27 - 2015-04-17 23:27 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2015-04-17 23:27 - 2015-04-17 23:27 - 00000000 ____D () C:\Programme\Firefox Developer Edition
2015-04-15 23:17 - 2015-04-15 22:38 - 02686088 _____ (Thisisu) C:\Dokumente und Einstellungen\VB\Desktop\JRT_NEW.exe
2015-04-15 23:12 - 2015-04-15 23:13 - 00027017 _____ () C:\Dokumente und Einstellungen\VB\Desktop\Addition.txt
2015-04-12 23:20 - 2015-04-12 23:20 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\ESET
2015-04-12 17:34 - 2015-04-12 17:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Foxit Software
2015-04-12 17:33 - 2015-04-12 17:33 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Foxit Reader
2015-04-12 17:32 - 2015-04-12 17:32 - 00000000 ____D () C:\Programme\Foxit Software
2015-04-12 16:38 - 2015-04-12 16:35 - 00240351 _____ () C:\Dokumente und Einstellungen\VB\Desktop\RemoveFake99Antivirus.exe
2015-04-12 09:12 - 2015-04-12 09:12 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Lokale Einstellungen\Anwendungsdaten\Avg2015
2015-04-12 09:10 - 2015-04-12 09:10 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\vlc
2015-04-12 09:08 - 2015-04-12 10:19 - 00000190 ___SH () C:\Dokumente und Einstellungen\Administrator.AKOYA\ntuser.ini
2015-04-12 09:08 - 2015-04-12 09:08 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator.AKOYA\IETldCache
2015-04-12 09:08 - 2015-04-12 09:08 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA
2015-04-12 09:08 - 2015-02-23 11:14 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\TuneUp Software
2015-04-12 09:08 - 2012-01-17 09:20 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Lokale Einstellungen\Verlauf
2015-04-12 09:08 - 2011-11-10 07:48 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Lokale Einstellungen\Temp
2015-04-12 09:08 - 2011-08-14 19:49 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Startmenü\Programme
2015-04-12 09:08 - 2008-06-10 12:35 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Startmenü\Programme\Home Cinema
2015-04-12 09:08 - 2008-06-10 12:23 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\InstallShield
2015-04-12 09:08 - 2008-06-10 12:21 - 00000787 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Startmenü\Programme\Internet Explorer.lnk
2015-04-12 09:08 - 2008-06-10 12:21 - 00000722 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Startmenü\Programme\Outlook Express.lnk
2015-04-12 09:08 - 2008-06-10 12:21 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Eigene Dateien\Eigene Musik
2015-04-12 09:08 - 2008-06-10 12:21 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Eigene Dateien\Eigene Bilder
2015-04-12 09:08 - 2008-05-27 03:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Eigene Dateien\Youcam
2015-04-12 09:08 - 2008-05-26 09:54 - 00001661 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Desktop\ALDI Nord Fotoservice.lnk
2015-04-12 09:08 - 2008-05-26 09:37 - 00000009 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\mdb.bin
2015-04-12 09:08 - 2008-05-26 09:37 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Lokale Einstellungen\Anwendungsdaten\ALDI Nord Fotoservice
2015-04-12 09:08 - 2008-05-26 09:37 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Desktop\Meine bevorzugten Programme
2015-04-12 09:08 - 2008-05-26 08:15 - 00001691 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Desktop\ALDI Homepage.lnk
2015-04-12 09:08 - 2008-05-26 03:37 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\BullGuard
2015-04-12 09:08 - 2008-05-26 03:18 - 00049576 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-04-12 09:08 - 2008-05-25 09:21 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\U3
2015-04-12 09:08 - 2008-05-24 17:26 - 00000000 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\Default.PLS
2015-04-12 09:08 - 2008-05-24 16:29 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\Sun
2015-04-12 09:08 - 2008-05-24 16:18 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-04-12 09:08 - 2008-05-24 15:48 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\Adobe
2015-04-12 09:08 - 2008-05-24 15:39 - 00003584 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-12 09:08 - 2008-05-24 14:07 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Lokale Einstellungen\Anwendungsdaten\WMTools Downloaded Files
2015-04-12 09:08 - 2008-05-24 14:03 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator.AKOYA\Anwendungsdaten\Macromedia
2015-04-12 09:08 - 2008-05-24 13:08 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Startmenü\Programme\Zubehör
2015-04-12 09:08 - 2008-05-24 12:33 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator.AKOYA\UserData
2015-04-12 09:08 - 2008-05-24 12:11 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Startmenü\Programme\Autostart
2015-04-12 09:08 - 2008-05-24 12:11 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Startmenü
2015-04-12 09:08 - 2008-05-24 12:11 - 00000000 ___HD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Netzwerkumgebung
2015-04-12 09:08 - 2008-05-24 12:11 - 00000000 ___HD () C:\Dokumente und Einstellungen\Administrator.AKOYA\Druckumgebung
2015-04-12 09:08 - 2008-05-24 11:22 - 00001599 _____ () C:\Dokumente und Einstellungen\Administrator.AKOYA\Startmenü\Programme\Remoteunterstützung.lnk
2015-04-12 04:35 - 2015-04-12 04:35 - 00005381 _____ () C:\Dokumente und Einstellungen\VB\Desktop\gmer 11.4.15.log
2015-04-11 20:25 - 2015-04-18 20:37 - 00018922 _____ () C:\Dokumente und Einstellungen\VB\Desktop\FRST.txt
2015-04-11 20:15 - 2015-04-12 16:25 - 00002368 _____ () C:\Dokumente und Einstellungen\VB\Desktop\FSS.txt
2015-04-11 16:30 - 2015-04-11 16:30 - 01107968 _____ () C:\Dokumente und Einstellungen\VB\Desktop\RSIT.exe
2015-04-11 16:26 - 2015-04-11 16:26 - 00380416 _____ () C:\Dokumente und Einstellungen\VB\Desktop\Gmer-19357.exe
2015-04-11 16:25 - 2015-04-11 16:25 - 00415232 _____ (Farbar) C:\Dokumente und Einstellungen\VB\Desktop\FSS.exe
2015-04-11 16:21 - 2015-04-18 20:31 - 01137664 _____ (Farbar) C:\Dokumente und Einstellungen\VB\Desktop\FRST.exe
2015-04-10 23:22 - 2015-04-17 23:19 - 00000000 ____D () C:\Programme\Power Commander 5
2015-04-10 23:22 - 2015-04-10 23:23 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Eigene Dateien\Power Commander 5
2015-04-08 20:26 - 2015-04-08 20:26 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Apple
2015-04-08 19:11 - 2008-04-14 00:16 - 00015232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mpe.sys
2015-04-08 19:11 - 2008-04-14 00:16 - 00015232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MPE.sys
2015-04-08 19:10 - 2008-04-14 07:53 - 00056832 ____C () C:\WINDOWS\system32\dllcache\msdvbnp.ax
2015-04-08 19:10 - 2008-04-14 07:53 - 00056832 _____ () C:\WINDOWS\system32\MSDvbNP.ax
2015-04-08 19:10 - 2008-04-14 07:53 - 00033280 ____C () C:\WINDOWS\system32\dllcache\psisrndr.ax
2015-04-08 19:10 - 2008-04-14 07:53 - 00033280 _____ () C:\WINDOWS\system32\PsisRndr.ax
2015-04-08 19:10 - 2008-04-14 07:53 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdaplgin.ax
2015-04-08 19:10 - 2008-04-14 07:53 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdaPlgIn.ax
2015-04-08 19:10 - 2008-04-14 07:52 - 00363520 ____C () C:\WINDOWS\system32\dllcache\psisdecd.dll
2015-04-08 19:10 - 2008-04-14 07:52 - 00363520 _____ () C:\WINDOWS\system32\PsisDecd.dll
2015-04-08 19:10 - 2008-04-14 00:16 - 00011776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdasup.sys
2015-04-08 19:10 - 2008-04-14 00:16 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BdaSup.sys
2015-04-08 19:06 - 2007-10-19 10:37 - 00466048 _____ (LITEON) C:\WINDOWS\system32\Drivers\Ltn_stk7070P.sys
2015-04-07 00:58 - 2015-04-07 00:58 - 00000697 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk
2015-04-07 00:18 - 2015-04-11 16:54 - 00013178 _____ () C:\Dokumente und Einstellungen\VB\Desktop\dds.txt
2015-04-07 00:18 - 2015-04-11 16:54 - 00009647 _____ () C:\Dokumente und Einstellungen\VB\Desktop\attach.txt
2015-04-05 05:28 - 2015-04-05 05:28 - 00688992 ____R (Swearware) C:\Dokumente und Einstellungen\VB\Desktop\dds.exe
2015-04-03 01:39 - 2015-04-16 15:39 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes Anti-Exploit
2015-04-03 00:49 - 2015-04-03 00:49 - 00000000 ____D () C:\RegBackup
2015-04-02 23:11 - 2015-04-11 20:11 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-04-02 23:06 - 2015-04-11 20:11 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Desktop\mbar
2015-04-02 07:52 - 2015-04-02 08:03 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\Adblock Plus for IE
2015-04-02 01:16 - 2015-04-02 08:04 - 00000000 ____D () C:\Programme\Adblock Plus for IE
2015-04-02 01:16 - 2015-04-02 01:16 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Adblock Plus for IE
2015-03-31 09:08 - 2015-03-31 09:08 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\AVG2015
2015-03-31 09:05 - 2015-03-31 09:05 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
2015-03-31 09:01 - 2015-03-31 09:06 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2015
2015-03-31 09:00 - 2015-03-31 09:00 - 00000000 ____D () C:\Programme\AVG
2015-03-31 08:58 - 2015-03-31 12:44 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\Avg2015
2015-03-30 01:53 - 2015-03-31 07:52 - 00000895 _____ () C:\Dokumente und Einstellungen\VB\Desktop\Revo Uninstaller.lnk
2015-03-30 01:53 - 2015-03-31 07:52 - 00000000 ____D () C:\Programme\VS Revo Group
2015-03-29 16:15 - 2015-03-29 16:15 - 00000000 __SHD () C:\Dokumente und Einstellungen\VB\IECompatCache
2015-03-29 03:49 - 2015-04-12 09:13 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-29 03:48 - 2015-04-11 17:04 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-29 03:48 - 2015-03-29 03:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware
2015-03-29 03:48 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-28 21:16 - 2015-03-28 21:17 - 00000000 ____D () C:\rsit
2015-03-28 21:11 - 2015-04-18 20:33 - 00000000 ____D () C:\FRST
2015-03-27 07:06 - 2015-03-27 07:06 - 00000000 ____D () C:\Programme\DIFX
2015-03-25 11:24 - 2015-03-25 11:24 - 00209376 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 20:39 - 2011-08-14 19:49 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Temp
2015-04-18 20:36 - 2015-01-16 20:50 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
2015-04-18 20:36 - 2013-12-16 23:32 - 01429954 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-18 20:31 - 2013-11-12 09:02 - 00000000 ___RD () C:\Dropbox
2015-04-18 20:31 - 2011-09-09 23:18 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox
2015-04-18 20:30 - 2012-01-17 01:58 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-04-18 20:30 - 2012-01-17 01:58 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-04-18 20:29 - 2014-05-13 09:01 - 00000216 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
2015-04-18 20:29 - 2013-07-14 12:59 - 00000264 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3723609652-2428323770-3075966341-1006.job
2015-04-18 20:29 - 2008-05-24 11:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-18 00:01 - 2011-08-14 19:49 - 00000190 ___SH () C:\Dokumente und Einstellungen\VB\ntuser.ini
2015-04-18 00:01 - 2008-05-24 11:27 - 00032408 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-17 23:27 - 2008-05-24 12:12 - 00000000 ___RD () C:\Programme
2015-04-17 23:27 - 2008-05-24 12:11 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-04-17 23:22 - 2008-05-24 13:06 - 00000000 ____D () C:\WINDOWS\ie7updates
2015-04-17 23:21 - 2012-01-14 00:30 - 00065536 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2015-04-17 23:21 - 2011-08-15 08:49 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2015-04-17 23:21 - 2011-08-14 19:49 - 00000000 ____D () C:\Dokumente und Einstellungen\VB
2015-04-17 23:21 - 2008-05-24 13:06 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2015-04-17 23:11 - 2008-05-24 13:04 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2015-04-17 23:11 - 2008-05-24 12:58 - 00000000 ____D () C:\WINDOWS\system32\de-de
2015-04-17 21:26 - 2008-04-14 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-16 09:42 - 2014-05-12 22:35 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 23:24 - 2015-03-15 15:47 - 00000000 ____D () C:\Programme\trend micro
2015-04-15 20:26 - 2014-09-17 09:31 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-04-15 19:20 - 2011-08-14 19:49 - 00000000 ___RD () C:\Dokumente und Einstellungen\VB\Startmenü\Programme\Autostart
2015-04-15 19:19 - 2011-09-09 23:19 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Startmenü\Programme\Dropbox
2015-04-13 07:36 - 2014-12-18 09:59 - 00000000 ____D () C:\Programme\Canon
2015-04-12 17:40 - 2013-12-30 21:01 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Foxit Software
2015-04-11 20:13 - 2015-03-03 08:49 - 00000000 ____D () C:\Malware
2015-04-11 16:43 - 2014-05-27 01:51 - 00000000 ____D () C:\AdwCleaner
2015-04-11 00:03 - 2013-05-12 16:59 - 00000000 ____D () C:\Programme\TeamViewer
2015-04-08 22:17 - 2008-05-24 12:12 - 01394876 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-08 22:04 - 2008-05-24 11:27 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temp
2015-04-08 22:01 - 2008-05-24 12:11 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü
2015-04-07 22:52 - 2011-08-14 21:39 - 00000730 _____ () C:\Dokumente und Einstellungen\VB\Desktop\shutdown.lnk
2015-04-07 22:38 - 2014-08-28 08:16 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-04-06 22:15 - 2015-03-15 17:25 - 00004979 _____ () C:\DelFix.txt
2015-04-06 16:54 - 2008-05-24 14:34 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-04-06 11:10 - 2012-03-02 14:45 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-06 09:59 - 2012-01-14 00:24 - 00000000 ____D () C:\Programme\Microsoft.NET
2015-04-06 08:36 - 2012-11-23 08:13 - 00002486 ____C () C:\WINDOWS\system32\ASOROSet.bin
2015-04-06 08:36 - 2008-05-24 13:09 - 40370176 _____ () C:\WINDOWS\system32\config\software.bak
2015-04-06 08:36 - 2008-05-24 13:09 - 08912896 _____ () C:\WINDOWS\system32\config\system.bak
2015-04-06 08:36 - 2008-05-24 12:10 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2015-04-06 08:36 - 2008-05-24 11:27 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService
2015-04-06 08:35 - 2008-05-24 11:26 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-04-06 08:31 - 2008-05-24 12:10 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.bak
2015-04-06 08:29 - 2014-09-08 06:58 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Desktop\Garmin
2015-04-06 08:29 - 2012-11-23 08:13 - 00000000 ____D () C:\WINDOWS\system32\config\RCCBakup
2015-04-06 08:29 - 2011-08-15 11:11 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Desktop\Dienste
2015-04-06 08:29 - 2011-08-14 19:49 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Desktop\Meine bevorzugten Programme
2015-04-03 02:25 - 2008-05-24 16:17 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2015-04-03 01:27 - 2015-02-03 09:49 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware
2015-04-02 09:55 - 2008-05-24 16:30 - 00000000 ____D () C:\Programme\Java
2015-04-01 11:22 - 2008-05-24 13:04 - 125832184 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-01 08:21 - 2011-08-14 19:49 - 00000000 ___HD () C:\Dokumente und Einstellungen\VB\Netzwerkumgebung
2015-03-31 09:01 - 2015-01-23 02:25 - 00000000 ___HD () C:\$AVG
2015-03-31 08:57 - 2011-08-14 20:33 - 00000000 ____D () C:\WU Temp
2015-03-31 07:52 - 2011-08-14 19:49 - 00000000 ___RD () C:\Dokumente und Einstellungen\VB\Startmenü\Programme
2015-03-29 15:48 - 2013-07-14 12:59 - 00000272 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3723609652-2428323770-3075966341-1006.job
2015-03-29 09:01 - 2012-02-18 18:30 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\Thunderbird
2015-03-29 03:35 - 2012-06-26 12:00 - 00000000 ____D () C:\Programme\Biet-O-Matic
2015-03-29 03:35 - 2012-06-26 12:00 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Biet-O-Matic
2015-03-28 19:50 - 2013-10-18 23:44 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache
2015-03-28 08:21 - 2013-09-26 19:50 - 00000000 ____D () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\Garmin
2015-03-28 08:21 - 2013-09-26 19:50 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Garmin
2015-03-28 08:19 - 2013-04-07 07:26 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Garmin
2015-03-28 08:19 - 2013-04-07 07:17 - 00000000 ____D () C:\Programme\Garmin
2015-03-28 08:03 - 2012-07-20 20:38 - 00000660 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
2015-03-28 08:02 - 2011-08-14 21:19 - 00000000 ____D () C:\Programme\CCleaner
2015-03-27 13:56 - 2011-08-15 09:13 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 06:59 - 2015-01-23 01:51 - 00103576 _____ () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-03-20 22:29 - 2015-01-17 19:47 - 00352976 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-20 14:54 - 2014-10-30 20:59 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Beratungsrechner
2015-03-20 14:52 - 2011-08-15 09:13 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
==================== Files in the root of some directories =======
2014-11-15 13:08 - 2014-11-15 13:08 - 6000640 _____ () C:\Programme\GUT3.tmp
2011-08-14 19:49 - 2008-05-24 17:26 - 0000000 ____C () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Default.PLS
2013-12-10 16:06 - 2013-12-10 16:06 - 0000373 ____C () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\dpdhl.versandhelfer_state.xml
2011-08-14 19:49 - 2013-02-26 10:39 - 0000009 ____C () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\mdb.bin
2011-08-14 21:53 - 2011-08-14 21:53 - 0000177 ___HC () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\xpy.ini
2011-08-14 19:49 - 2015-03-06 02:34 - 0011776 ____C () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-07 03:04 - 2013-03-07 03:05 - 0000093 ____C () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\Notizzettelsettings.ini
2013-05-13 14:29 - 2015-01-11 14:54 - 0000600 ____C () C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5bxeyt.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-04-2015 01
Ran by VB at 2015-04-18 20:40:21
Running from C:\Dokumente und Einstellungen\VB\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adblock Plus für IE (32-Bit) (HKLM\...\{654F389B-E402-4F7B-BA6D-DA732BB57ACB}) (Version: 1.4 - Eyeo GmbH)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Azurewave Wireless LAN (HKLM\...\{F3D92514-CD5D-4E96-BE88-8258EB9BF85A}) (Version: 1.00.0000 - Azurewave)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1622 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
Eraser 5.8.7 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.7 - The Eraser Project)
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.8 - MAGIX AG)
Firefox Developer Edition 39.0a2 (x86 de) (HKLM\...\Firefox Developer Edition 39.0a2 (x86 de)) (Version: 39.0a2 - Mozilla)
FixFoto 2.78 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.9.56.313 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.)
Garmin BaseCamp (HKLM\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Hotfix für Windows Internet Explorer 7 (KB947864) (Version: 1 - Microsoft Corporation) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Join Air (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ZTE Corporation)
KONICA MINOLTA Universal PCL (HKLM\...\KONICA MINOLTA Universal PCL) (Version: - KONICA MINOLTA)
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version: - )
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MEDION Fotos auf CD Nord (HKLM\...\MEDION Fotos auf CD Nord D) (Version: 6.0.2.0 - MAGIX AG)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Windows XP Media Center SDK (HKLM\...\{8E5E7E92-9E38-415C-BEE8-616C303427F8}) (Version: 2.0.1 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0a2 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
Nur Deinstallierung der CopyTrans Suite möglich. (HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\...\CopyTrans Suite) (Version: 2.27 - WindSolutions)
Paragon Partition Manager 8.5 Enterprise Server Edition (HKLM\...\{49CC1A6A-3A1A-4EE7-913F-8106B51B59D1}) (Version: - )
Photo And Book (HKLM\...\Photo And Book) (Version: 7.2 - Noritsu)
PrintKey2000 (HKLM\...\PrintKey2000) (Version: - )
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.16.0001 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5618 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 1.00.0000 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Skype™ 5.8 (HKLM\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
SRC System™ Upgrades (HKLM\...\{EB38E598-181D-4CD7-800F-A4F525ECEC56}) (Version: 3.0.6 - SRC Systems)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.3.0 - Synaptics)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Update für Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
USB 2.0 Card Reader (HKLM\...\{D10CB652-9332-4242-B7A9-2D61570144F7}) (Version: 1.0.0.0 - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3723609652-2428323770-3075966341-1006_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
06-04-2015 22:14:34 Software Distribution Service 3.0
06-04-2015 22:14:34 Ende der Bereinigung
06-04-2015 22:14:34 Ende der Bereinigung
06-04-2015 22:14:35 Garmin Express
06-04-2015 22:14:36 Garmin Express
06-04-2015 22:14:36 I.R.I.S. OCR wird entfernt
06-04-2015 22:14:38 Removed MSXML 4.0 SP2 (KB954430)
06-04-2015 22:14:38 Revo Uninstaller's restore point - AVG 2015
06-04-2015 22:14:38 AVG 2015 wurde entfernt
06-04-2015 22:14:39 AVG 2015 wurde entfernt
06-04-2015 22:14:39 Revo Uninstaller's restore point - Mozilla Firefox 36.0.4 (x86 de)
06-04-2015 22:14:39 AVG 2015 wurde installiert
06-04-2015 22:14:39 AVG 2015 wurde installiert
06-04-2015 22:14:39 Revo Uninstaller's restore point - Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
06-04-2015 22:14:40 Revo Uninstaller's restore point - Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
06-04-2015 22:14:40 Revo Uninstaller's restore point - Mozilla Firefox 36.0.4 (x86 de)
06-04-2015 22:14:40 Software Distribution Service 3.0
06-04-2015 22:14:41 Revo Uninstaller's restore point - Mozilla Firefox 36.0.4 (x86 de)
06-04-2015 22:14:41 Adblock Plus for IE (32-bit) wird installiert
06-04-2015 22:14:41 Adblock Plus for IE (32-bit) wird installiert
06-04-2015 22:14:41 Revo Uninstaller's restore point - Java Auto Updater
06-04-2015 22:14:42 Removed Java Auto Updater
06-04-2015 22:14:42 Revo Uninstaller's restore point - JavaFX 2.1.1
06-04-2015 22:14:42 JavaFX 2.1.1 wird entfernt
06-04-2015 22:14:42 Revo Uninstaller's restore point - Java(TM) 6 Update 22
06-04-2015 22:14:43 Removed Java(TM) 6 Update 22
06-04-2015 22:14:43 Revo Uninstaller's restore point - Java 7 Update 67
06-04-2015 22:14:43 Removed Java 7 Update 67
06-04-2015 22:14:44 Revo Uninstaller's restore point - Adobe Reader XI (11.0.08) - Deutsch
06-04-2015 22:14:44 Revo Uninstaller's restore point - Adobe Flash Player 16 ActiveX
06-04-2015 22:14:44 Revo Uninstaller's restore point - Adobe Flash Player 17 NPAPI
06-04-2015 22:14:45 WinThruster Mo, Apr 06, 15 02:58
06-04-2015 22:14:45 Revo Uninstaller's restore point - WinThruster
06-04-2015 22:14:45 Revo Uninstaller's restore point - Google Update Helper
06-04-2015 22:14:45 Revo Uninstaller's restore point - Google Update Helper
06-04-2015 22:14:45 Revo Uninstaller's restore point - Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
06-04-2015 22:14:45 Revo Uninstaller's restore point - Microsoft .NET Framework 2.0 Service Pack 2
06-04-2015 22:14:46 Revo Uninstaller's restore point - Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
06-04-2015 22:14:46 Revo Uninstaller's restore point - Microsoft .NET Framework 3.0 Service Pack 2
06-04-2015 22:14:46 Revo Uninstaller's restore point - Microsoft .NET Framework 3.5 SP1
06-04-2015 22:14:47 Revo Uninstaller's restore point - Microsoft .NET Framework 4 Client Profile
06-04-2015 22:14:48 Revo Uninstaller's restore point - Microsoft .NET Framework 4 Extended
06-04-2015 22:14:48 Revo Uninstaller's restore point - Microsoft User-Mode Driver Framework Feature Pack 1.0
06-04-2015 22:14:48 Revo Uninstaller's restore point - Microsoft User-Mode Driver Framework Feature Pack 1.0
06-04-2015 22:14:49 Revo Uninstaller's restore point - WinThruster
06-04-2015 22:14:49 Revo Uninstaller's restore point - Wudf01000
06-04-2015 22:14:49 Revo Uninstaller's restore point - Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
06-04-2015 22:14:57 Ende der Bereinigung
07-04-2015 01:07:55 Revo Uninstaller's restore point - Microsoft Silverlight
07-04-2015 01:08:58 Removed Microsoft Silverlight
07-04-2015 23:08:54 Revo Uninstaller's restore point - Adobe Flash Player 17 NPAPI
08-04-2015 22:00:44 Installed Microsoft Windows XP Media Center SDK
11-04-2015 18:05:00 Systemprüfpunkt
12-04-2015 17:34:56 Druckertreiber Foxit Reader PDF Printer Driver installiert
12-04-2015 17:49:00 Installed ESET NOD32 Antivirus
13-04-2015 07:30:30 Revo Uninstaller's restore point - HDClone 4.3.7 Free Edition
13-04-2015 07:36:35 Revo Uninstaller's restore point - Canon MX920 series Benutzerregistrierung
13-04-2015 07:38:48 Revo Uninstaller's restore point - Canon MX920 series On-screen Manual
13-04-2015 07:41:57 Revo Uninstaller's restore point - ESET NOD32 Antivirus
13-04-2015 07:43:17 Removed ESET NOD32 Antivirus
15-04-2015 23:35:24 Revo Uninstaller's restore point - Mozilla Firefox 37.0.1 (x86 de)
16-04-2015 09:40:23 Software Distribution Service 3.0
17-04-2015 21:38:55 Revo Uninstaller's restore point - Mozilla Firefox 37.0.1 (x86 de)
17-04-2015 22:41:50 Revo Uninstaller's restore point - Mozilla Firefox 37.0.1 (x86 de)
17-04-2015 23:00:42 Revo Uninstaller's restore point - Sicherheitsupdate für Windows Internet Explorer 7 (KB2544521)
17-04-2015 23:02:43 Revo Uninstaller's restore point - Malwarebytes Anti-Exploit version 1.05.1.1016
17-04-2015 23:05:56 Revo Uninstaller's restore point - Sicherheitsupdate für Windows Internet Explorer 7 (KB2559049)
17-04-2015 23:07:34 Revo Uninstaller's restore point - Sicherheitsupdate für Windows Internet Explorer 7 (KB2618444)
17-04-2015 23:08:59 Revo Uninstaller's restore point - Sicherheitsupdate für Windows Internet Explorer 7 (KB2647516)
17-04-2015 23:10:22 Revo Uninstaller's restore point - Sicherheitsupdate für Windows Internet Explorer 7 (KB2675157)
17-04-2015 23:54:47 Software Distribution Service 3.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2008-04-14 14:00 - 2008-04-14 14:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\AutoKMSCustom.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\Critical Battery Alarm Program.job => AN ?iFb VB
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3723609652-2428323770-3075966341-1006.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3723609652-2428323770-3075966341-1006.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) ==============
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
2006-11-02 20:40 - 2006-11-02 20:40 - 00174656 _____ () C:\WINDOWS\system32\PSIService.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-11-11 15:42 - 2010-04-27 17:57 - 00247152 _____ () C:\Programme\Join Air\AssistantServices.exe
2012-06-14 22:11 - 2012-06-14 22:11 - 00325968 _____ () C:\ProgramData\Microsoft\Windows\WER\lua5.1.dll
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Programme\CCleaner\lang\lang-1031.dll
2015-04-18 20:30 - 2015-04-18 20:30 - 00043008 _____ () c:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5bxeyt.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Dokumente und Einstellungen\VB\Anwendungsdaten\Dropbox\bin\plugins\imageformats\qjpeg.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Malware:com.dropbox.attributes
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8FF81EB0
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723609652-2428323770-3075966341-1006\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Printkey2000.lnk => C:\WINDOWS\pss\Printkey2000.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^VB^Startmenü^Programme^Autostart^OpenOffice.org 3.3.lnk => C:\WINDOWS\pss\OpenOffice.org 3.3.lnkStartup
MSCONFIG\startupreg: APSDaemon => "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BluetoothAuthenticationAgent => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
MSCONFIG\startupreg: Eraser => C:\Programme\Eraser\eraser.exe -hide
MSCONFIG\startupreg: Google Update => "C:\Dokumente und Einstellungen\VB\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: QuickTime Task => "C:\Programme\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: SpUninstallCleanUp => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
MSCONFIG\startupreg: UIExec => "C:\Programme\Join Air\UIExec.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-3723609652-2428323770-3075966341-500 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Administrator.AKOYA
ASPNET (S-1-5-21-3723609652-2428323770-3075966341-1008 - Limited - Enabled)
Gast (S-1-5-21-3723609652-2428323770-3075966341-501 - Limited - Enabled)
Hilfeassistent (S-1-5-21-3723609652-2428323770-3075966341-1005 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-3723609652-2428323770-3075966341-1002 - Limited - Disabled)
VB (S-1-5-21-3723609652-2428323770-3075966341-1006 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\VB
==================== Faulty Device Manager Devices =============
Name: Realtek RTL8102E Family PCI-E Fast Ethernet NIC
Description: Realtek RTL8102E Family PCI-E Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (04/18/2015 08:30:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/18/2015 08:30:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Google Update Service (gupdate).
Error: (04/17/2015 11:23:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/17/2015 11:23:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Google Update Service (gupdate).
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Percentage of memory in use: 69%
Total physical RAM: 1013.23 MB
Available physical RAM: 311.15 MB
Total Pagefile: 2439.7 MB
Available Pagefile: 1745.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.68 MB
==================== Drives ================================
Drive c: (Gustav) (Fixed) (Total:132.8 GB) (Free:53.09 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (RECOVER) (Fixed) (Total:16.23 GB) (Free:10.26 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 3D0C84E3)
Partition 1: (Active) - (Size=132.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=16.3 GB) - (Type=0C)
==================== End Of Log ============================
Danke im Voraus |
|
19.04.2015, 07:31
| #11 |
| /// the machine /// TB-Ausbilder | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Mach mal bitte auf irgende einem Rechner das hier: Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.04.2015, 10:15
| #12 |
| | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Hier Result.txt von MiniToolBox Code:
ATTFilter MiniToolBox by Farbar Version: 14-04-2015
Ran by VB (administrator) on 19-04-2015 at 11:06:30
Running from "C:\Users\VB\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Model: 7673C44 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
Intel(R) Wireless WiFi Link 4965AGN = Drahtlosnetzwerkverbindung (Connected)
Intel(R) 82566MM-Gigabit-Netzwerkverbindung = LAN-Verbindung (Media disconnected)
Bluetooth-Gerät (PAN) = Bluetooth-Netzwerkverbindung (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.178.179 metric=1 publish=Ja
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : Thinkpad_X61
Prim�res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : fritz.box
Ethernet-Adapter Bluetooth-Netzwerkverbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Bluetooth-Ger�t (PAN)
Physikalische Adresse . . . . . . : 00-22-69-C6-B5-40
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Intel(R) Wireless WiFi Link 4965AGN
Physikalische Adresse . . . . . . : 00-21-5C-52-16-2D
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::7d69:dae8:1150:274f%12(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.178.179(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Sonntag, 19. April 2015 10:55:50
Lease l�uft ab. . . . . . . . . . : Mittwoch, 29. April 2015 10:55:50
Standardgateway . . . . . . . . . : 192.168.178.1
DHCP-Server . . . . . . . . . . . : 192.168.178.1
DHCPv6-IAID . . . . . . . . . . . : 234889564
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-19-7E-D9-A1-00-1D-72-9A-FB-15
DNS-Server . . . . . . . . . . . : 192.168.178.1
NetBIOS �ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Intel(R) 82566MM-Gigabit-Netzwerkverbindung
Physikalische Adresse . . . . . . : 00-1D-72-9A-FB-15
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.fritz.box:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 13:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 14:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:9d38:90d7:24de:250a:439f:437f(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::24de:250a:439f:437f%19(Bevorzugt)
Standardgateway . . . . . . . . . : ::
NetBIOS �ber TCP/IP . . . . . . . : Deaktiviert
Server: fritz.box
Address: 192.168.178.1
Name: google.com
Addresses: 2a00:1450:4005:808::1009
173.194.113.128
173.194.113.137
173.194.113.129
173.194.113.131
173.194.113.142
173.194.113.132
173.194.113.130
173.194.113.133
173.194.113.135
173.194.113.134
173.194.113.136
Ping wird ausgef�hrt f�r google.com [173.194.113.128] mit 32 Bytes Daten:
Antwort von 173.194.113.128: Bytes=32 Zeit=22ms TTL=54
Antwort von 173.194.113.128: Bytes=32 Zeit=22ms TTL=54
Ping-Statistik f�r 173.194.113.128:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 22ms, Maximum = 22ms, Mittelwert = 22ms
Server: fritz.box
Address: 192.168.178.1
Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24
Ping wird ausgef�hrt f�r yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=196ms TTL=47
Antwort von 206.190.36.45: Bytes=32 Zeit=191ms TTL=47
Ping-Statistik f�r 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 191ms, Maximum = 196ms, Mittelwert = 193ms
Ping wird ausgef�hrt f�r 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Ping-Statistik f�r 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
16...00 22 69 c6 b5 40 ......Bluetooth-Ger�t (PAN)
12...00 21 5c 52 16 2d ......Intel(R) Wireless WiFi Link 4965AGN
11...00 1d 72 9a fb 15 ......Intel(R) 82566MM-Gigabit-Netzwerkverbindung
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
20...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.179 25
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.178.179 26
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.178.179 281
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.179 281
192.168.178.179 255.255.255.255 Auf Verbindung 192.168.178.179 281
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.179 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.179 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.179 281
===========================================================================
St�ndige Routen:
Netzwerkadresse Netzmaske Gatewayadresse Metrik
169.254.0.0 255.255.0.0 192.168.178.179 1
===========================================================================
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
19 58 ::/0 Auf Verbindung
1 306 ::1/128 Auf Verbindung
19 58 2001::/32 Auf Verbindung
19 306 2001:0:9d38:90d7:24de:250a:439f:437f/128
Auf Verbindung
12 281 fe80::/64 Auf Verbindung
19 306 fe80::/64 Auf Verbindung
19 306 fe80::24de:250a:439f:437f/128
Auf Verbindung
12 281 fe80::7d69:dae8:1150:274f/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
19 306 ff00::/8 Auf Verbindung
12 281 ff00::/8 Auf Verbindung
===========================================================================
St�ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (04/19/2015 10:55:38 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/19/2015 10:55:38 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/19/2015 10:55:38 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/19/2015 10:49:33 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Thinkpad_X61)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (04/19/2015 10:49:33 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Thinkpad_X61)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (04/19/2015 10:49:29 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Thinkpad_X61)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (04/19/2015 10:49:29 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
for C:\Users\VB\ntuser.dat
Error: (04/19/2015 10:49:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 113788
Error: (04/19/2015 10:49:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 113788
Error: (04/19/2015 10:49:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (04/19/2015 10:56:59 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/19/2015 10:56:19 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/19/2015 10:56:19 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (04/19/2015 10:44:19 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/18/2015 00:41:53 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/17/2015 08:42:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/17/2015 08:42:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/17/2015 08:42:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Microsoft Office Sessions:
=========================
Error: (04/19/2015 10:55:38 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (04/19/2015 10:55:38 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (04/19/2015 10:55:38 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
Error: (04/19/2015 10:49:33 AM) (Source: Microsoft-Windows-User Profiles Service)(User: Thinkpad_X61)
Description:
Error: (04/19/2015 10:49:33 AM) (Source: Microsoft-Windows-User Profiles Service)(User: Thinkpad_X61)
Description:
Error: (04/19/2015 10:49:29 AM) (Source: Microsoft-Windows-User Profiles Service)(User: Thinkpad_X61)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (04/19/2015 10:49:29 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\VB\ntuser.dat
Error: (04/19/2015 10:49:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 113788
Error: (04/19/2015 10:49:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 113788
Error: (04/19/2015 10:49:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2015-04-19 10:57:30.091
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-19 10:50:52.198
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-19 10:43:16.434
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-19 10:43:08.819
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-18 15:38:12.905
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-18 12:42:00.961
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-18 12:41:15.820
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:36:00.565
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:35:36.290
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:21:30.354
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
=========================== Installed Programs ============================
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 17 ActiveX (HKLM\...\{8C901387-B304-404D-93C0-E2E0C2D53D90}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM\...\Canon MX920 series Benutzerregistrierung) (Version: - ?Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (Version: 5.5.708 - Avery) Hidden
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Elevated Installer (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Energie-Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.55 - )
Firefox Developer Edition 39.0a2 (x86 de) (HKLM\...\Firefox Developer Edition 39.0a2 (x86 de)) (Version: 39.0a2 - Mozilla)
FixFoto 3.30 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
Garmin BaseCamp (HKLM\...\{7C69F731-6471-48FE-899B-1C40F80042C7}) (Version: 4.4.2 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2015.20 (HKLM\...\{EF144B2A-E433-45ED-959C-FD913ABCE5D8}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM\...\{F0D44E64-51EE-4888-A1FD-F13108B75A43}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin VIRB Edit (HKLM\...\{0CCE02C9-1020-46D8-AD46-B138CC379958}) (Version: 2.6.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1867 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java Auto Updater (Version: 2.8.31.13 - Oracle Corporation) Hidden
Join Air (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ZTE Corporation)
Keyman Package - GreekClassical (HKLM\...\Keyman Package GreekClassical) (Version: - )
klickTel OEM Herbst 2012 (HKLM\...\{3BE928ED-DFAD-4AE2-9EE2-FD635612866B}) (Version: 1.00.0000 - telegate MEDIA AG)
Lenovo Patch Utility (HKLM\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0034 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (DEU) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0a2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PrintKey2000 (HKLM\...\PrintKey2000) (Version: - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0027.00 - Lenovo Group Limited)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7255 - Analog Devices)
StarMoney (Version: 4.0.4.16 - StarFinanz) Hidden
StarMoney 9.0 (HKLM\...\{6D06E570-8F56-4589-A65E-3112F512BDEB}) (Version: 9.0 - Star Finanz GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tavultesoft Keyman 6.0 (HKLM\...\Tavultesoft Keyman 6.0) (Version: - )
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad TrackPoint Driver (HKLM\...\TrackPoint) (Version: 4.73.1.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
========================= Memory info: ===================================
Percentage of memory in use: 38%
Total physical RAM: 3062.3 MB
Available physical RAM: 1897.35 MB
Total Pagefile: 6122.89 MB
Available Pagefile: 4641.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.26 MB
========================= Partitions: =====================================
1 Drive c: (Bobby) (Fixed) (Total:172.78 GB) (Free:40.71 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:292.97 GB) (Free:135.6 GB) NTFS
========================= Users: ========================================
Benutzerkonten fr \\THINKPAD_X61
Administrator Gast Scanner
VB
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
|
|
19.04.2015, 16:20
| #13 |
| /// the machine /// TB-Ausbilder | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Was für ein Router ist das genau?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.04.2015, 17:27
| #14 |
| | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Von AVM FritzBox FonWLAN 7270 v.3 Außerdem einen Fritz WLAN Repeater 300E, über den sich die Computer einloggen. Kurze Zeit hatte ich auch einen PowerLine Adapter von AVM in Gebrauch, aber das Ergebnis war schlecht. Es gab keine stabile Verbindung zum Router. |
|
20.04.2015, 13:17
| #15 |
| /// the machine /// TB-Ausbilder | Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit Hast Du den Adapter auch zurückgesetzt?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit |
| adware, antivirus, bildschirm, bonjour, browser, canon, ccsetup, computer, cpu, ebay, feedback, fehler, festplatte, firefox, flash player, karte, lightning, mozilla, netzwerk, officejet, problem, registry, rundll, scan, security, software, starmoney, svchost.exe, system, udp, windows |
Linear-Darstellung
