humphrey24 | 29.08.2014 11:13 |
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:26-08-2014
Ran by Boris (administrator) on BORIS-PC on 29-08-2014 12:07:55
Running from C:\Users\Boris\Downloads
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SMART Technologies ULC.) C:\Program Files\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\VantageService.exe
(SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe
(SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\DesktopMenu.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\Boris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Joyent, Inc) C:\Program Files\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [68640 2007-01-08] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SMARTClassroomCoordinator.exe] => C:\Program Files\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe [485232 2011-06-22] (SMART Technologies ULC.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [VantageService] => C:\Program Files\SMART Technologies\Education Software\VantageService.exe [190800 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART Board Tools] => C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe [9279824 2013-01-31] (SMART Technologies ULC)
HKLM\...\Run: [sbsdk-server] => C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62800 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART Board Service] => C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe [2111824 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART SNMP Agent] => C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe [968528 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART Ink] => C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe [99152 2013-03-04] (SMART Technologies)
HKLM\...\Run: [Response Desktop Menu] => C:\Program Files\SMART Technologies\Education Software\DesktopMenu.exe [1028944 2013-05-23] (SMART Technologies ULC)
HKLM\...\Run: [ResponseConnectorService] => C:\Program Files\SMART Technologies\Education Software\response-connector-server\NodeLauncher.exe [40448 2013-05-23] (SMART Technologies)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2012-02-15] (Sony Corporation)
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.samsungcomputer.com/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
Toolbar: HKLM - SMART Sync - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files\SMART Technologies\Education Software\SyncIEToolbar.dll (SMART Technologies ULC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Test Pilot - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\pwqe3lw3.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-11-02]
FF Extension: GMX MailCheck - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\pwqe3lw3.default\Extensions\toolbar@gmx.net.xpi [2012-10-16]
FF Extension: GMX MailCheck - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris\Extensions\toolbar@gmx.net [2014-07-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-08-02]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR CustomProfile: C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2013-08-15] (Flexera Software LLC)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
R2 Response Hardware; C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe [20304 2013-05-23] (SMART Technologies ULC)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] () [File not signed]
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SMARTHelperService; C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe [582992 2013-03-07] (SMART Technologies)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-04-16] (SAMSUNG ELECTRONICS CO., LTD.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKslaa7ac15c; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7A3A0D51-EE3C-407D-8C2E-877E320D8B2F}\MpKslaa7ac15c.sys [39464 2014-08-29] (Microsoft Corporation)
S3 MWAC; \??\C:\Windows\system32\drivers\ [0 ] () [File not signed]
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R3 SMARTMouseFilterx86; C:\Windows\System32\DRIVERS\SMARTMouseFilterx86.sys [8192 2013-03-07] (SMART Technologies)
R3 SMARTVHidMini2000x86; C:\Windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [7680 2013-03-07] (SMART Technologies)
R3 SMARTVTabletPCx86; C:\Windows\System32\DRIVERS\SMARTVTabletPCx86.sys [15872 2013-03-07] (SMART Technologies ULC)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Boris\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VMC302; System32\Drivers\VMC302.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 12:07 - 2014-08-29 12:08 - 00016864 _____ () C:\Users\Boris\Downloads\FRST.txt
2014-08-29 12:07 - 2014-08-29 12:08 - 00000000 ____D () C:\FRST
2014-08-29 12:06 - 2014-08-29 12:07 - 01095168 _____ (Farbar) C:\Users\Boris\Downloads\FRST.exe
2014-08-29 11:06 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 11:06 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-17 20:39 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 20:39 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 20:39 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 20:39 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 20:09 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-17 20:09 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-17 20:09 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-17 20:09 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-17 20:09 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-17 20:08 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-17 20:08 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-17 20:08 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-17 20:06 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-17 20:06 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-17 20:06 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-17 20:06 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-17 20:06 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-17 20:06 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-17 20:06 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-17 20:06 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-17 20:06 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-17 20:06 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-17 20:06 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-17 20:06 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-17 20:06 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-17 20:06 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-17 20:06 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-17 20:06 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-17 20:06 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-17 20:06 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-17 20:06 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-17 20:06 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-17 20:06 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 12:08 - 2014-08-29 12:07 - 00016864 _____ () C:\Users\Boris\Downloads\FRST.txt
2014-08-29 12:08 - 2014-08-29 12:07 - 00000000 ____D () C:\FRST
2014-08-29 12:07 - 2014-08-29 12:06 - 01095168 _____ (Farbar) C:\Users\Boris\Downloads\FRST.exe
2014-08-29 12:06 - 2012-07-30 16:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-29 11:40 - 2008-06-20 04:48 - 01353880 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 11:15 - 2012-09-26 13:16 - 00000000 ___RD () C:\Users\Boris\Dropbox
2014-08-29 11:15 - 2012-09-26 13:13 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\Dropbox
2014-08-29 11:14 - 2008-08-02 17:23 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-08-29 11:12 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 11:12 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 11:12 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 11:11 - 2006-11-02 14:47 - 00394024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 11:08 - 2008-04-16 01:00 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-08-29 11:08 - 2006-11-02 15:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-23 03:03 - 2014-08-29 11:06 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-08-29 11:06 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-17 22:00 - 2012-07-30 16:44 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-08-17 22:00 - 2012-07-30 16:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-08-17 21:56 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-17 21:51 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-17 21:43 - 2006-11-02 12:33 - 01566310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 21:39 - 2012-09-26 13:16 - 00000925 _____ () C:\Users\Boris\Desktop\Dropbox.lnk
2014-08-17 21:39 - 2012-09-26 13:13 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-17 21:31 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-17 20:45 - 2013-07-14 17:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 20:42 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Some content of TEMP:
====================
C:\Users\Boris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6aeqtt.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-29 11:17
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:26-08-2014
Ran by Boris at 2014-08-29 12:08:53
Running from C:\Users\Boris\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
ATI Catalyst Install Manager (HKLM\...\{9DCC214C-CD1A-1115-6775-A9056185FE4E}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
AVStation Now (HKLM\...\InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}) (Version: 4.0.10.6 - Ihr Firmenname)
AVStation Now (Version: 4.0.10.6 - Ihr Firmenname) Hidden
Catalyst Control Center - Branding (HKLM\...\{2433BAD7-453F-473D-BE81-455E68940DEB}) (Version: 1.00.0000 - ATI)
Catalyst Control Center Core Implementation (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0318.2139.36886 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0318.2139.36886 - ATI) Hidden
CCC Help Chinese Standard (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Czech (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Danish (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Dutch (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help English (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Finnish (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help French (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help German (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Greek (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Hungarian (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Italian (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Japanese (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Korean (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Polish (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Portuguese (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Russian (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Spanish (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Swedish (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Thai (Version: 2008.0318.2138.36886 - ATI) Hidden
CCC Help Turkish (Version: 2008.0318.2138.36886 - ATI) Hidden
ccc-core-static (Version: 2008.0318.2139.36886 - Ihr Firmenname) Hidden
ccc-utility (Version: 2008.0318.2139.36886 - ATI) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.2103 - CyberLink Corporation)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.1 - )
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Easy Network Manager 3.0 (HKLM\...\InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}) (Version: 3.0.0.0 - Ihr Firmenname)
Easy Network Manager 3.0 (Version: 3.0.0.0 - Ihr Firmenname) Hidden
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.0.14 - )
imagine digital freedom - Samsung (HKLM\...\{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}) (Version: 1.0.2.0 - Samsung Electronics Co., LTD)
LabelPrint 2.0 (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: - )
LightScribe 1.8.15.1 (Version: 1.8.15.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.50701 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Pelikan Schulschriften (HKLM\...\Lateinische Ausgangsschrift LA_is1) (Version: - Will Software)
Pelikan Schulschriften (HKLM\...\Vereinfachte Ausgangsschrift VA_is1) (Version: - Will Software)
Play AVStation (HKLM\...\InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}) (Version: 4.1.20.47 - Ihr Firmenname)
Play AVStation (Version: 4.1.20.47 - Ihr Firmenname) Hidden
PlayCamera (HKLM\...\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}) (Version: 1.0.1.1 - )
PlayMemories Home (HKLM\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation)
Power2Go 5.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: - )
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2802.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 074429(3.7)_Vista_SSPC - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5433 - Realtek Semiconductor Corp.)
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.00 - Samsung Electronics Co., LTD)
Samsung Recovery Solution II (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 1.0.3.21 - Samsung)
Samsung Update Plus (HKLM\...\InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}) (Version: 1.3.0.11 - Samsung Electronics Co., LTD)
Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Hidden
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skins (Version: 2008.0318.2139.36886 - ATI) Hidden
SMART Common Files (HKLM\...\{9057211D-439A-4C0D-95DE-498CF54ADF8C}) (Version: 11.3.267.0 - SMART Technologies ULC)
SMART English (United Kingdom) Language Pack (HKLM\...\{2B2404AA-35DF-4BF3-A8F2-BAFC8F7174C5}) (Version: 11.2.29.0 - SMART Technologies ULC)
SMART German Language Pack (HKLM\...\{FE34C5E6-CC3D-4C26-969A-0C2CAFB34658}) (Version: 11.2.29.0 - SMART Technologies ULC)
SMART Ink (HKLM\...\{F0E390A2-AB03-4077-83C4-F12D3A65493D}) (Version: 1.1.549.1 - SMART Technologies ULC)
SMART Notebook (HKLM\...\{82E3F365-86BD-4EA8-80CA-F498EBE89537}) (Version: 11.2.637.0 - SMART Technologies ULC)
SMART Product Drivers (HKLM\...\{E91FBB79-D736-4834-A1AB-2A5CDD2DB7E7}) (Version: 11.1.669.0 - SMART Technologies ULC)
SMART Response Software (HKLM\...\{2D13D1AD-856F-4C63-BBF1-C2963197F4D0}) (Version: 4.6.962.0 - SMART Technologies ULC)
SMART Sync Teacher (HKLM\...\{9D81615E-B150-488B-90CA-1159E2113BE3}) (Version: 10.0.576.0 - SMART Technologies ULC)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.2.0 - Synaptics)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.5000 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.5000 - WIDCOMM, Inc.)
WINZD 2013-08 Rev. 2 (HKLM\...\WINZD_is1) (Version: - R. Aquila, F. Ostermeier)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}\InprocServer32 -> C:\Users\Boris\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAB~1.DLL No File
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File
CustomCLSID: HKU\S-1-5-21-1411231321-3497987553-1682086313-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File
==================== Restore Points =========================
24-07-2014 07:53:30 Geplanter Prüfpunkt
24-07-2014 10:36:58 Windows Update
25-07-2014 12:31:21 Geplanter Prüfpunkt
26-07-2014 10:36:10 Geplanter Prüfpunkt
27-07-2014 11:45:35 Windows Update
28-07-2014 09:18:44 Geplanter Prüfpunkt
29-07-2014 16:18:15 Geplanter Prüfpunkt
30-07-2014 17:48:02 Geplanter Prüfpunkt
31-07-2014 14:14:36 Windows Update
01-08-2014 20:44:38 Geplanter Prüfpunkt
17-08-2014 18:14:29 Windows Update
17-08-2014 18:26:13 Windows Update
18-08-2014 22:42:41 Geplanter Prüfpunkt
19-08-2014 12:12:25 Geplanter Prüfpunkt
25-08-2014 20:00:29 Windows Update
27-08-2014 12:02:30 Geplanter Prüfpunkt
29-08-2014 08:02:02 Windows Update
29-08-2014 09:06:37 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2A4D15FE-A6A3-431A-9B29-B99542F8855A} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2008-01-19] (Microsoft Corporation)
Task: {2AA082C7-4803-4954-B360-FF0E5BC76E68} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-01-02] (SAMSUNG Electronics co., LTD.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {82583C58-CBA8-4AC1-A74E-8CE24ADE034E} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2007-12-28] (Samsung Electronics Co., Ltd.)
Task: {892E0D52-AE03-47D7-AF89-5B50DF16F46D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-17] (Adobe Systems Incorporated)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {A9DAF8CD-A4DE-4080-94AE-23539E23E9CD} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E4CC2C7B-D48C-43CE-A8B2-271DF3EE05EC} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {E99D3AFB-F7A8-4342-83DF-318615AF5CEB} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {EC7BFDA4-4533-4C92-95E6-2AFF5B0DDB81} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-07-05] (Samsung Electronics Co., Ltd.)
Task: {F8A5340B-69BF-4AEE-9F50-6E30203EF659} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2007-06-01] (SAMSUNG Electronics)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-12-11 20:18 - 2012-12-11 20:18 - 02364840 _____ () C:\Windows\WinSxS\x86_smarttech.xqilla.vc100.1.1_9ca15c999435ee05_1.0.1.0_none_1bed397492abdaf4\xqilla-vc100-1_0.dll
2012-12-11 20:11 - 2012-12-11 20:11 - 00066976 _____ () C:\Windows\WinSxS\x86_smarttech.zlib.vc100.1.2_9ca15c999435ee05_1.0.1.0_none_a9eddec61c291613\zlib1-vc100-mt-1.2.dll
2012-12-11 20:11 - 2012-12-11 20:11 - 02310056 _____ () C:\Windows\WinSxS\x86_smarttech.redland.vc100.1.0_9ca15c999435ee05_1.0.1.0_none_abdcef110f80cf28\redland-vc100-1_0_9.dll
2012-12-11 20:10 - 2012-12-11 20:10 - 00051120 _____ () C:\Windows\WinSxS\x86_smarttech.boost_date_time.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_50d6b3902c95d15a\boost_date_time-vc100-mt-1_44.dll
2012-12-11 20:10 - 2012-12-11 20:10 - 00145328 _____ () C:\Windows\WinSxS\x86_smarttech.boost_filesystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_73736a4543634e09\boost_filesystem-vc100-mt-1_44.dll
2012-12-11 20:11 - 2012-12-11 20:11 - 00022440 _____ () C:\Windows\WinSxS\x86_smarttech.boost_system.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_3b5a2197c9e04a1f\boost_system-vc100-mt-1_44.dll
2012-12-11 20:11 - 2012-12-11 20:11 - 00054184 _____ () C:\Windows\WinSxS\x86_smarttech.boost_thread.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_472b4edec4bf8550\boost_thread-vc100-mt-1_44.dll
2012-12-11 20:10 - 2012-12-11 20:11 - 00053680 _____ () C:\Windows\WinSxS\x86_smarttech.boost_signals.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_8ce60f5e6bc42419\boost_signals-vc100-mt-1_44.dll
2008-04-16 01:22 - 2006-12-19 15:23 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2008-04-15 07:40 - 2008-03-18 15:04 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-04-16 03:14 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-04-16 01:43 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2008-04-16 01:37 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2008-04-16 01:37 - 2006-09-19 02:52 - 00028672 _____ () C:\Program Files\Samsung\Easy Display Manager\WinMove.dll
2012-12-11 20:41 - 2012-12-11 20:41 - 02996648 _____ () C:\Windows\WinSxS\x86_smarttech.xqilla.vc100.2.1_9ca15c999435ee05_1.0.1.0_none_1bed22ac92abf495\xqilla21.dll
2011-06-22 09:19 - 2011-06-22 09:19 - 00070656 _____ () C:\Program Files\SMART Technologies\Education Software\libLogger-vc100-2_0.dll
2012-12-11 20:11 - 2012-12-11 20:11 - 00948128 _____ () C:\Windows\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_none_421d23a1fa0a055d\QtNetwork4.dll
2012-12-11 20:11 - 2012-12-11 20:11 - 02296736 _____ () C:\Windows\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_none_421d23a1fa0a055d\QtCore4.dll
2012-12-11 20:11 - 2012-12-11 20:11 - 08266656 _____ () C:\Windows\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_none_421d23a1fa0a055d\QtGui4.dll
2012-12-11 20:10 - 2012-12-11 20:10 - 00524712 _____ () C:\Windows\WinSxS\x86_smarttech.boost_regex.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_cae4ebd2526cf46f\boost_regex-vc100-mt-1_44.dll
2013-08-15 21:43 - 2013-08-15 21:43 - 01488264 _____ () C:\Windows\WinSxS\x86_smarttech.activation2.vc100.1.0_37a8c5fef6a21868_1.0.5.0_none_00c39a87f368724c\activation2-vc100-mt-s-x86.dll
2007-04-24 11:32 - 2007-04-24 11:32 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2014-08-29 11:15 - 2014-08-29 11:15 - 00043008 _____ () c:\users\boris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6aeqtt.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Boris\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-07 16:40 - 2013-03-07 16:40 - 00458064 _____ () C:\Program Files\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2013-03-07 16:40 - 2013-03-07 16:40 - 00036688 _____ () C:\Program Files\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2008-03-18 05:21 - 2008-03-18 05:21 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-12-11 20:18 - 2012-12-11 20:18 - 01030048 _____ () C:\Windows\WinSxS\x86_smarttech.js.vc70.1.8_37a8c5fef6a21868_1.0.2.1_none_e909cd048128eadf\js32.dll
2013-05-23 16:08 - 2013-05-23 16:08 - 00460800 _____ () C:\Program Files\SMART Technologies\Education Software\ziparchive-vc100-3_1_1a.dll
2014-07-22 18:28 - 2014-07-22 18:28 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/29/2014 08:59:43 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (08/26/2014 04:20:36 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (08/26/2014 09:05:48 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (08/25/2014 11:47:12 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (08/19/2014 00:43:28 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (08/18/2014 03:18:41 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (08/18/2014 03:18:13 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/18/2014 03:18:13 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/18/2014 03:18:08 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/18/2014 03:18:08 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\BORIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BK86VV7L.BORIS\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
System errors:
=============
Error: (08/29/2014 11:15:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0228576F-6E6C-4E1A-B175-0E46A316AFE2}
Error: (08/29/2014 11:12:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (08/29/2014 10:10:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070643Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.183.889.0){FC80FACF-617A-44DC-A9B8-E0D3E98ABF8C}201
Error: (08/29/2014 10:09:15 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (08/29/2014 10:08:53 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
Description: Beim Aktualisieren des Moduls wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Modulversion:
Vorherige Modulversion:
Modultyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Fehlercode: %NT-AUTORITÄT601
Fehlerbeschreibung: %NT-AUTORITÄT602
Error: (08/29/2014 10:08:53 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion:
Aktualisierungsquelle: %NT-AUTORITÄT15 |