|
Windows 7 bootet nicht nach Virusbefall Hallo! Nach dem Anklicken eines eines Videos in Facebook kam ein sehr lauter Sirenen artiger Ton und der Bildschirm wurde schwarz. Die Tastatur reagierte nicht mehr und der laute Ton konnte nur mehr durch das Herausnehmen des Akkus abgestellt werden. Seither bootet das System nicht mehr. Habe ein kostenpflichtiges Avast Virenschutzprogramm installiert. Anbei schicke ich das Logfile und bitte um Bearbeitung und Antwort Viele Grüße Alfred FRST Logfile: Code: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01 |
Hi, was genau passiert beim normal booten? Geht einer der Safe Modes? Last Known Good COnfig? Sys Wiederherstellung? |
Hallo! Es ist mir ein völliges Rätsel, aber mein Laptop lies sich heute früh normal starten. ich machte gleich einen gründlichen Check von meinem Antrivirusprogramm. 2 Bedrohungen wurden gefunden: C:\hitradiorecorder5_setup(1).exe C:\dslradiorecorder2.0_up.exe Schweregrad: hoch Status: Bedrohung: Win32: Adware-gen ----in Container verschoben. Ist mein Problem nun gelöst oder soll ich noch was machen? Vielen Dank Alfred |
Dann jetzt im normalen Modus: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
LOGFILE FRST Logfile: Code: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2014ADDITIONAL TXT FILE Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-09-2014 Ran by Alfred at 2014-09-24 21:44:59 Running from H:\ Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3DataManager (HKLM\...\3DataManager) (Version: 2.2 - 3DataManager) Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: - ) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated) Adobe AIR (Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.) AllDup 3.3.12 (HKLM\...\AllDup_is1) (Version: 3.3.12 - Michael Thummerer Software Design) AoA Audio Extractor (HKLM\...\{D1725D54-279A-40C5-A70D-23C1785DB920}_is1) (Version: - AoAMedia.com) Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo Burning Studio (HKLM\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG) Ashampoo Photo Commander (HKLM\...\Ashampoo Photo Commander_is1) (Version: 8.1.0 - ashampoo GmbH & Co. KG) Ashampoo Snap (HKLM\...\Ashampoo Snap_is1) (Version: 3.4.0 - ashampoo GmbH & Co. KG) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.) avast! Internet Security (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software) bob internet (Version: 1.0.0.139 - mobilkom austria AG) Hidden Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - ) Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.) Canon iP2700 series Benutzerregistrierung (HKLM\...\Canon iP2700 series Benutzerregistrierung) (Version: - ) Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - ) Canon MP230 series Benutzerregistrierung (HKLM\...\Canon MP230 series Benutzerregistrierung) (Version: - Canon Inc.) Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.00 - Canon Inc.) Canon MP230 series On-screen Manual (HKLM\...\Canon MP230 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.) Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.) Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - ) Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) ClaroInstaller (HKLM\...\{069B290F-5398-4629-A009-85B4BCB4B1B9}) (Version: 1.0.0.1 - Claro) Conduit Engine (HKLM\...\conduitEngine) (Version: 6.2.2.4 - Conduit Ltd.) <==== ATTENTION ControlCenter (HKLM\...\{E5EDA1E6-5FDD-4B29-8399-6022B81C3A7C}) (Version: - ) CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation) CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation) CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2602 - CyberLink Corp.) CyberLink LabelPrint (Version: 2.5.2602 - CyberLink Corp.) Hidden CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1410a - CyberLink Corp.) CyberLink MediaShow (Version: 5.0.1410a - CyberLink Corp.) Hidden CyberLink MediaShow Espresso (HKLM\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.5.1412_24021 - CyberLink Corp.) CyberLink MediaShow Espresso (Version: 5.5.1412_24021 - CyberLink Corp.) Hidden CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) CyberLink PhotoNow (Version: 1.1.6904 - CyberLink Corp.) Hidden CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) CyberLink Power2Go (Version: 6.1.3602c - CyberLink Corp.) Hidden CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2718 - CyberLink Corp.) CyberLink PowerDirector (Version: 8.0.2718 - CyberLink Corp.) Hidden CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2925.52 - CyberLink Corp.) CyberLink PowerDVD 9 (Version: 9.0.2925.52 - CyberLink Corp.) Hidden CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.) CyberLink PowerDVD Copy (Version: 1.5.1306 - CyberLink Corp.) Hidden CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2326 - CyberLink Corp.) CyberLink PowerProducer (Version: 5.0.2.2326 - CyberLink Corp.) Hidden CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2626 - CyberLink Corp.) CyberLink YouCam (Version: 3.0.2626 - CyberLink Corp.) Hidden Cyrus (HKLM\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - ) DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden Driver Detective (HKLM\...\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}) (Version: 8.0.1 - PC Drivers HeadQuarters) Driver Whiz (HKLM\...\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}) (Version: 8.0.1 - Driver Whiz) Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink) DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: 6.8.2.0 - DVDVideoSoftTB) EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.) Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - ) Free Audio CD Burner version 1.4 (HKLM\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.) Free DVD Video Converter version 2.0.15.1029 (HKLM\...\Free DVD Video Converter_is1) (Version: 2.0.15.1029 - DVDVideoSoft Ltd.) Free HTML5 Video Player and Converter version 5.0.30.1029 (HKLM\...\Free HTML5 Video Player and Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.) Free M4a to MP3 Converter 7.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Free MP4 Video Converter version 5.0.48.922 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.48.922 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.38.530 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.) Freeware.de Toolbar (HKLM\...\Freeware.de Toolbar) (Version: 6.8.2.0 - Freeware.de) Garmin BaseCamp (HKLM\...\{22613FA5-4D3B-4EE5-8E4A-39EBE649324E}) (Version: 3.3.3 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin (HKLM\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries) Garmin MapSource (HKLM\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries) Garmin Trip and Waypoint Manager v5 (HKLM\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden H264 Video Codec (HKLM\...\H264) (Version: - T,DP5) Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - ) HiJaak® PhoTags (HKLM\...\{C80BF516-777D-4869-A924-F54F9E2DF43E}) (Version: 2.5.24 - IMSI.) iCMS (HKLM\...\{6BF6FA12-4DA0-4BBD-A91C-81B1A1DDCE74}) (Version: 1.0.4 - iCMS) Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.) Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden Launch Manager (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.2 - Wistron Corp.) Medion Home Cinema (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.1505 - CyberLink Corp.) Medion Home Cinema (Version: 8.0.1505 - CyberLink Corp.) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden Microsoft Research AutoCollage 2008 version 1.1 (HKLM\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) MP3jam 1.1.1.9 (HKLM\...\MP3jam_is1) (Version: 1.1.1.9 - MP3jam) MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - ) Nero 8 (HKLM\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.31 - Nero AG) neroxml (Version: 1.0.0 - Nero AG) Hidden NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5912 - NVIDIA Corporation) NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2702 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden NVIDIA Updatus (Version: 1.0.3 - NVIDIA Corporation) Hidden OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) Opera Stable 24.0.1558.61 (HKLM\...\Opera 24.0.1558.61) (Version: 24.0.1558.61 - Opera Software ASA) PDF Blender (HKLM\...\PDF Blender) (Version: - ) PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - ) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6128 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30121 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.) Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.4.11328 - Skype Technologies S.A.) Skype™ 6.6 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.) SuperPlay (HKLM\...\{DBABA511-7108-4239-8B84-78C67BEA117D}) (Version: 1.0.0 - SuperPlay) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated) The Rosetta Stone (HKLM\...\The Rosetta Stone) (Version: - ) WebClient (HKLM\...\WebClient) (Version: - ) Windows Internet Explorer 10 (Version: 10.0 - Microsoft Corporation) Hidden Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Fotogalerie (Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Movie Maker (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - ) Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden Windows-Treiberpaket - Hewlett-Packard Image (12/27/2006 8.0.0.0) (HKLM\...\F5E51FDA4F39B4D4F8A1DF9178FCF7947925E0F1) (Version: 12/27/2006 8.0.0.0 - Hewlett-Packard) WinPcap 4.0.2 (HKLM\...\WinPcapInst) (Version: 4.0.0.1040 - CACE Technologies) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. ) www.Freeware-download.com Toolbar (HKLM\...\www.Freeware-download.com Toolbar) (Version: 6.2.2.4 - www.Freeware-download.com) X10 Hardware(TM) (HKLM\...\X10Hardware) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Alfred\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Alfred\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Alfred\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 23-09-2014 08:14:31 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 09:04 - 2009-06-11 04:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {024733AF-6349-421B-B4A0-88C8860F773A} - System32\Tasks\Opera scheduled Autoupdate 1389104290 => C:\Program Files\Opera\launcher.exe [2014-09-12] (Opera Software) Task: {03A023D8-427B-4EF4-B2A5-B86FBA7D0F27} - System32\Tasks\{1B60459B-1EB5-4C5A-9202-6C141766798D} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe Task: {05A2B63C-5DFA-4B99-BDED-5695876A7EB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-09] (Google Inc.) Task: {1268456B-A34E-4ED8-917E-6849E124AF55} - System32\Tasks\{B5483975-8860-40D5-9ACB-4BFAE5A28B96} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH) Task: {32332AED-D311-4401-940C-DAB82D5859B8} - System32\Tasks\{20EFCEFA-69A5-4CB6-AFFD-0AEB9A32ECAF} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] () Task: {3B8D46C6-31FB-4850-ACAB-F4965D6348A7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001Core => C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-02] (Facebook Inc.) Task: {3D73AF95-EB32-44D4-A47A-7A9F50D3C9FE} - System32\Tasks\{1243E5D8-293A-48D5-870B-1872566946F8} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH) Task: {3DCD4D17-1CE6-4C28-A58F-1C9CDD700E2B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {4B89E2A3-06BF-41C5-91EF-27B051A74855} - System32\Tasks\{26C8E58C-BEA2-4372-83B6-8366D6F2CB5D} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe Task: {51BCA28E-6EDC-43A5-9AF0-87C8518776C5} - System32\Tasks\{2E248677-D8DD-4473-A0B3-57DCBA6B9EC9} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH) Task: {55E1415D-1911-4954-92CA-0C43E4E04843} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-09] (Google Inc.) Task: {6E49B103-5514-4BF3-9E22-74E9BDDA93F9} - System32\Tasks\{2D1745AE-E5F2-45B8-9000-2FC69C40DA1E} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] () Task: {7B0C14BA-DA37-4C86-91E0-8F2783A4BC20} - System32\Tasks\{2A28CFAB-E6CB-4465-9E4E-ABE9ADED9F9B} => C:\Program Files\DATA BECKER\DSL Radio-Recorder 2.0\dslrr2.exe Task: {7FFBA563-7F51-4651-9B73-B384F926824D} - System32\Tasks\{1E0DE0C4-8E43-4849-B00A-9E692BAF160F} => C:\Program Files\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.) Task: {84ECABE1-6D27-4F35-B24D-A47097653C91} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001UA => C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-02] (Facebook Inc.) Task: {8EBD64E7-034C-44E5-9EA5-A9107E256D87} - System32\Tasks\{7C2F8F2D-0F2F-4070-B5C8-1E3587778465} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe Task: {9E6E4A5D-CA04-4769-A834-13A676C2A1C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated) Task: {A04CA51A-371C-45BD-A591-0BD30C59CB82} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-07-10] (AVAST Software) Task: {A8DCAAA9-C3C9-49C6-8C87-ABCEA67BAD86} - System32\Tasks\{3C6D9970-FA9A-4BA6-850C-BE01739CB678} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] () Task: {B727A09C-4347-48EC-A06A-BFB25921AE48} - System32\Tasks\{C5F9414D-5932-4580-BEB0-5C30692D63D8} => C:\Program Files\HiJaak PhoTags\Photags.exe [2003-11-20] () Task: {C8D5B2CE-64ED-492F-9C93-65A487F06717} - System32\Tasks\{D2C37CF7-85FC-48C3-8C56-5A7851D48F6A} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] () Task: {CBA114F9-CE17-466D-865B-466A52A30B33} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {D5E43B12-EC4E-47AE-86EC-B7E1F0628395} - System32\Tasks\{778098B0-D774-47A2-BFCA-02A59D9EBD53} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH) Task: {DD682428-C473-4EA8-83E3-B712ED9B861E} - System32\Tasks\{963DD8F5-CF08-4943-8F63-7207D0F920A6} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH) Task: {E198B76B-7033-456A-8363-2DC7298503AD} - System32\Tasks\{CD8D5C39-5D73-4876-B144-EAFF1BD33FA2} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] () Task: {E789FB9E-2D62-4724-94F0-93E659E5A5ED} - System32\Tasks\{E6778CA5-5858-4BFD-976E-4E90F5DABA66} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe Task: {EB3A1CC3-62E6-41C7-AB56-1014FDBB79D1} - System32\Tasks\{D110E03A-DEFD-42E5-8E6E-D5E59255B5C4} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe Task: {EF3DFE40-E69D-46A4-8D1A-8775EA636466} - System32\Tasks\WinMaximizer-Alfred-Startup => C:\Program Files\WinMaximizer\WinMaximizer.exe Task: {F188BF71-8C9A-4DC8-958D-7D5FFB3BC19D} - System32\Tasks\{51276E92-74E9-4AA0-BE8A-922FB198C613} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe Task: {F57957DB-BCE6-4F5A-B7F4-E499B7DE3B56} - System32\Tasks\{E90496A1-8D06-431E-B2E9-C1C5131C8672} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH) Task: {FFDF30F4-753A-485B-A2E1-261CDCAF460F} - System32\Tasks\{CB79EFD9-13E7-4878-A666-5446756011BE} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001Core.job => C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001UA.job => C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\WinMaximizer-Alfred-Startup.job => C:\Program Files\WinMaximizer\WinMaximizer.exe ==================== Loaded Modules (whitelisted) ============= 2014-07-10 07:30 - 2014-07-10 07:30 - 00301152 ____N () C:\Program Files\Alwil Software\Avast5\aswProperty.dll 2014-09-23 18:20 - 2014-09-23 18:20 - 02865152 _____ () C:\Program Files\Alwil Software\Avast5\defs\14092300\algo.dll 2014-09-24 11:18 - 2014-09-24 11:18 - 02865152 _____ () C:\Program Files\Alwil Software\Avast5\defs\14092301\algo.dll 2014-09-24 21:36 - 2014-09-24 21:36 - 02866688 _____ () C:\Program Files\Alwil Software\Avast5\defs\14092400\algo.dll 2013-12-25 23:41 - 2013-08-30 06:08 - 00088864 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-07-04 16:35 - 2013-05-15 01:50 - 00140936 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE 2010-08-09 19:14 - 2010-02-12 21:20 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe 2011-11-14 22:46 - 2009-11-07 00:52 - 00312784 ____N () C:\Program Files\3DataManager\WTGService.exe 2009-11-03 04:20 - 2009-11-03 04:20 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-03 04:23 - 2009-11-03 04:23 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll 2012-04-16 20:59 - 2010-11-24 19:39 - 00129872 ____N () C:\Program Files\Cyrus\AutoDect.exe 2014-07-10 07:30 - 2014-07-10 07:30 - 19329904 ____N () C:\Program Files\Alwil Software\Avast5\libcef.dll 2011-09-01 01:13 - 2011-09-01 01:13 - 00094208 ____N () C:\Windows\System32\IccLibDll.dll 2014-09-23 21:21 - 2014-09-23 21:21 - 00043008 _____ () c:\users\alfred\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw9nfov.dll 2013-08-24 02:01 - 2013-08-24 02:01 - 25100288 _____ () C:\Users\Alfred\AppData\Roaming\Dropbox\bin\libcef.dll 2014-09-11 03:38 - 2014-09-11 03:38 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\03d9e855a8969bf00dd1bfeafa5d055e\IsdiInterop.ni.dll 2010-08-09 19:36 - 2010-03-04 10:08 - 00058880 ____N () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2014-09-18 21:15 - 2014-09-18 21:14 - 01372280 _____ () C:\Program Files\Opera\24.0.1558.61\opera_crashreporter.exe 2014-09-18 21:15 - 2014-09-18 21:14 - 01378936 _____ () C:\Program Files\Opera\24.0.1558.61\libglesv2.dll 2014-09-18 21:15 - 2014-09-18 21:14 - 00182392 _____ () C:\Program Files\Opera\24.0.1558.61\libegl.dll 2014-09-18 21:15 - 2014-09-18 21:14 - 00974968 _____ () C:\Program Files\Opera\24.0.1558.61\ffmpegsumo.dll 2014-09-10 21:45 - 2014-09-10 21:45 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:8CE646EE ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3104 Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3104 Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2090 Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2090 Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1029 Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1029 Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/24/2014 10:16:21 AM) (Source: Google Update) (EventID: 20) (User: Alfred-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7 System errors: ============= Error: (09/23/2014 09:19:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: tcpipBM Error: (09/23/2014 03:21:03 PM) (Source: BROWSER) (EventID: 8032) (User: ) Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{91734A2F-C336-4BE9-8362-AA7479B0E354}" zu oft fehl. Der Sicherungssuchdienst wird beendet. Error: (09/23/2014 03:04:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: tcpipBM Error: (09/23/2014 03:03:34 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 18.09.2014 um 21:42:35 unerwartet heruntergefahren. Error: (09/11/2014 08:26:31 PM) (Source: iviVD) (EventID: 117) (User: ) Description: Der Treiber für Gerät "\Device\Scsi\iviVD1" hat eine Portzeitüberschreitung aufgrund längerer mangelnder Aktivität ermittelt. Alle assoziierten Busse werden zurückgesetzt, um den Fehler zu beheben. Error: (09/11/2014 08:04:55 AM) (Source: iviVD) (EventID: 117) (User: ) Description: Der Treiber für Gerät "\Device\Scsi\iviVD1" hat eine Portzeitüberschreitung aufgrund längerer mangelnder Aktivität ermittelt. Alle assoziierten Busse werden zurückgesetzt, um den Fehler zu beheben. Error: (09/11/2014 03:31:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: tcpipBM Error: (09/11/2014 03:07:29 AM) (Source: iviVD) (EventID: 117) (User: ) Description: Der Treiber für Gerät "\Device\Scsi\iviVD1" hat eine Portzeitüberschreitung aufgrund längerer mangelnder Aktivität ermittelt. Alle assoziierten Busse werden zurückgesetzt, um den Fehler zu beheben. Error: (09/09/2014 09:23:10 PM) (Source: iviVD) (EventID: 117) (User: ) Description: Der Treiber für Gerät "\Device\Scsi\iviVD1" hat eine Portzeitüberschreitung aufgrund längerer mangelnder Aktivität ermittelt. Alle assoziierten Busse werden zurückgesetzt, um den Fehler zu beheben. Error: (09/08/2014 06:52:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Virtueller Datenträger" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3104 Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3104 Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2090 Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2090 Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1029 Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1029 Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/24/2014 10:16:21 AM) (Source: Google Update) (EventID: 20) (User: Alfred-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz Percentage of memory in use: 50% Total physical RAM: 3253.42 MB Available physical RAM: 1614.21 MB Total Pagefile: 6505.13 MB Available Pagefile: 4336.57 MB Total Virtual: 2047.88 MB Available Virtual: 1926.06 MB ==================== Drives ================================ Drive c: (Boot) (Fixed) (Total:565.07 GB) (Free:68.31 GB) NTFS Drive d: (Recover) (Fixed) (Total:30 GB) (Free:9.58 GB) NTFS Drive h: (TRANSCEND) (Removable) (Total:3.76 GB) (Free:2.42 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 596.2 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=565.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=3.8 GB) - (Type=0B) ==================== End Of Log ============================ Vielen Dank und Viele Grüße Alfred |
hi, Scan mit Combofix
|
| Alle Zeitangaben in WEZ +1. Es ist jetzt 11:43 Uhr. |
Copyright ©2000-2025, Trojaner-Board
WARNUNG an die MITLESER: