Addition.txt (FRST): Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Linus at 2014-09-16 00:55:47
Running from C:\Users\Linus\Downloads\ANtivirus
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.31 - Abelssoft)
CrystalDiskMark 3.0.3b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3b - Crystal Dew World)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Fable III (HKLM-x32\...\Steam App 105400) (Version: - Lionhead Studios)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.1 - MakeMusic)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.4.530 - DVDVideoSoft Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
HJC PS3 ISP V22 (HKLM-x32\...\HJC PS3 ISP V22) (Version: - Alan)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.27 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.27 - Dominik Reichl)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - Playdead)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
MAGIX Music Maker 15 Premium Download-Version 15.0.1.5 (D) (HKLM-x32\...\MAGIX Music Maker 15 Premium Download-Version D) (Version: 15.0.1.5 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
NVIDIA Install Application (Version: 2.1002.151.1091 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SPEEDLINK TORID (HKLM-x32\...\SPEEDLINK TORID) (Version: - )
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.0.0.15405 - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tom Clancy's Rainbow Six: Vegas 2 (HKLM-x32\...\Steam App 15120) (Version: - Ubisoft Montreal)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
USB Game Controller (HKLM-x32\...\USB Game Controller) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vtune 7.13 (HKLM-x32\...\MySSID_is1) (Version: - )
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinSCP 5.5.5 (HKLM-x32\...\winscp3_is1) (Version: 5.5.5 - Martin Prikryl)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Linus\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Linus\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Linus\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Linus\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Linus\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113089819-2585871665-813888595-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Linus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
31-08-2014 17:31:28 Geplanter Prüfpunkt
04-09-2014 15:50:26 Gerätetreiber-Paketinstallation: TAP-Windows Provider V9 Netzwerkadapter
13-09-2014 17:38:34 Windows Update
14-09-2014 17:57:08 Microsoft Visual C++ 2005 Redistributable wird installiert
14-09-2014 17:58:34 Microsoft Visual C++ 2005 Redistributable wird installiert
14-09-2014 18:00:54 DirectX wurde installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0C9A639F-5806-4535-8F79-7F50E5765F23} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {1D8376DE-0209-4BC8-A3DD-29E98F35C7FF} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-08-01] (IObit)
Task: {2352BEAB-0A3A-43AD-9E56-5569EEEFCB99} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {2562F284-9094-46D0-8A50-5140BCACA19C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-05] (Google Inc.)
Task: {2FEE1C91-9FEA-4428-AFA1-431EE7BF0FFD} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {35EAD9F4-5210-40F4-9841-62AA4F9E2707} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {39CE1272-D4D2-4CF8-BAC6-AB6A4AD0C505} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-09-02] (CHIP)
Task: {3C89571D-2336-47C3-92D4-91BBC1167556} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Linus-PC-Linus Linus-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-25] (Microsoft Corporation)
Task: {3F2F4E0C-532B-4728-AF48-E13BC2179FA6} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {45FC701F-941B-45EF-BC58-20AFB3B78593} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-05] (Google Inc.)
Task: {55700FAA-CE50-41E0-97A4-575CDBA76FDD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7F2B5711-2FCA-4A09-9108-B1B2AA573EE7} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-08-01] (IObit)
Task: {89F24E9D-F7E2-40A4-832D-D12DBBFC51DA} - System32\Tasks\Driver Booster SkipUAC (Linus) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {E33B1B7A-EAC8-41A2-96B4-3AD4CA1419B1} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {F999158C-A763-40A9-B7D2-0A3550F28325} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-28 14:25 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-08-25 15:29 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-06-05 16:09 - 2010-09-02 10:59 - 02158592 _____ () C:\Program Files (x86)\Vtune\TBPANEL.exe
2014-05-25 16:18 - 2014-05-25 16:18 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-05-25 16:18 - 2014-05-25 16:18 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-13 14:22 - 2014-09-04 04:09 - 10329928 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-13 14:22 - 2014-09-04 04:09 - 00405320 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-13 14:22 - 2014-09-04 04:09 - 01831752 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-08-23 19:23 - 2014-08-23 19:23 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-23 19:23 - 2014-08-23 19:23 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-05 18:54 - 2005-04-22 06:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2014-09-13 14:22 - 2014-09-04 04:09 - 01442120 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-13 14:22 - 2014-09-04 04:09 - 00168264 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-16 00:26 - 2014-09-16 00:26 - 00050477 _____ () C:\Users\Linus\Downloads\ANtivirus\Defogger.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-05 16:09 - 1998-10-31 04:55 - 00005120 _____ () C:\Program Files (x86)\Vtune\TBManage.dll
2009-07-31 21:39 - 2009-07-31 21:39 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2014-09-15 16:22 - 2014-09-15 16:22 - 00043008 _____ () c:\users\linus\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjhspc4.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Linus\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-14 18:27 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Linus\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-06-05 18:53 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Linus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_546B100DB4BA6F8638678E5732DDC41D => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: SkyDrive => "C:\Users\Linus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Spotify => "C:\Users\Linus\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Linus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== Faulty Device Manager Devices =============
Name: HJC 6573F USB ISP Port 32&64 bit
Description: HJC 6573F USB ISP Port 32&64 bit
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Weltrend using WinUsb !!!
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/16/2014 00:55:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Avira.OE.Systray.exe, Version 1.1.19.30000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b48
Startzeit: 01cfd0f03d59f09e
Endzeit: 71
Anwendungspfad: C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
Berichts-ID: 714dfcb8-3d2b-11e4-bedc-adc222afc30a
Error: (09/15/2014 07:48:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003
Error: (09/15/2014 07:48:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003
Error: (09/15/2014 07:48:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/15/2014 07:48:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7005
Error: (09/15/2014 07:48:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7005
Error: (09/15/2014 07:48:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/15/2014 07:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006
Error: (09/15/2014 07:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006
Error: (09/15/2014 07:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (09/15/2014 04:22:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/15/2014 04:22:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.
Error: (09/15/2014 04:21:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Motorola Device Manager Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/15/2014 04:21:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Motorola Device Manager Service erreicht.
Error: (09/14/2014 06:27:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/13/2014 03:27:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/13/2014 01:51:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Motorola Device Manager Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/13/2014 01:51:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Motorola Device Manager Service erreicht.
Error: (09/11/2014 10:18:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/11/2014 10:18:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.
Microsoft Office Sessions:
=========================
Error: (09/16/2014 00:55:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Avira.OE.Systray.exe1.1.19.30000b4801cfd0f03d59f09e71C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe714dfcb8-3d2b-11e4-bedc-adc222afc30a
Error: (09/15/2014 07:48:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003
Error: (09/15/2014 07:48:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003
Error: (09/15/2014 07:48:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/15/2014 07:48:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7005
Error: (09/15/2014 07:48:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7005
Error: (09/15/2014 07:48:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/15/2014 07:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006
Error: (09/15/2014 07:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006
Error: (09/15/2014 07:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 37%
Total physical RAM: 6142.16 MB
Available physical RAM: 3832.91 MB
Total Pagefile: 12282.49 MB
Available Pagefile: 8938.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:654.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3DFE6D8E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
gmer.txt: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-16 01:24:57
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD103SJ rev.1AJ10001 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Linus\AppData\Local\Temp\kgloapog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031eb000 27 bytes [00, B0, 8B, 48, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 556 fffff800031eb01c 17 bytes [00, 00, 00, 00, 50, 18, 99, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2304] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077391530 16 bytes [50, 48, B8, D0, 34, 21, F6, ...]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[4908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075231465 2 bytes [23, 75]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[4908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752314bb 2 bytes [23, 75]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077391380 16 bytes [50, 48, B8, 28, D6, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken 00000000773914f0 16 bytes [50, 48, B8, 80, D5, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 0000000077391510 48 bytes [50, 48, B8, FC, D4, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection 0000000077391550 16 bytes [50, 48, B8, 4C, D6, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx 00000000773915a0 32 bytes [50, 48, B8, A4, D5, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 00000000773915e0 16 bytes [50, 48, B8, 8C, D4, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile 0000000077391680 16 bytes [50, 48, B8, D4, D5, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077391800 16 bytes [50, 48, B8, 50, D3, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken 0000000077392270 16 bytes [50, 48, B8, 20, D5, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 00000000773922c0 16 bytes [50, 48, B8, 5C, D5, 16, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4180] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile 0000000077392410 16 bytes [50, 48, B8, E8, D5, 16, 3F, ...]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[6736] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075231465 2 bytes [23, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[6736] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752314bb 2 bytes [23, 75]
.text ... * 2
---- Processes - GMER 2.1 ----
Library C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll (*** suspicious ***) @ C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2344](2009-07-31 19:39:08) 0000000060900000
Library C:\Users\Linus\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Linus\AppData\Roaming\Dropbox\bin\Dropbox.exe [2384](2014-07-30 00:20:20) 0000000003bb0000
Library c:\users\linus\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjhspc4.dll (*** suspicious ***) @ C:\Users\Linus\AppData\Roaming\Dropbox\bin\Dropbox.exe [2384](2014-09-15 14:22:04) 0000000004330000
Library C:\Users\Linus\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Linus\AppData\Roaming\Dropbox\bin\Dropbox.exe [2384](2013-08-23 19:01:44) 000000005e8e0000
Library C:\Users\Linus\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Linus\AppData\Roaming\Dropbox\bin\Dropbox.exe [2384] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42) 000000005df50000
---- EOF - GMER 2.1 ----
|
So funktioniert es:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
