FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-01-2015
Ran by Iris (administrator) on IRIS-PC on 18-01-2015 15:11:49
Running from C:\Users\Iris\Downloads
Loaded Profiles: Iris & (Available profiles: Iris)
Platform: Windows 7 Professional N Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: "p:\TOqtnou FIySo (x86)\tQIigR\YAwMtP\EnDjNWTXpJP\pWRICq.XGu" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHBE.EXE
(Spotify Ltd) C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Iris\AppData\Roaming\Spotify\spotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\Iris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
() C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
() C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
() C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\plugin-nm-server.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Iris\Downloads\FRST64 (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2014-05-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2014-05-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2014-05-23] (Realtek Semiconductor)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2012-01-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2014-05-23] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2037072 2014-05-10] (Nero AG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2453654641-723129125-3345877184-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE [283232 2014-05-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2453654641-723129125-3345877184-1000\...\Run: [Spotify Web Helper] => C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-2453654641-723129125-3345877184-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2453654641-723129125-3345877184-1000\...\Run: [Spotify] => C:\Users\Iris\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE [283232 2014-05-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Iris\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-10] (Spotify Ltd)
Startup: C:\Users\Iris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2453654641-723129125-3345877184-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=13765&tm=360&src=hmp
HKU\S-1-5-21-2453654641-723129125-3345877184-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=13765&tm=360&src=hmp
HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=13765&tm=360&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=13765&tm=360&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2453654641-723129125-3345877184-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=13765&tm=360&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=13765&tm=360&src=ds&p={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Iris\AppData\Roaming\Mozilla\Firefox\Profiles\Zm7DqHys.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Iris\AppData\Roaming\Mozilla\Firefox\Profiles\Zm7DqHys.default\Extensions\abs@avira.com [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-17]
Chrome:
=======
CHR HomePage: Default -> hxxp://hotmail.de/
CHR Profile: C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-23]
CHR Extension: (Google Drive) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-23]
CHR Extension: (Google-Suche) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-23]
CHR Extension: (Kaspersky Protection) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-01-17]
CHR Extension: (Avira SafeSearch) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2014-12-16]
CHR Extension: (Avira Browserschutz) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-23]
CHR Extension: (Google Mail) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-23]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2014-05-23] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2012-01-16] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2014-05-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NBService; C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe [265552 2014-05-10] (Nero AG)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg [41872 2014-08-14] () [File not signed]
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2014-05-23] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-01-17] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [818888 2015-01-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-01-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1849608 2012-09-05] (Sonix Co. Ltd.)
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-18 15:11 - 2015-01-18 15:19 - 00026459 _____ () C:\Users\Iris\Downloads\FRST.txt
2015-01-18 15:09 - 2015-01-18 15:15 - 00000000 ____D () C:\FRST
2015-01-18 14:58 - 2015-01-18 15:05 - 02126336 _____ (Farbar) C:\Users\Iris\Downloads\FRST64 (1).exe
2015-01-18 14:58 - 2015-01-18 15:04 - 02126336 _____ (Farbar) C:\Users\Iris\Downloads\FRST64.exe
2015-01-18 14:46 - 2015-01-18 14:46 - 00002543 _____ () C:\Users\Iris\Desktop\fixlist.txt
2015-01-18 14:39 - 2015-01-18 14:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-18 14:37 - 2015-01-18 14:37 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-18 14:37 - 2015-01-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-18 14:36 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-18 14:36 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-18 14:36 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-18 14:30 - 2015-01-18 14:33 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Iris\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-18 14:22 - 2015-01-18 14:22 - 00001264 _____ () C:\Users\Iris\Desktop\Revo Uninstaller.lnk
2015-01-18 14:22 - 2015-01-18 14:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-18 14:19 - 2015-01-18 14:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Iris\Downloads\revosetup.exe
2015-01-17 18:06 - 2015-01-17 18:06 - 00262144 _____ () C:\Windows\system32\config\elam
2015-01-17 15:53 - 2015-01-17 15:53 - 04514312 _____ (Avira Operations & Co. KG) C:\Users\Iris\Downloads\avira_de_av_5788563885__ws (2).exe
2015-01-17 15:51 - 2015-01-17 15:51 - 00002091 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2015-01-17 15:51 - 2015-01-17 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2015-01-17 15:51 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-01-17 15:50 - 2015-01-18 14:33 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-17 15:50 - 2015-01-17 15:50 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-01-17 15:50 - 2015-01-17 15:50 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-01-17 15:50 - 2014-08-12 18:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-01-17 15:34 - 2015-01-17 15:54 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-17 15:34 - 2015-01-17 15:34 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 15:33 - 2015-01-17 15:34 - 04514312 _____ (Avira Operations & Co. KG) C:\Users\Iris\Downloads\avira_de_av_5788563885__ws (1).exe
2015-01-17 15:27 - 2015-01-17 15:46 - 202853696 _____ () C:\Users\Iris\Downloads\kav15.0.1.415de_6845.exe
2015-01-17 15:22 - 2014-12-19 03:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-17 15:22 - 2014-12-11 17:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-17 15:22 - 2014-12-06 04:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-17 15:22 - 2014-12-06 03:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-17 15:22 - 2014-12-06 03:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-17 15:21 - 2015-01-17 15:22 - 04514312 _____ (Avira Operations & Co. KG) C:\Users\Iris\Downloads\avira_de_av_5788523660__ws.exe
2015-01-17 15:21 - 2014-12-19 01:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-17 15:18 - 2014-12-12 05:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-17 15:18 - 2014-12-12 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-17 15:18 - 2014-12-12 05:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-17 15:18 - 2014-12-12 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-17 15:18 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-17 15:18 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-17 15:18 - 2014-12-12 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-17 15:15 - 2015-01-17 15:15 - 00000000 ____D () C:\Users\Iris\AppData\Roaming\Mozilla
2015-01-17 15:13 - 2015-01-17 15:13 - 04514312 _____ (Avira Operations & Co. KG) C:\Users\Iris\Downloads\avira_de_av_5788563885__ws.exe
2015-01-17 14:28 - 2015-01-17 13:47 - 00000000 ____D () C:\Windows\Minidump
2015-01-17 13:48 - 2015-01-18 14:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-17 13:48 - 2015-01-17 13:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-14 21:31 - 2015-01-14 21:32 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-01-14 21:30 - 2015-01-14 21:30 - 09629976 _____ (CyberGhost S.R.L. ) C:\Users\Iris\Downloads\CG_5.0.14.7.exe
2014-12-26 14:43 - 2014-12-26 14:43 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-20 17:59 - 2014-12-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-20 17:59 - 2014-12-20 17:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-20 17:59 - 2014-12-20 17:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-20 17:57 - 2014-12-20 17:57 - 13087456 _____ (Microsoft Corporation) C:\Users\Iris\Downloads\Silverlight_x64.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-18 15:23 - 2014-05-27 18:05 - 00000000 ____D () C:\Users\Iris\AppData\Roaming\Spotify
2015-01-18 15:13 - 2014-05-21 16:06 - 01656901 _____ () C:\Windows\WindowsUpdate.log
2015-01-18 14:47 - 2014-05-23 15:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 14:47 - 2014-05-23 15:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-18 14:30 - 2014-05-27 18:07 - 00000000 ____D () C:\Program Files (x86)\Linkey
2015-01-18 13:45 - 2009-07-14 04:50 - 00028560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 13:45 - 2009-07-14 04:50 - 00028560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 13:39 - 2014-05-24 11:59 - 00000000 ___RD () C:\Users\Iris\Dropbox
2015-01-18 13:37 - 2014-05-24 11:56 - 00000000 ____D () C:\Users\Iris\AppData\Roaming\Dropbox
2015-01-18 13:34 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-18 13:34 - 2009-07-14 04:56 - 00045534 _____ () C:\Windows\setupact.log
2015-01-18 12:14 - 2009-07-14 05:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-18 12:10 - 2011-04-12 08:14 - 02104402 _____ () C:\Windows\system32\perfh007.dat
2015-01-18 12:10 - 2011-04-12 08:14 - 00599190 _____ () C:\Windows\system32\perfc007.dat
2015-01-18 12:10 - 2009-07-14 05:12 - 00006224 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-17 23:18 - 2014-05-28 09:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-17 23:17 - 2014-05-28 09:22 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-17 18:02 - 2014-09-19 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-17 18:02 - 2014-07-10 12:31 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-17 18:02 - 2014-07-10 12:31 - 00000000 ____D () C:\ProgramData\Skype
2015-01-17 17:46 - 2014-05-27 18:08 - 00000000 ____D () C:\Users\Iris\AppData\Local\Spotify
2015-01-17 15:56 - 2014-08-20 18:04 - 00818888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-01-17 15:56 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-01-17 15:56 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-01-17 15:54 - 2014-05-24 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-17 15:34 - 2014-05-24 11:53 - 00000000 ____D () C:\ProgramData\Avira
2015-01-17 15:34 - 2014-05-24 11:53 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-17 13:47 - 2014-09-04 17:16 - 00000000 ____D () C:\ProgramData\smdmf
2015-01-17 13:47 - 2014-07-10 12:31 - 00000000 ____D () C:\Users\Iris\AppData\Roaming\Skype
2015-01-17 13:47 - 2014-06-10 20:31 - 00000000 ____D () C:\Users\Iris\AppData\Roaming\PhotoScape
2015-01-17 13:47 - 2014-05-28 11:40 - 00000000 ____D () C:\Users\Iris\AppData\Roaming\systweak
2015-01-17 13:47 - 2014-05-27 18:07 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2015-01-17 13:47 - 2014-05-23 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-17 13:47 - 2014-05-22 13:29 - 00000000 ____D () C:\Users\Iris
2015-01-17 13:47 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration
2015-01-15 17:58 - 2012-09-23 10:26 - 00000000 ____D () C:\Users\Iris\Studium
2015-01-14 21:33 - 2014-05-22 13:29 - 00000000 ____D () C:\Users\Iris\AppData\Local\VirtualStore
2015-01-08 09:55 - 2010-11-21 03:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-06 16:33 - 2014-09-19 13:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-31 14:44 - 2014-06-22 10:04 - 00305152 ___SH () C:\Users\Iris\Thumbs.db
==================== Files in the root of some directories =======
2014-05-28 11:56 - 2014-05-28 11:56 - 0159200 _____ () C:\Users\Iris\AppData\Roaming\CrashRpt1402.dll
2014-08-18 09:56 - 2014-08-18 09:56 - 0002650 _____ () C:\Users\Iris\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\Iris\AppData\Local\Temp\avgnt.exe
C:\Users\Iris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjqs8ea.dll
C:\Users\Iris\AppData\Local\Temp\OnlineBackup.exe
C:\Users\Iris\AppData\Local\Temp\ose00000.exe
C:\Users\Iris\AppData\Local\Temp\readSTILog.dll
C:\Users\Iris\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Iris\AppData\Local\Temp\sw3a6pax.dll
C:\Users\Iris\AppData\Local\Temp\uninst.exe
C:\Users\Iris\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Iris\AppData\Local\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-29 16:59
==================== End Of Log ============================
--- --- ---
Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015
Ran by Iris at 2015-01-18 15:25:58
Running from C:\Users\Iris\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Battery Utility (HKLM-x32\...\{D6C5A4CA-1EE8-4C73-9679-0BC2946D1353}) (Version: 3.01.30.008 - FUJITSU LIMITED)
Benutzerhandbuch - Grundlagen EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Bog) (Version: - )
Benutzerhandbuch EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Useg) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4954 - CDBurnerXP)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKU\S-1-5-21-2453654641-723129125-3345877184-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
EiskaltDC++ 2.2.9 (HKLM-x32\...\EiskaltDC++) (Version: 2.2.9 - EiskaltDC++)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1209.0_WHQL - Sonix)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.002 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.5.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.4.5.0 - FUJITSU LIMITED) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3190 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)
LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero BackItUp 2014 (HKLM-x32\...\{5B402FC3-988D-45DD-9831-E9B001AB238F}) (Version: 15.0.04200 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Netzwerkhandbuch EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Netg) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.038 - FUJITSU LIMITED)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30129 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SIW Pro Edition (Trial Version) (HKLM-x32\...\{3B9704C8-1286-4a17-9EA8-F63004FC74A1}_is1) (Version: 2014.04.27 - Topala Software Solutions)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2453654641-723129125-3345877184-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spotify (HKU\S-1-5-21-2453654641-723129125-3345877184-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2453654641-723129125-3345877184-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Iris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-01-2015 21:31:44 Gerätetreiber-Paketinstallation: TAP-Windows Provider V9 Netzwerkadapter
14-01-2015 22:57:46 Windows Update
17-01-2015 14:26:37 Avira Free Antivirus - 17.01.2015 14:26
17-01-2015 15:22:59 Windows Update
17-01-2015 23:16:54 Windows Update
18-01-2015 11:59:45 Windows Modules Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {40C0CB37-99A8-4720-B7B0-4463C667D94B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-23] (Google Inc.)
Task: {5D9E6FF2-D754-4940-9946-CB2B253541CC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7CD869E2-DA3D-49A1-B41F-DEC2A7B6A2A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {AA722F8E-96D2-4DC7-B56C-AE463A8775AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-23] (Google Inc.)
Task: {DFD49A62-7210-4AE4-98F0-928E21523A8B} - System32\Tasks\Iris NBAgent 15 0 => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2014-05-10] (Nero AG)
Task: {E75E27A3-3AA4-49EC-9C19-433602F5D2F0} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-05-20 01:17 - 2014-05-23 15:35 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-27 18:08 - 2014-12-10 18:19 - 00374840 _____ () C:\Users\Iris\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\kpcengine.2.3.dll
2014-05-27 18:08 - 2014-12-10 18:19 - 36966968 _____ () C:\Users\Iris\AppData\Roaming\Spotify\Data\libcef.dll
2014-10-22 00:22 - 2014-10-22 00:22 - 00750080 _____ () C:\Users\Iris\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-18 13:36 - 2015-01-18 13:36 - 00043008 _____ () c:\users\iris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjqs8ea.dll
2014-10-22 00:22 - 2014-10-22 00:22 - 00047616 _____ () C:\Users\Iris\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 00:22 - 2014-10-22 00:22 - 00863744 _____ () C:\Users\Iris\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 00:22 - 2014-10-22 00:22 - 00200704 _____ () C:\Users\Iris\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-07-07 17:42 - 2014-12-10 18:19 - 00867896 _____ () C:\Users\Iris\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-05-27 18:08 - 2014-12-10 18:19 - 00886840 _____ () C:\Users\Iris\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-05-27 18:08 - 2014-12-10 18:19 - 00108600 _____ () C:\Users\Iris\AppData\Roaming\Spotify\Data\libegl.dll
2014-05-23 15:42 - 2014-05-23 15:36 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-12 20:49 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 20:49 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 20:49 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 20:49 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 20:49 - 2014-12-06 01:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: FJBATAID2 => C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2453654641-723129125-3345877184-500 - Administrator - Disabled)
Gast (S-1-5-21-2453654641-723129125-3345877184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2453654641-723129125-3345877184-1004 - Limited - Enabled)
Iris (S-1-5-21-2453654641-723129125-3345877184-1000 - Administrator - Enabled) => C:\Users\Iris
==================== Faulty Device Manager Devices =============
Name: F06DEFF2-5B9C-490D-910F-35D3A91196222
Description: F06DEFF2-5B9C-490D-910F-35D3A91196222
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: F06DEFF2-5B9C-490D-910F-35D3A91196222
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/18/2015 03:32:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Revouninstaller.exe, Version 1.9.5.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12c8
Startzeit: 01d0332ba245a48a
Endzeit: 102
Anwendungspfad: C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
Berichts-ID: 1711b955-9f27-11e4-97c2-685d43403642
Error: (01/18/2015 02:15:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3679CA35668772304D30A5FB873B0FA77BB70D54.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
Error: (01/18/2015 02:15:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3679CA35668772304D30A5FB873B0FA77BB70D54.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (01/18/2015 01:46:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 14.0.7.462 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ea0
Startzeit: 01d0332415b517ed
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
Berichts-ID: 3a619e0b-9f18-11e4-97c2-685d43403642
Error: (01/18/2015 01:36:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 01:36:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.0.2, Zeitstempel: 0x4f4a262d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x1fc
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Error: (01/18/2015 00:15:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 00:10:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (01/18/2015 00:10:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/18/2015 00:10:53 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
System errors:
=============
Error: (01/18/2015 03:11:23 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\wisptis.exe -Embedding740{A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}
Error: (01/18/2015 01:42:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/18/2015 01:37:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/18/2015 01:37:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
F06DEFF2-5B9C-490D-910F-35D3A91196222
Error: (01/18/2015 00:15:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
F06DEFF2-5B9C-490D-910F-35D3A91196222
Error: (01/18/2015 00:10:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/18/2015 00:04:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
F06DEFF2-5B9C-490D-910F-35D3A91196222
Error: (01/17/2015 11:17:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (01/17/2015 07:55:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (01/17/2015 07:35:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
F06DEFF2-5B9C-490D-910F-35D3A91196222
Microsoft Office Sessions:
=========================
Error: (01/18/2015 03:32:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Revouninstaller.exe1.9.5.012c801d0332ba245a48a102C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe1711b955-9f27-11e4-97c2-685d43403642
Error: (01/18/2015 02:15:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3679CA35668772304D30A5FB873B0FA77BB70D54.crtDer angegebene Server kann den angeforderten Vorgang nicht ausführen.
Error: (01/18/2015 02:15:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3679CA35668772304D30A5FB873B0FA77BB70D54.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (01/18/2015 01:46:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe14.0.7.4621ea001d0332415b517ed60000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe3a619e0b-9f18-11e4-97c2-685d43403642
Error: (01/18/2015 01:36:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 01:36:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.1.0.24f4a262dntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e41fc01d03323ad489ddbC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Windows\SYSTEM32\ntdll.dll01e960c1-9f17-11e4-97c2-685d43403642
Error: (01/18/2015 00:15:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 00:10:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (01/18/2015 00:10:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/18/2015 00:10:53 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
CodeIntegrity Errors:
===================================
Date: 2015-01-18 13:40:11.962
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-18 13:16:22.553
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-18 13:06:43.540
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-18 12:29:22.578
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-18 12:18:07.745
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-18 12:07:49.057
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-17 19:58:05.482
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-17 19:39:16.136
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-17 17:47:56.635
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-17 16:02:39.228
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 76%
Total physical RAM: 3958.37 MB
Available physical RAM: 945.79 MB
Total Pagefile: 7914.93 MB
Available Pagefile: 2745.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:462.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: CE0A8E79)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
