| |
| |||||||
Log-Analyse und Auswertung: Firefox langsam-alternative data streamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
07.05.2016, 11:45
| #1 |
 |  Firefox langsam-alternative data stream ich glaub ich hab mir ein Trojaner/Rootkit eingefangen :/ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:06-05-2016 03
durchgeführt von wolverine (Administrator) auf X2 (07-05-2016 11:11:21)
Gestartet von C:\Users\wolverine\Desktop
Geladene Profile: wolverine (Verfügbare Profile: wolverine)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
(Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(Tweaking.com) C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM\...\Run: [StartCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-07-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-04-15] (Malwarebytes Corporation)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [6390280 2016-04-26] (Emsisoft Ltd)
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\Run: [f.lux] => C:\Users\wolverine\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.39 78.42.43.39
Tcpip\..\Interfaces\{DE3A6D0B-97D3-4621-AD2A-3274BE425E4B}: [DhcpNameServer] 82.212.62.39 78.42.43.39
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000 -> DefaultScope {F659E625-502C-45A6-B0CC-A0BCF2920531} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000 -> {F659E625-502C-45A6-B0CC-A0BCF2920531} URL = hxxps://www.google.com/search?q={searchTerms}
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF ProfilePath: C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-22] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: YouTube ALL HTML5 - C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2016-03-14]
FF Extension: uBlock Origin - C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default\Extensions\uBlock0@raymondhill.net.xpi [2016-05-03]
FF Extension: Adblock Plus - C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
Chrome:
=======
CHR Profile: C:\Users\wolverine\AppData\Local\Google\Chrome\User Data\Default
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [7534152 2016-04-26] (Emsisoft Ltd)
R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-04-15] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2016-04-26] (Enigma Software Group USA, LLC.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2016-03-10] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 cbfltfs3; C:\Windows\System32\drivers\cbfltfs3x32.sys [238016 2014-12-30] (EldoS Corporation)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [104416 2016-04-07] (Emsisoft Ltd)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [16432 2016-04-26] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-04-26] ()
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [50016 2016-04-15] ()
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-03-10] (REALiX(tm))
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2014-03-19] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2014-03-19] (Logitech, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [Datei ist nicht signiert]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [565424 2016-03-10] (VIA Technologies, Inc.)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
U3 catchme; \??\C:\Windows\TEMP\catchme.sys [X]
S3 eapihdrv; \??\C:\Users\WOLVER~1\AppData\Local\Temp\ehdrv.sys [X]
U3 ImapiService; kein ImagePath
U4 TlntSvr; kein ImagePath
S1 ZAM; \??\C:\Windows\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard32.sys [X]
U3 mbr; \??\C:\ComboFix\mbr.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-07 11:11 - 2016-05-07 11:12 - 00009752 _____ C:\Users\wolverine\Desktop\FRST.txt
2016-05-07 11:11 - 2016-05-07 11:11 - 00000000 ____D C:\FRST
2016-05-07 11:10 - 2016-05-07 11:10 - 01730048 _____ (Farbar) C:\Users\wolverine\Desktop\FRST.exe
2016-05-07 11:01 - 2016-05-07 11:01 - 00005468 _____ C:\Users\wolverine\Desktop\Tweaking.com - Windows Repair - Pre-Scan.txt
2016-05-07 10:46 - 2016-05-07 10:46 - 00018880 _____ C:\ComboFix.txt
2016-05-07 10:37 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-05-07 10:37 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-05-07 10:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-05-07 10:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-05-07 10:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-05-07 10:37 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-05-07 10:37 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-05-07 10:37 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-05-07 10:35 - 2016-05-07 10:46 - 00000000 ____D C:\Qoobox
2016-05-07 10:34 - 2016-05-07 10:34 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\wolverine\Desktop\SpyHunter-Installer.exe
2016-05-07 10:33 - 2016-05-07 10:33 - 05658358 ____R (Swearware) C:\Users\wolverine\Desktop\ComboFix.exe
2016-05-04 21:08 - 2016-05-05 13:22 - 00000000 ____D C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-05-04 19:48 - 2016-05-05 10:45 - 00000000 ____D C:\Users\wolverine\AppData\Roaming\vlc
2016-05-04 19:48 - 2016-05-04 19:48 - 00000988 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-05-04 19:48 - 2016-05-04 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-05-01 16:54 - 2016-05-01 16:54 - 00000000 ____D C:\Users\Public\Foxit Software
2016-05-01 16:54 - 2016-05-01 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-05-01 16:54 - 2016-05-01 16:54 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2016-05-01 15:59 - 2016-05-01 15:59 - 00001827 _____ C:\Users\wolverine\Desktop\xp-AntiSpy.lnk
2016-05-01 15:59 - 2016-05-01 15:59 - 00000000 ____D C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy
2016-04-30 10:36 - 2016-05-07 11:00 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-04-30 10:36 - 2016-04-30 10:36 - 00001013 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-04-30 10:36 - 2016-04-30 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-04-26 16:58 - 2016-04-26 16:58 - 00001204 _____ C:\Users\wolverine\Desktop\SpyHunter.lnk
2016-04-26 16:58 - 2016-04-26 16:58 - 00000000 ____D C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-04-26 16:58 - 2016-04-26 16:58 - 00000000 ____D C:\Users\wolverine\AppData\Roaming\Enigma Software Group
2016-04-26 16:58 - 2016-04-26 16:58 - 00000000 ____D C:\sh4ldr
2016-04-26 16:57 - 2016-04-26 16:57 - 00019984 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-04-26 16:57 - 2016-04-26 16:57 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-04-26 13:49 - 2016-04-26 13:49 - 46346456 _____ (Microsoft Corporation) C:\Users\wolverine\Desktop\Windows-KB890830-V5.35.exe
2016-04-26 11:26 - 2016-05-01 19:33 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-26 11:25 - 2016-05-01 19:32 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-22 17:21 - 2016-04-22 17:21 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-22 17:21 - 2016-04-22 17:21 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-21 14:39 - 2016-04-21 14:40 - 00000000 ____D C:\Users\wolverine\AppData\Roaming\XnView
2016-04-20 20:31 - 2016-03-09 20:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-04-20 20:31 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-04-20 20:31 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-04-18 17:06 - 2016-05-06 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-04-18 17:06 - 2016-05-06 11:24 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Exploit
2016-04-16 11:54 - 2016-04-04 19:54 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-16 11:54 - 2016-04-04 19:42 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-16 11:54 - 2016-04-02 15:07 - 01218048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-16 11:54 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-16 11:54 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-16 11:54 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-16 11:54 - 2016-03-31 02:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-16 11:54 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-16 11:54 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-16 11:54 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-16 11:54 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-16 11:54 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-16 11:54 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-16 11:54 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-16 11:54 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-16 11:54 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-16 11:54 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-16 11:54 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-16 11:54 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-16 11:54 - 2016-03-31 01:45 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-16 11:54 - 2016-03-31 01:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-16 11:54 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-16 11:54 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-16 11:54 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-16 11:54 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-16 11:54 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-16 11:54 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-16 11:54 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-16 11:54 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-16 11:54 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-16 11:54 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-16 11:54 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-16 11:54 - 2016-03-31 01:23 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-16 11:54 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-16 11:54 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-16 11:54 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-16 11:54 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-16 11:54 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-16 11:54 - 2016-03-29 19:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-16 11:54 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-04-16 11:54 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-16 11:54 - 2016-03-18 00:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-16 11:54 - 2016-03-18 00:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-16 11:54 - 2016-03-18 00:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-16 11:54 - 2016-03-18 00:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-16 11:54 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-16 11:54 - 2016-03-18 00:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-16 11:54 - 2016-03-18 00:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-16 11:54 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-16 11:54 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-16 11:54 - 2016-03-18 00:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-16 11:54 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-16 11:54 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-16 11:54 - 2016-03-18 00:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-16 11:54 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-16 11:54 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-16 11:54 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-16 11:54 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-16 11:54 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-16 11:54 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-16 11:54 - 2016-03-18 00:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-16 11:54 - 2016-03-18 00:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-16 11:54 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-16 11:54 - 2016-03-18 00:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-16 11:54 - 2016-03-18 00:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-16 11:54 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-16 11:54 - 2016-03-18 00:24 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-16 11:54 - 2016-03-17 23:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-16 11:54 - 2016-03-17 23:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-16 11:54 - 2016-03-17 23:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-16 11:54 - 2016-03-17 23:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-16 11:54 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-16 11:54 - 2016-03-17 23:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-16 11:54 - 2016-03-17 23:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-16 11:54 - 2016-03-17 23:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-16 11:54 - 2016-03-17 23:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-16 11:54 - 2016-03-17 23:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-16 11:54 - 2016-03-17 23:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-16 11:54 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-16 11:54 - 2016-03-17 23:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-16 11:54 - 2016-03-17 23:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-16 11:54 - 2016-03-17 23:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-16 11:54 - 2016-03-17 23:29 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-16 11:54 - 2016-03-17 23:29 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-16 11:54 - 2016-03-17 23:29 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-16 11:54 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-04-16 11:54 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-16 11:54 - 2016-03-16 01:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-16 11:54 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-16 11:54 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-16 11:54 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-16 11:54 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-15 20:12 - 2016-04-15 20:12 - 00000000 ____D C:\a8730c47948a9153b8
2016-04-15 16:32 - 2016-04-27 11:43 - 00002081 _____ C:\Users\wolverine\Desktop\Tweaking.com - Windows Repair.lnk
2016-04-15 16:32 - 2016-04-15 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-04-15 16:32 - 2016-04-15 16:32 - 00000000 ____D C:\Program Files\Tweaking.com
2016-04-15 11:51 - 2016-04-15 11:51 - 00000000 ____D C:\Program Files\Reason
2016-04-14 11:54 - 2016-04-30 10:53 - 00000000 ____D C:\ProgramData\Emsisoft
2016-04-13 18:29 - 2016-04-13 18:29 - 00000000 ____D C:\Users\wolverine\Documents\CMC
2016-04-13 18:28 - 2016-04-14 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CMC Antivirus
2016-04-11 10:28 - 2016-04-11 10:28 - 00000000 ____D C:\Users\wolverine\AppData\Roaming\ProductData
2016-04-09 11:25 - 2016-04-09 11:25 - 00000000 ___DL C:\Users\wolverine\Documents\My Videos
2016-04-09 11:25 - 2016-04-09 11:25 - 00000000 ___DL C:\Users\wolverine\Documents\My Pictures
2016-04-09 11:25 - 2016-04-09 11:25 - 00000000 ___DL C:\Users\wolverine\Documents\My Music
2016-04-09 09:31 - 2016-04-09 09:31 - 00000000 _____ C:\Users\wolverine\Desktop\Neues Textdokument.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-07 10:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-05-07 10:44 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2016-05-07 08:49 - 2009-07-14 06:34 - 00013728 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-07 08:49 - 2009-07-14 06:34 - 00013728 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-07 08:38 - 2011-11-06 03:32 - 01599580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-07 08:38 - 2009-07-14 10:47 - 00679238 _____ C:\Windows\system32\perfh007.dat
2016-05-07 08:38 - 2009-07-14 10:47 - 00143384 _____ C:\Windows\system32\perfc007.dat
2016-05-07 08:33 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-06 20:46 - 2015-03-31 12:54 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-06 11:24 - 2016-01-19 16:41 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-05-04 19:48 - 2011-11-06 18:13 - 00000000 ____D C:\Program Files\VideoLAN
2016-05-04 12:11 - 2011-11-07 14:58 - 132539272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-04 10:01 - 2015-04-12 01:48 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-04 09:07 - 2013-02-14 20:04 - 00000000 ____D C:\Users\wolverine\Desktop\Neuer Ordner (2)
2016-05-04 09:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2016-05-01 19:51 - 2014-01-30 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-05-01 16:54 - 2016-01-25 16:01 - 00002055 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-05-01 09:58 - 2014-03-25 22:08 - 00000929 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-27 12:05 - 2009-07-14 10:56 - 00000000 ____D C:\Windows\CSC
2016-04-27 12:05 - 2009-07-14 06:33 - 00330880 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-23 12:16 - 2009-07-14 04:04 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_292
2016-04-21 15:05 - 2011-11-06 04:19 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-16 13:18 - 2014-09-10 11:57 - 00000000 ____D C:\Windows\rescache
2016-04-16 12:39 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-16 12:37 - 2013-07-11 10:11 - 00000000 ____D C:\Windows\system32\MRT
2016-04-15 20:50 - 2009-07-14 04:04 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_828
2016-04-15 19:16 - 2011-11-17 02:41 - 00002052 _____ C:\Windows\epplauncher.mif
2016-04-15 12:44 - 2009-07-14 04:04 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts_bak_334
2016-04-15 12:43 - 2012-01-27 00:38 - 00000000 ____D C:\Windows\ERDNT
2016-04-12 10:11 - 2016-03-10 18:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-01-07 03:25 - 2015-12-23 14:38 - 0000715 _____ () C:\Users\wolverine\AppData\Roaming\burnaware.ini
2011-11-06 04:17 - 2011-11-28 15:58 - 0001877 _____ () C:\Users\wolverine\AppData\Roaming\xpy.ini
2011-12-20 15:41 - 2011-12-20 15:41 - 0106226 _____ () C:\Users\wolverine\AppData\Local\ars.cache
2011-12-20 15:41 - 2011-12-20 15:41 - 0458083 _____ () C:\Users\wolverine\AppData\Local\census.cache
2011-12-20 14:47 - 2011-12-20 14:47 - 0000036 _____ () C:\Users\wolverine\AppData\Local\housecall.guid.cache
2013-01-24 22:19 - 2013-01-24 23:11 - 0001461 _____ () C:\Users\wolverine\AppData\Local\RecConfig.xml
2012-04-04 11:07 - 2016-04-26 14:03 - 0007605 _____ () C:\Users\wolverine\AppData\Local\Resmon.ResmonCfg
2011-11-09 19:44 - 2013-10-06 16:48 - 0008723 _____ () C:\ProgramData\hpzinstall.log
2011-11-06 19:38 - 2011-11-25 00:54 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-28 09:50
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:06-05-2016 03
durchgeführt von wolverine (2016-05-07 11:12:14)
Gestartet von C:\Users\wolverine\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2011-11-06 01:26:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2851574506-1057980830-1205925942-500 - Administrator - Disabled)
Gast (S-1-5-21-2851574506-1057980830-1205925942-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2851574506-1057980830-1205925942-1002 - Limited - Enabled)
wolverine (S-1-5-21-2851574506-1057980830-1205925942-1000 - Administrator - Enabled) => C:\Users\wolverine
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7601F4BD-2DFD-2C85-F623-F06E097D2D61}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Application Profiles (Version: 2.0.4331.36041 - Ihr Firmenname) Hidden
ATI AVIVO Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
calibre (HKLM\...\{D9A85F14-FFA5-40B1-8402-80D510D48D01}) (Version: 1.8.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX390 series Benutzerregistrierung (HKLM\...\Canon MX390 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX390 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX390_series) (Version: 1.00 - Canon Inc.)
Canon MX390 series On-screen Manual (HKLM\...\Canon MX390 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.6 - Emsisoft Ltd.)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
erLT (Version: 1.20.0137 - Logitech, Inc.) Hidden
f.lux (HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\Flux) (Version: - )
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
LibreOffice 4.3.2.2 (HKLM\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation)
Malwarebytes Anti-Exploit version 1.8.1.1196 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1196 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version: - )
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 45.0.2 (x86 de) (HKLM\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF4819}) (Version: 4.0.3 - dotPDN LLC)
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SpyHunter 4 (HKLM\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC)
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 3.8.7 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {092A2073-3C57-4A69-9C3A-D1F02CDFAF69} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {2D41C051-FFE9-491D-AD09-24511361B635} - System32\Tasks\{AAF70C11-E6F9-4055-A6CC-B55068489C36} => pcalua.exe -a "C:\Program Files\Realtek\NICDRV_8169\RTINSTALLER32.EXE" -d "C:\Program Files\Realtek\NICDRV_8169"
Task: {559015D3-447D-452E-8235-446BF12C5332} - System32\Tasks\{6E9C1D62-EA95-47D6-8920-408B3B3BF1DE} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {78072229-A541-4C1F-8913-1AE6BBE4353F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {C289A403-E167-4456-B1B7-6AD4E10894BD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-06] (AVAST Software)
Task: {DF3D0EE6-FC62-49BE-AA94-C184D7C888DC} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-04-26] (Enigma Software Group USA, LLC.)
Task: {F4319CB6-4981-4283-A4DE-414AB73D141A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4789 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2016-05-07 10:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.212.62.39 - 78.42.43.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Systemfehler:
=============
CodeIntegrity:
===================================
Date: 2014-11-26 16:56:15.604
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-26 15:41:49.293
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-26 15:27:35.281
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-26 14:54:06.737
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-26 12:55:54.880
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-25 13:34:01.380
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-25 12:18:02.331
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-25 10:47:26.194
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-25 10:32:46.058
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-24 21:43:18.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 3583.05 MB
Verfügbarer physikalischer RAM: 2518.83 MB
Summe virtueller Speicher: 7164.43 MB
Verfügbarer virtueller Speicher: 5712.38 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:426.93 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 81496245)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
Code:
ATTFilter Users shortcut scan result (x86) Version:06-05-2016 03 durchgeführt von wolverine (2016-05-07 11:12:42) Gestartet von C:\Users\wolverine\Desktop Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk -> C:\Program Files\Paint.NET\PaintDotNet.exe (dotPDN LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC\Virtual Machines.lnk -> C:\Windows\System32\VMWindow.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Open Windows Repair (WR) Tray Icon.lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe (Tweaking.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Tweaking.com - Registry Backup.lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\registry_backup_tool\TweakingRegistryBackup.exe (Tweaking.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Tweaking.com - Windows Repair.lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe (Tweaking.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport\Homepage.lnk -> C:\Program Files\StreamTransport\HomePage.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport\StreamTransport.lnk -> C:\Program Files\StreamTransport\StreamTransport.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport\Uninstall StreamTransport.lnk -> C:\Program Files\StreamTransport\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup\Uninstall.lnk -> C:\Program Files\MozBackup\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit.lnk -> C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit\Uninstall Malwarebytes Anti-Exploit.lnk -> C:\Program Files\Malwarebytes Anti-Exploit\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Base.lnk -> C:\Program Files\LibreOffice 4\program\sbase.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Calc.lnk -> C:\Program Files\LibreOffice 4\program\scalc.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Draw.lnk -> C:\Program Files\LibreOffice 4\program\sdraw.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Impress.lnk -> C:\Program Files\LibreOffice 4\program\simpress.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Math.lnk -> C:\Program Files\LibreOffice 4\program\smath.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Writer.lnk -> C:\Program Files\LibreOffice 4\program\swriter.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice.lnk -> C:\Program Files\LibreOffice 4\program\soffice.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Foxit Reader.lnk -> C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Uninstall Foxit Reader.lnk -> C:\Program Files\Foxit Software\Foxit Reader\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Deinstallieren.lnk -> C:\Program Files\Emsisoft Anti-Malware\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Anti-Malware.lnk -> C:\Program Files\Emsisoft Anti-Malware\a2start.exe (Emsisoft Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Homepage.lnk -> C:\Program Files\Emsisoft Anti-Malware\Emsisoft.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Hilfe.lnk -> C:\Program Files\Emsisoft Anti-Malware\de-de.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Quick Menu\Quick Menu.lnk -> C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Image Garden\My Image Garden.lnk -> C:\Program Files\Canon\My Image Garden\cnmigmain.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Kurzwahlprogramm\Kurzwahlprogramm.lnk -> C:\Program Files\Canon\Speed Dial Utility\sdutil.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk -> C:\Program Files\Canon\IJ Scan Utility\SCANUTILITY.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX390 series Benutzerregistrierung\Benutzerregistrierung.LNK -> C:\Program Files\Canon\IJEREG\MX390 series\IJEREG.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\calibre - E-book management.lnk -> C:\Program Files\Calibre2\calibre.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\E-book viewer.lnk -> C:\Program Files\Calibre2\ebook-viewer.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\LRF viewer.lnk -> C:\Program Files\Calibre2\lrfviewer.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux\Avidemux 2.6 (32-bit).lnk -> C:\Program Files\Avidemux 2.6\avidemux.exe (Free Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux\Avidemux job control.lnk -> C:\Program Files\Avidemux 2.6\avidemux_jobs.exe (Free Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux\Change Log 2.6.lnk -> C:\Program Files\Avidemux 2.6\Change Log.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\ StreamTransport.lnk -> C:\Program Files\StreamTransport\StreamTransport.exe () Shortcut: C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk -> C:\Program Files\Avidemux 2.6\avidemux.exe (Free Software Foundation) Shortcut: C:\Users\Public\Desktop\calibre - E-book management.lnk -> C:\Program Files\Calibre2\calibre.exe () Shortcut: C:\Users\Public\Desktop\Canon Quick Menu.lnk -> C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.) Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) Shortcut: C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk -> C:\Program Files\Emsisoft Anti-Malware\a2start.exe (Emsisoft Ltd) Shortcut: C:\Users\Public\Desktop\Foxit Reader.lnk -> C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.) Shortcut: C:\Users\Public\Desktop\LibreOffice 4.3.lnk -> C:\Program Files\LibreOffice 4\program\soffice.exe (The Document Foundation) Shortcut: C:\Users\Public\Desktop\MozBackup.lnk -> C:\Program Files\MozBackup\MozBackup.exe () Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Paint.NET.lnk -> C:\Program Files\Paint.NET\PaintDotNet.exe (dotPDN LLC) Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\Users\wolverine\Links\Desktop.lnk -> C:\Users\wolverine\Desktop () Shortcut: C:\Users\wolverine\Links\Downloads.lnk -> C:\Users\wolverine\Downloads () Shortcut: C:\Users\wolverine\Desktop\Format Factory.lnk -> C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe (Free Time) Shortcut: C:\Users\wolverine\Desktop\MozBackup.lnk -> C:\Program Files\MozBackup\MozBackup.exe () Shortcut: C:\Users\wolverine\Desktop\OpenOffice 4.1.1.lnk -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) Shortcut: C:\Users\wolverine\Desktop\Revo Uninstaller.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) Shortcut: C:\Users\wolverine\Desktop\SpyHunter.lnk -> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.) Shortcut: C:\Users\wolverine\Desktop\Tweaking.com - Windows Repair.lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe (Tweaking.com) Shortcut: C:\Users\wolverine\Desktop\xp-AntiSpy.lnk -> C:\Program Files\xp-AntiSpy\xp-AntiSpy.exe (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy\Bedienungsanleitung.lnk -> C:\Program Files\xp-AntiSpy\xp-AntiSpy.chm (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy\Deinstallieren.lnk -> C:\Program Files\xp-AntiSpy\Uninstall.exe (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy\Homepage.lnk -> C:\Program Files\xp-AntiSpy\xp-AntiSpy.url (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy\xp-AntiSpy.lnk -> C:\Program Files\xp-AntiSpy\xp-AntiSpy.exe (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM\EULA.lnk -> C:\Program Files\WMV9_VCM\license.txt () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM\Help.lnk -> C:\Program Files\WMV9_VCM\WMV9VCM.chm () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM\Read_me.lnk -> C:\Program Files\WMV9_VCM\WMV9VCM_readme.htm () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk -> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe (VS Revo Group Ltd.) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Base.lnk -> C:\Program Files\OpenOffice 4\program\sbase.exe (Apache Software Foundation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Calc.lnk -> C:\Program Files\OpenOffice 4\program\scalc.exe (Apache Software Foundation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Draw.lnk -> C:\Program Files\OpenOffice 4\program\sdraw.exe (Apache Software Foundation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Impress.lnk -> C:\Program Files\OpenOffice 4\program\simpress.exe (Apache Software Foundation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Math.lnk -> C:\Program Files\OpenOffice 4\program\smath.exe (Apache Software Foundation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Writer.lnk -> C:\Program Files\OpenOffice 4\program\swriter.exe (Apache Software Foundation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice.lnk -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Deinstallationsprogramm.lnk -> C:\Users\wolverine\Desktop\JDownloader v2.0\Uninstall JDownloader.exe (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk -> C:\Users\wolverine\Desktop\JDownloader v2.0\JDownloader2Update.exe (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk -> C:\Users\wolverine\Desktop\JDownloader v2.0\JDownloader2.exe (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk -> C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe (Free Time) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk -> C:\Program Files\FreeTime\FormatFactory\uninst.exe (Free Time) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Flux.lnk -> C:\Users\wolverine\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Uninstall.lnk -> C:\Users\wolverine\AppData\Local\FluxSoftware\Flux\uninstall.exe () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\SendTo\Format Factory.lnk -> C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe (Free Time) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Office\Zuletzt verwendet\Desktop.LNK -> C:\Users\wolverine\Desktop () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Office\Zuletzt verwendet\Eigene Dokumente.LNK -> C:\Users\wolverine\Documents () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Office\Zuletzt verwendet\Neuer Ordner.LNK -> C:\Users\wolverine\Desktop\Neuer Ordner () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Office\Zuletzt verwendet\temp.LNK -> C:\Users\wolverine\AppData\Local\temp () Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk -> C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader 2.lnk -> C:\Users\wolverine\Desktop\JDownloader v2.0\JDownloader2.exe (Keine Datei) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) Shortcut: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC\Virtual Windows XP.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\VMCPropertyHandler.dll,LaunchDefaultVM ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Uninstall Tweaking.com - Windows Repair.lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\uninstall.exe (Indigo Rose Corporation) -> "/U:C:\Program Files\Tweaking.com\Windows Repair (All in One)\Uninstall\uninstall.xml" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk -> C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) -> /mn ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX390 series Manual\Canon MX390 series On-Screen-Handbuch.lnk -> C:\Program Files\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> "C:\PROGRAM FILES\Canon\IJ Manual\CANON MX390 SERIES\German\Info.egv" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Hilfe.lnk -> C:\Program Files\AMD\ATI.ACE\Core-Static\CLI.exe (Advanced Micro Devices Inc.) -> Start Help -help ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.com" ShortcutWithArgument: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall.lnk -> C:\Users\wolverine\AppData\Roaming\Enigma Software Group\sh_installer.exe (Enigma Software Group USA, LLC.) -> -r sh ShortcutWithArgument: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) -> -hunter ShortcutWithArgument: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk -> C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe (Free Time) -> /help ShortcutWithArgument: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff ShortcutWithArgument: C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\wolverine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup\Homepage.url -> hxxp://mozbackup.jasnapaka.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup\Support.url -> hxxp://mozbackup.jasnapaka.com/support.php InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\Get Involved.url -> hxxp://calibre-ebook.com/get-involved InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\User Manual.url -> hxxp://manual.calibre-ebook.com/ InternetURL: C:\Users\wolverine\Favorites\HijackThis.de Support Board.url -> hxxp://www.hijackthis-forum.de/forum.php InternetURL: C:\Users\wolverine\Favorites\Scorpions - Send Me An Angel - YouTube.url -> hxxp://www.youtube.com/watch?v=T4b_RZ9ROXQ&feature=related InternetURL: C:\Users\wolverine\Favorites\system Dokumente und Einstellungen - Zugriff verweigert.url -> hxxp://www.drwindows.de/windows-vista-allgemein/2430-dokumente-und-einstellungen-zugriff-verweigert.html InternetURL: C:\Users\wolverine\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742 InternetURL: C:\Users\wolverine\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700 InternetURL: C:\Users\wolverine\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681 InternetURL: C:\Users\wolverine\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682 InternetURL: C:\Users\wolverine\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680 InternetURL: C:\Users\wolverine\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659 InternetURL: C:\Users\wolverine\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640 InternetURL: C:\Users\wolverine\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636 InternetURL: C:\Users\wolverine\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635 InternetURL: C:\Users\wolverine\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630 InternetURL: C:\Users\wolverine\Favorites\Links\Vorgeschlagene Sites (2).url -> hxxps://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\wolverine\Favorites\Links\Vorgeschlagene Sites.url -> 0 InternetURL: C:\Users\wolverine\Favorites\Links\Windows 7 Browser lahmt - Seite 3.url -> hxxp://www.hijackthis-forum.de/hijackthis-logfiles/59651-browser-lahmt-3.html ==================== Ende vom Shortcut.txt ============================= |
| Themen zu Firefox langsam-alternative data stream |
| askbar, avast, combofix, computer, cpu, defender, dnsapi.dll, einstellungen, esgscanner.sys, explorer, firefox, flash player, helper, hijack, homepage, iexplore.exe, install.exe, mozilla, performance, prozesse, registry, rundll, scan, secur, services.exe, svchost.exe, system, temp, ublock, ublock origin, windows |
Baum-Darstellung