Guten Abend,
hier das Fixlog: Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-03-2015 03
Ran by Sonja at 2015-03-08 22:15:57 Run:1
Running from C:\Users\Sonja\Desktop
Loaded Profiles: UpdatusUser & Sonja (Available profiles: UpdatusUser & Sonja)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\ProgramData\{dc73b5bd-2ead-65a6-dc73-3b5bd2ead6f4}
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30DI4YPV\SearchUpdater[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30DI4YPV\SmartWebInstaller[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30DI4YPV\VOsrv[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\BlockAndSurf_2222-5510[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\check[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\Setup[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\setup[1].exe_a
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\Update_Notifier[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKP3CR5Z\dl[1].htm
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKP3CR5Z\JOSrv[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\AnyProtectSetup[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\Setup[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\setup_gmsd_de[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\SFSetup[1].exe
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\VOPackage[1].exe
C:\Users\Sonja\AppData\Roaming\IVFLS
C:\Users\Sonja\AppData\Roaming\SX
C:\Users\Sonja\AppData\Roaming\38FAE90D-1424287507-E111-9C39-DC0EA126DAF4\Uninstall.exe
C:\Users\Sonja\AppData\Roaming\38FAE90D-1424287507-E111-9C39-DC0EA126DAF4\vnsqC177.tmp
C:\Users\Sonja\Downloads\adobe_flash_setup.exe
C:\Users\Sonja\Downloads\aren117-20070111-Downloader.exe
C:\Users\Sonja\Downloads\computerbild_downloader_fuer_winzip.exe
C:\Users\Sonja\Downloads\PDFCreator-1_6_1_setup.exe
C:\Users\Sonja\Downloads\PDFCreator-1_6_2_setup.exe
C:\Users\Sonja\Downloads\PDFCreator-1_7_3_setup.exe
C:\Users\Sonja\Downloads\PDFCreator-1_9_1-setup-beta.exe
C:\Users\Sonja\Downloads\wz170-32gev.msi
C:\Users\Sonja\Downloads\zafwSetupWeb_102_057_000.exe
C:\Users\Sonja\Downloads\zafwSetupWeb_102_081_000.exe
C:\Users\Sonja\Downloads\zafwSetupWeb_110_000_038.exe
C:\zoek_backup\C_PROGRA~2_File Type Assistant\tsassist.exe
S2 e47f97f2; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\SystemPower\SystemPower.dll",serv
c:\Program Files (x86)\SystemPower
Emptytemp:
*****************
C:\ProgramData\{dc73b5bd-2ead-65a6-dc73-3b5bd2ead6f4} => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30DI4YPV\SearchUpdater[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30DI4YPV\SmartWebInstaller[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30DI4YPV\VOsrv[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\BlockAndSurf_2222-5510[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\check[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\Setup[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\setup[1].exe_a => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PUV1RBE\Update_Notifier[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKP3CR5Z\dl[1].htm => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKP3CR5Z\JOSrv[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\AnyProtectSetup[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\Setup[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\setup_gmsd_de[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\SFSetup[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELS9B15D\VOPackage[1].exe => Moved successfully.
C:\Users\Sonja\AppData\Roaming\IVFLS => Moved successfully.
C:\Users\Sonja\AppData\Roaming\SX => Moved successfully.
C:\Users\Sonja\AppData\Roaming\38FAE90D-1424287507-E111-9C39-DC0EA126DAF4\Uninstall.exe => Moved successfully.
C:\Users\Sonja\AppData\Roaming\38FAE90D-1424287507-E111-9C39-DC0EA126DAF4\vnsqC177.tmp => Moved successfully.
C:\Users\Sonja\Downloads\adobe_flash_setup.exe => Moved successfully.
C:\Users\Sonja\Downloads\aren117-20070111-Downloader.exe => Moved successfully.
C:\Users\Sonja\Downloads\computerbild_downloader_fuer_winzip.exe => Moved successfully.
C:\Users\Sonja\Downloads\PDFCreator-1_6_1_setup.exe => Moved successfully.
C:\Users\Sonja\Downloads\PDFCreator-1_6_2_setup.exe => Moved successfully.
C:\Users\Sonja\Downloads\PDFCreator-1_7_3_setup.exe => Moved successfully.
C:\Users\Sonja\Downloads\PDFCreator-1_9_1-setup-beta.exe => Moved successfully.
C:\Users\Sonja\Downloads\wz170-32gev.msi => Moved successfully.
C:\Users\Sonja\Downloads\zafwSetupWeb_102_057_000.exe => Moved successfully.
C:\Users\Sonja\Downloads\zafwSetupWeb_102_081_000.exe => Moved successfully.
C:\Users\Sonja\Downloads\zafwSetupWeb_110_000_038.exe => Moved successfully.
C:\zoek_backup\C_PROGRA~2_File Type Assistant\tsassist.exe => Moved successfully.
e47f97f2 => Service deleted successfully.
"c:\Program Files (x86)\SystemPower" => File/Directory not found.
EmptyTemp: => Removed 560.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 22:17:17 ====
Hier das frische FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by Sonja (administrator) on PC on 08-03-2015 22:24:45
Running from C:\Users\Sonja\Desktop
Loaded Profiles: UpdatusUser & Sonja (Available profiles: UpdatusUser & Sonja)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\Program Files (x86)\Lidl_Fotos\dd.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Users\Sonja\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\WLMerger.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-608024502-4260226369-3383888787-1000\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\...\Run: [Device Detection] => C:\Program Files (x86)\Lidl_Fotos\dd.exe [860528 2014-11-26] ()
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\...\Run: [Amazon Music] => C:\Users\Sonja\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [450048 2011-09-13] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Die Prinzen Millionar.mp3.lnk
ShortcutTarget: Die Prinzen Millionar.mp3.lnk -> C:\ProgramData\{b11f671d-3060-98e6-b11f-f671d3069c74}\Die Prinzen Millionar.mp3.exe (No File)
Startup: C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\die prinzen kssen verboten.lnk
ShortcutTarget: die prinzen kssen verboten.lnk -> C:\ProgramData\{d075ee4c-e609-54bb-d075-5ee4ce60b933}\die prinzen kssen verboten.exe (No File)
Startup: C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B0&OHP=www.google.com&OSP=
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-608024502-4260226369-3383888787-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\rajhh0q2.default-1409765728724
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-02-18] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-608024502-4260226369-3383888787-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\rajhh0q2.default-1409765728724\searchplugins\google-images.xml [2014-09-27]
FF SearchPlugin: C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\rajhh0q2.default-1409765728724\searchplugins\google-maps.xml [2014-09-27]
FF Extension: Adblock Plus - C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\rajhh0q2.default-1409765728724\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-21]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-07]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Sonja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Secure Downloader) - C:\Users\Sonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\njbcfghpoodhahbegndmbojmgkibhiol [2015-02-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Sonja\AppData\Local\Temp\7zS1AA1\hpslpsvc64.dll [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 acedrv06; C:\Windows\system32\drivers\acedrv06.sys [147456 2012-10-09] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 19:59 - 2015-03-08 22:15 - 00000000 ____D () C:\Users\Sonja\Desktop\FRST-OlderVersion
2015-03-07 19:57 - 2015-03-07 19:57 - 00852604 _____ () C:\Users\Sonja\Downloads\SecurityCheck.exe
2015-03-07 19:55 - 2015-03-07 19:55 - 00852604 _____ () C:\Users\Sonja\Desktop\SecurityCheck.exe
2015-03-07 15:09 - 2015-03-07 15:09 - 02347384 _____ (ESET) C:\Users\Sonja\Desktop\esetsmartinstaller_deu.exe
2015-03-07 11:24 - 2015-03-07 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 22:42 - 2015-03-06 22:42 - 00001679 _____ () C:\Users\Sonja\Desktop\JRT.txt
2015-03-06 22:38 - 2015-03-06 22:38 - 01388333 _____ (Thisisu) C:\Users\Sonja\Desktop\JRT.exe
2015-03-06 22:20 - 2015-03-06 22:21 - 02126848 _____ () C:\Users\Sonja\Desktop\AdwCleaner_4.111.exe
2015-03-06 22:17 - 2015-03-06 22:17 - 00003163 _____ () C:\Users\Sonja\Desktop\mbam.txt
2015-03-05 14:36 - 2015-03-05 14:36 - 00026706 _____ () C:\ComboFix.txt
2015-03-05 14:36 - 2015-03-05 14:36 - 00000000 ____D () C:\Users\TEMP
2015-03-05 14:16 - 2015-03-05 14:36 - 00000000 ____D () C:\Qoobox
2015-03-05 14:16 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-05 14:16 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-05 14:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-05 14:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-05 14:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-05 14:16 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-05 14:16 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-05 14:16 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-05 14:15 - 2015-03-05 14:34 - 00000000 ____D () C:\Windows\erdnt
2015-03-05 14:13 - 2015-03-05 14:13 - 05612482 ____R (Swearware) C:\Users\Sonja\Desktop\ComboFix.exe
2015-03-04 12:03 - 2015-03-04 12:03 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-03 22:21 - 2015-03-03 22:21 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sonja\Desktop\tdsskiller.exe
2015-03-02 19:59 - 2015-03-02 19:59 - 01182149 _____ () C:\Users\Sonja\Downloads\7z936.exe
2015-03-02 19:07 - 2015-03-03 23:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-02 19:03 - 2015-03-03 23:07 - 00000000 ____D () C:\Users\Sonja\Desktop\mbar
2015-03-02 18:08 - 2015-03-02 18:09 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sonja\Desktop\mbar-1.09.1.1004.exe
2015-03-02 08:49 - 2015-03-02 08:49 - 00014138 _____ () C:\Users\Sonja\Desktop\GMER.log
2015-03-02 08:01 - 2015-03-02 08:05 - 00036665 _____ () C:\Users\Sonja\Desktop\Addition.txt
2015-03-02 07:59 - 2015-03-08 22:25 - 00019488 _____ () C:\Users\Sonja\Desktop\FRST.txt
2015-03-02 07:58 - 2015-03-08 22:24 - 00000000 ____D () C:\FRST
2015-03-02 07:54 - 2015-03-02 07:55 - 00000472 _____ () C:\Users\Sonja\Desktop\defogger_disable.log
2015-03-02 07:54 - 2015-03-02 07:54 - 00000000 _____ () C:\Users\Sonja\defogger_reenable
2015-03-02 07:49 - 2015-03-02 07:49 - 00380416 _____ () C:\Users\Sonja\Desktop\Gmer-19357.exe
2015-03-02 07:46 - 2015-03-08 22:15 - 02095104 _____ (Farbar) C:\Users\Sonja\Desktop\FRST64.exe
2015-03-02 07:39 - 2015-03-02 07:39 - 00050477 _____ () C:\Users\Sonja\Desktop\Defogger.exe
2015-02-25 21:06 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 21:06 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-18 20:38 - 2015-02-18 20:38 - 00000042 _____ () C:\Users\Sonja\AppData\Roaming\WB.CFG
2015-02-18 20:23 - 2015-02-18 20:23 - 00000000 ____D () C:\Program Files (x86)\Secure Downloader
2015-02-18 20:06 - 2015-02-18 20:06 - 00003140 _____ () C:\Windows\System32\Tasks\{8F3DEAAE-1ECC-4362-B02C-A4F771F9C2C7}
2015-02-18 19:41 - 2015-02-18 19:41 - 00000000 __SHD () C:\Users\Sonja\AppData\Local\EmieUserList
2015-02-18 19:41 - 2015-02-18 19:41 - 00000000 __SHD () C:\Users\Sonja\AppData\Local\EmieSiteList
2015-02-18 19:41 - 2015-02-18 19:41 - 00000000 __SHD () C:\Users\Sonja\AppData\Local\EmieBrowserModeList
2015-02-18 19:41 - 2015-02-18 19:41 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-02-18 19:31 - 2015-02-18 19:31 - 00000000 ____D () C:\shoplog
2015-02-18 19:25 - 2015-03-08 22:16 - 00000000 ____D () C:\Users\Sonja\AppData\Roaming\38FAE90D-1424287507-E111-9C39-DC0EA126DAF4
2015-02-18 19:10 - 2015-03-06 22:08 - 00000000 ____D () C:\ProgramData\{d075ee4c-e609-54bb-d075-5ee4ce60b933}
2015-02-18 19:01 - 2015-02-18 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC
2015-02-18 19:01 - 2015-02-18 19:01 - 00000000 ____D () C:\Program Files (x86)\clean2PC
2015-02-18 18:56 - 2015-03-06 22:07 - 00000000 ____D () C:\Program Files (x86)\Chrome Notepad
2015-02-18 18:55 - 2015-03-06 22:08 - 00000000 ____D () C:\ProgramData\{b11f671d-3060-98e6-b11f-f671d3069c74}
2015-02-18 18:54 - 2015-03-06 22:07 - 00000000 ____D () C:\ProgramData\{2048d42c-81cc-fdba-2048-8d42c81c50b2}
2015-02-18 18:22 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-18 18:22 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-18 18:22 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-18 18:22 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-12 19:32 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 19:32 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 19:32 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 19:32 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 19:43 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 19:43 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 19:43 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 19:43 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 19:43 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 19:43 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 19:43 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 19:43 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 19:43 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 19:43 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 19:43 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 19:43 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 19:43 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 19:43 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 19:43 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 19:42 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 19:42 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 19:42 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 19:42 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 19:42 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 19:42 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 19:42 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 19:42 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 19:42 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 19:42 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 19:42 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 19:42 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 19:42 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 19:42 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 19:42 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 19:42 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 19:42 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 19:42 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 19:42 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 19:42 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 19:42 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 19:42 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 19:42 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 19:42 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 19:42 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 19:42 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 19:42 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 19:42 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 19:42 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 19:42 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 19:42 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 19:42 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 19:42 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 19:42 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 19:42 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 19:42 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 19:42 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 19:42 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 19:42 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 19:42 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 19:42 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 19:42 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 19:42 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 19:42 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 19:42 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 19:42 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 19:42 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 19:42 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 19:42 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 19:42 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 19:42 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 19:42 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 19:41 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 19:41 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 19:41 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 19:41 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 19:41 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 19:41 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 19:41 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 19:41 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 19:41 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 19:41 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 19:41 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 19:41 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 19:41 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 19:41 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 19:41 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 19:41 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 19:41 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 19:41 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 19:41 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 19:41 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 19:40 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 19:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 19:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 19:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 19:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 19:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 19:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 19:40 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 19:40 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 19:40 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 19:40 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 19:40 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 19:40 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-08 22:25 - 2012-01-12 03:20 - 01189094 _____ () C:\Windows\WindowsUpdate.log
2015-03-08 22:23 - 2013-03-10 08:25 - 00000000 ___RD () C:\Users\Sonja\Dropbox
2015-03-08 22:23 - 2013-03-10 08:24 - 00000000 ____D () C:\Users\Sonja\AppData\Roaming\Dropbox
2015-03-08 22:21 - 2014-09-10 20:43 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-08 22:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-08 22:20 - 2009-07-14 05:51 - 00139969 _____ () C:\Windows\setupact.log
2015-03-08 22:19 - 2012-06-20 20:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-08 22:19 - 2010-11-21 04:47 - 00459898 _____ () C:\Windows\PFRO.log
2015-03-08 22:12 - 2013-11-30 08:49 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-03-08 22:11 - 2014-11-27 18:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 22:11 - 2014-09-10 20:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-08 20:30 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-08 20:30 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-08 13:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-06 22:28 - 2013-11-08 21:14 - 00000000 ____D () C:\AdwCleaner
2015-03-06 22:14 - 2014-09-03 22:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-06 22:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-03-05 14:36 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-05 14:29 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-03 22:17 - 2014-09-03 22:16 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-02 08:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-02 07:54 - 2012-06-20 20:21 - 00000000 ____D () C:\Users\Sonja
2015-03-01 09:41 - 2013-02-01 09:32 - 00000000 ____D () C:\NotenBox 7
2015-02-26 18:40 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-20 18:36 - 2012-01-12 12:12 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2015-02-20 18:36 - 2012-01-12 12:12 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2015-02-20 18:36 - 2009-07-14 06:13 - 01622228 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-19 21:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2015-02-18 22:10 - 2011-10-14 04:42 - 00000000 ____D () C:\Windows\ca
2015-02-18 20:11 - 2012-06-20 20:39 - 00001051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-18 20:11 - 2012-06-20 20:39 - 00001039 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-18 20:11 - 2012-06-20 20:24 - 00001425 _____ () C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-18 19:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-18 19:38 - 2012-10-15 08:21 - 00000000 ____D () C:\Users\Sonja\AppData\Local\Adobe
2015-02-18 19:11 - 2012-07-10 19:37 - 00000000 ____D () C:\Users\Sonja\AppData\Roaming\vlc
2015-02-15 20:32 - 2012-10-09 10:50 - 00000000 ____D () C:\Users\Sonja\AppData\Roaming\Skype
2015-02-13 19:33 - 2013-03-10 08:25 - 00001015 _____ () C:\Users\Sonja\Desktop\Dropbox.lnk
2015-02-13 19:33 - 2013-03-10 08:24 - 00000000 ____D () C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-11 21:25 - 2009-07-14 05:45 - 00312256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 20:19 - 2013-11-23 21:17 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-11 20:18 - 2013-11-23 21:17 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 20:18 - 2013-11-23 21:17 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 20:18 - 2013-11-23 21:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 20:18 - 2013-08-14 08:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 20:12 - 2012-07-03 18:37 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-06 18:30 - 2014-09-10 20:43 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 18:30 - 2014-09-10 20:43 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2015-02-18 20:38 - 2015-02-18 20:38 - 0000042 _____ () C:\Users\Sonja\AppData\Roaming\WB.CFG
2013-04-02 09:54 - 2013-04-02 09:54 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-01-12 03:47 - 2012-01-12 03:49 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2012-08-03 21:19 - 2012-08-03 21:20 - 0000317 _____ () C:\ProgramData\hpzinstall.log
2014-06-09 18:47 - 2014-06-09 18:50 - 0000032 _____ () C:\ProgramData\PS.log
Some content of TEMP:
====================
C:\Users\Sonja\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptfifxd.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-07 22:37
==================== End Of Log ============================
--- --- ---
Und die Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 03
Ran by Sonja at 2015-03-08 22:27:01
Running from C:\Users\Sonja\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-608024502-4260226369-3383888787-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2002402558.48.56.35851634 - Audible, Inc.)
AWIN NotenBox 7 (HKLM-x32\...\NotenBox7_is1) (Version: 7 - AWIN Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-608024502-4260226369-3383888787-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP)
HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9015) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9015 - Secunia)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
TrueType-Font Klee 1.0 (HKLM-x32\...\{17350614-D988-4250-A77A-445361799829}_is1) (Version: 1.0 - Schroedel)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-608024502-4260226369-3383888787-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
11-02-2015 20:09:23 Windows Update
13-02-2015 08:31:29 Windows Update
16-02-2015 19:31:24 Windows Update
18-02-2015 19:42:15 Windows Update
22-02-2015 08:20:52 Windows Update
25-02-2015 20:30:45 Windows Update
25-02-2015 21:05:24 Windows Update
01-03-2015 09:56:15 Windows Update
04-03-2015 19:42:13 Windows Update
07-03-2015 19:56:40 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-03-05 14:29 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {195A5721-6A23-4CE0-8113-9878DD75A4A0} - System32\Tasks\{407D971C-04EC-456A-BCC4-881D1C970198} => pcalua.exe -a C:\Users\Sonja\Downloads\epson325180eu.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {58CEF53C-7FCA-41D0-8E2C-021BE8885ECE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {6451398E-B85E-4FDC-BB8D-1EB1C4EEA9E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-10] (Google Inc.)
Task: {980ADF53-B406-4D41-8CB5-2603E7881D2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A34191F8-4E11-4817-98A5-91CBC33333A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-10] (Google Inc.)
Task: {C2BA7755-19CB-4322-B7CA-266626AB8E6D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {CDCFD08D-4211-4E9D-AEF4-CAEB4101F5BA} - System32\Tasks\{636BF6D6-54F3-4F1D-BA55-DA06D9D27D78} => pcalua.exe -a "C:\Users\Sonja\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /initurl hxxp://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {D391597B-F761-43B1-93DF-15F76CD3BDAA} - System32\Tasks\{8F3DEAAE-1ECC-4362-B02C-A4F771F9C2C7} => pcalua.exe -a C:\Users\Sonja\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=fun
Task: {DC71D38E-FD1D-4064-913E-BED58D441B56} - System32\Tasks\{1FB4DF18-0C49-4EEB-A899-7B7C7E8EE1C7} => pcalua.exe -a C:\Users\Sonja\Downloads\epson325180eu(1).exe -d C:\Users\Sonja\Downloads
Task: {EAB27FFA-A3EE-4BAF-B6D5-616B2D83C1A9} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-12-05] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) ==============
2012-01-12 03:27 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-12-03 13:42 - 2014-11-26 15:14 - 00860528 _____ () C:\Program Files (x86)\Lidl_Fotos\dd.exe
2014-09-27 19:43 - 2014-09-06 01:54 - 06281536 _____ () C:\Users\Sonja\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-16 20:20 - 2014-10-16 20:20 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-10-14 04:15 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-608024502-4260226369-3383888787-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-608024502-4260226369-3383888787-500 - Administrator - Disabled)
Gast (S-1-5-21-608024502-4260226369-3383888787-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-608024502-4260226369-3383888787-1003 - Limited - Enabled)
Sonja (S-1-5-21-608024502-4260226369-3383888787-1001 - Administrator - Enabled) => C:\Users\Sonja
UpdatusUser (S-1-5-21-608024502-4260226369-3383888787-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/08/2015 10:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2015 10:08:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Dropbox.exe, Version: 3.2.6.0, Zeitstempel: 0x54da7104
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x1e124b40
ID des fehlerhaften Prozesses: 0xb6c
Startzeit der fehlerhaften Anwendung: 0xDropbox.exe0
Pfad der fehlerhaften Anwendung: Dropbox.exe1
Pfad des fehlerhaften Moduls: Dropbox.exe2
Berichtskennung: Dropbox.exe3
Error: (03/07/2015 07:54:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/07/2015 03:10:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/07/2015 03:09:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/07/2015 03:09:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (03/08/2015 10:24:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (03/08/2015 10:22:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error: (03/08/2015 10:21:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/08/2015 10:10:57 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/07/2015 06:57:32 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (03/08/2015 10:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2015 10:08:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dropbox.exe3.2.6.054da7104unknown0.0.0.000000000c00000051e124b40b6c01d05854ead02481C:\Users\Sonja\AppData\Roaming\Dropbox\bin\Dropbox.exeunknown0d37a531-c50e-11e4-8520-dc0ea126daf4
Error: (03/07/2015 07:54:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (03/07/2015 03:10:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sonja\Desktop\esetsmartinstaller_deu.exe
Error: (03/07/2015 03:09:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sonja\Desktop\esetsmartinstaller_deu.exe
Error: (03/07/2015 03:09:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sonja\Downloads\esetsmartinstaller_deu.exe
CodeIntegrity Errors:
===================================
Date: 2015-03-08 22:19:44.692
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-08 22:19:44.598
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-06 22:30:02.286
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-06 22:30:02.192
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-06 22:09:50.392
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-06 22:09:50.314
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-06 18:51:59.113
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-06 18:51:59.035
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-06 10:37:06.940
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-06 10:37:06.846
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 56%
Total physical RAM: 3947.86 MB
Available physical RAM: 1702.49 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 5810.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:279.99 GB) (Free:47.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 554FC5C8)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Im Moment sieht es für mich sauber aus, keine Pop-ups, Banner etc.pp. :) |
