| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bitable.com - widerspenstig und unlöschbar?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.10.2014, 01:24
| #1 |
| |  Bitable.com - widerspenstig und unlöschbar? Hallo, ich habe auf meinem Windows 8.1 x64 Rechner seit einigen Tagen ein widerspenstiges Problem. Die Startseiten in all meinen Browsern sind stets wie auf dem angehängten Bild. Die Url ist hxxp://www.bitable.com. Ich habe die Startseite im Firefox auf Default gestellt, ich habe in der Registry nach "bitable.com" gesucht und die beiden Einträge für FF und IE entfernt. Auch lt. Windows Systemsteuerung/Programme ist nichts installiert (kein Uninstall vorhanden). Obwohl ich all das getan habe, ist die Startseite beim öffnen des Browsers immer bittable.com. Die Defaultstartseite ist allerdings die Firefox/IE Startseite. Also hat es geklappt die Einstellungen zu ändern. Doch trotzdem nicht für den ersten Start. Ich versuchte mit Adwcleaner (aktuell) und auch mit Malwarebytes. AdwCleaner findet zwar immer wieder zwei Einträge im FF die sich löschen lassen, doch nach dem Start war es wieder da. Die MB findet garnichts (alles ebenfalls aktuell). Mir scheint, daß dieses Teil ganz neu ist, denn auch beim googeln finde ich verweise auf die Malware "Spamhunter" die nun wirklich nichts bringen würde. Kann mir Jemand helfen? hxxp://www.comment-supprimer.com/wp-content/uploads/2014/10/bitable.png |
|
11.10.2014, 10:00
| #2 |
| /// the machine /// TB-Ausbilder    | Bitable.com - widerspenstig und unlöschbar? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.10.2014, 14:38
| #3 |
| | Bitable.com - widerspenstig und unlöschbar? Hi,
__________________das hatte ich schon auch versucht. Der FRST findet nichts mehr. Aber das hier hat mir geholfen das Problem zu lösen: hxxp://www.youtube.com/watch?v=mBpAZAEQIFc |
|
20.10.2014, 07:40
| #4 | |
| /// the machine /// TB-Ausbilder | Bitable.com - widerspenstig und unlöschbar?Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.10.2014, 15:21
| #5 |
 | Bitable.com - widerspenstig und unlöschbar? Von wo kommt den dieses bitable her, weiß das wer?
__________________ Lebe die Gegenwart  , gestalte die Zukunft  , die Vergangenheit kannst du nicht mehr ändern  . |
|
21.10.2014, 11:47
| #6 |
| /// the machine /// TB-Ausbilder | Bitable.com - widerspenstig und unlöschbar? von irgend einer Adware.
__________________ --> Bitable.com - widerspenstig und unlöschbar? |
|
29.10.2014, 07:43
| #7 |
| | FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01 Ran by Ernst (administrator) on ERNST-PC on 29-10-2014 07:36:45 Running from C:\Users\Ernst\Downloads Loaded Profile: Ernst (Available profiles: Ernst) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial- how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Enigma Software Group USA, LLC.) C:\Program Files \Enigma Software Group\SpyHunter\SH4Service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation \Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client \HeciServer.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe () C:\Program Files (x86)\Moborobo \MoboroboDeviceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation \NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\RealNetworks\RealDownloader \rndlresolversvc.exe (Samsung Electronics Co., Ltd.) C:\Windows\System32\spool \drivers\x64\3\NetFaxServer64.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update \1.3.25.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update \1.3.25.5\GoogleCrashHandler64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation \Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Crawler.com) C:\Program Files (x86)\Spyware Terminator \st_rsser64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation \NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation \NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome \Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira \AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1452134163-409198413-971361212-1000\... \Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-10-28] (Glarysoft Ltd) HKU\S-1-5-21-1452134163-409198413-971361212-1000\... \Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1452134163-409198413-971361212-1000\... \Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1452134163-409198413-971361212-1000\... \Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1452134163-409198413-971361212-1000\... \MountPoints2: {0b3ef7ab-2671-11e2-a073-50e549d64120} - J:\PcOptions.exe IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" BootExecute: autocheck autochk * BootDefrag.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9F78C331A15BCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com HKCU\Software\Microsoft\Internet Explorer \Main,Default_Search_URL = hxxp://www.google.com/ie SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73- E35EA1EA9990} URL = hxxp://www.google.com/search?q= {sear BHO: Groove GFS Browser Helper -> {72853161-30C5- 4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869- 2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21- 4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870- 4C09146192CA} -> C:\ProgramData\RealNetworks \RealDownloader\BrowserPlugins\IE \rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5- 4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0 -462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C: \Program Files (x86)\Skype\Toolbars\Internet Explorer \SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835- 0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044- A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298- 07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars \Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298- 07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars \Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Hosts: 127.0.0.1 validation.sls.microsoft.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 213.174.248.1 213.174.245.1 FireFox: ======== FF ProfilePath: C:\Users\Ernst\AppData\Roaming\Mozilla \Firefox\Profiles\7b1xnap6.default FF NewTab: hxxp://bitable.com/ FF Homepage: hxxp://bitable.com/ FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows \system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C: \PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows \SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C: \Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins \npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C: \Program Files (x86)\Google\Google Earth\plugin \npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C: \Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C: \Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C: \Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c: \Program Files (x86)\Microsoft Silverlight \5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C: \Program Files (x86)\NVIDIA Corporation\3D Vision \npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster \npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C: \Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader \BrowserPlugins\MozillaPlugins \nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C: \ProgramData\RealNetworks\RealDownloader \BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C: \ProgramData\RealNetworks\RealDownloader \BrowserPlugins\MozillaPlugins \nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer \Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader \BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update \1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update \1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C: \Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C: \Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C: \Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C: \Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C: \Users\Ernst\AppData\Local\Citrix\Plugins \104\npappdetector.dll (Citrix Online) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C: \Users\Ernst\AppData\Roaming\Mozilla\plugins \npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users \Ernst\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users \Ernst\AppData\Roaming\Mozilla\plugins \npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Ernst\AppData\Local\Google \Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Ernst\AppData\Local\Google \Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster \npPandoWebPlugin.dll (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Users\Ernst\AppData \Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Ernst\AppData \Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Ernst\AppData \Roaming\mozilla\plugins\npo1d.dll (Google) FF Extension: Adblock Plus - C:\Users\Ernst\AppData \Roaming\Mozilla\Firefox\Profiles\7b1xnap6.default \Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-17] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E- 43525BDAD38A}.xpi [2014-07-14] FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948- 45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData \RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData \RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-01-03] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8- 4d1b-88E6-365A6E755758}] - C:\ProgramData \RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB- BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: No Name - C:\Users\Ernst\AppData\Roaming \Mozilla\Firefox\Profiles\7b1xnap6.default\extensions \EFGLQA@78ETGYN-0W7FN789T87.COM [Not Found] FF Extension: No Name - C:\Users\Ernst\AppData\Roaming \Mozilla\Firefox\Profiles\7b1xnap6.default\extensions \{87934c42-161d-45bc-8cef-ef18abe2a30c} [Not Found] FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [Not Found] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.at/ CHR StartupUrls: Default -> "hxxp://www.google.at/" CHR Profile: C:\Users\Ernst\AppData\Local\Google\Chrome \User Data\Default CHR Extension: (Google*Übersetzer) - C:\Users\Ernst \AppData\Local\Google\Chrome\User Data\Default \Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-03-23] CHR Extension: (Google Docs) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \aohghmighlieiainnegkcijnfilokake [2013-03-23] CHR Extension: (Google Drive) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \apdfllckaahabafndbhieahigkjlhalf [2013-03-23] CHR Extension: (Google Voice Search Hotword (Beta)) - C: \Users\Ernst\AppData\Local\Google\Chrome\User Data \Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07] CHR Extension: (Picasa Web Albums) - C:\Users\Ernst \AppData\Local\Google\Chrome\User Data\Default \Extensions\bfkbhhghfoebhicjjfcdikgpmiclodng [2013-03-23] CHR Extension: (Kontaktkarte) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \bialhhdohbeamjgokicedgcpanocohkf [2013-08-27] CHR Extension: (YouTube) - C:\Users\Ernst\AppData\Local \Google\Chrome\User Data\Default\Extensions \blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-23] CHR Extension: (OrganisedMinds) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \cedbiokeeomnnkiclkmnonjkcaladbkd [2014-10-19] CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users \Ernst\AppData\Local\Google\Chrome\User Data\Default \Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-03- 23] CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Ernst\AppData\Local\Google\Chrome \User Data\Default\Extensions \ckibcdccnfeookdmbahgiakhnjcddpki [2013-03-23] CHR Extension: (Weebly - Website Builder) - C:\Users\Ernst \AppData\Local\Google\Chrome\User Data\Default \Extensions\cnocophcbjfiimmnhlhleaooedeheifb [2013-03-23] CHR Extension: (Google-Suche) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \coobgpohoikkiipiblmjeljniedjpjpf [2013-03-23] CHR Extension: (openMarkers) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \dbddgbbhgiehapkemoldgekakllapanc [2013-03-23] CHR Extension: (Gmail offline) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \ejidjjhkpiempkbhmpbfngldlkglhimk [2013-12-20] CHR Extension: (Wunderlist - To-do and Task list) - C:\Users \Ernst\AppData\Local\Google\Chrome\User Data\Default \Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2014-10-22] CHR Extension: (Avira Browser Safety) - C:\Users\Ernst \AppData\Local\Google\Chrome\User Data\Default \Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-18] CHR Extension: (QRCode Monkey) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \gidoepdbdhacpopcmepkflghaalfapmk [2014-10-18] CHR Extension: (AdBlock) - C:\Users\Ernst\AppData\Local \Google\Chrome\User Data\Default\Extensions \gighmmpiobklfepjocnamgkkbiglidom [2013-03-23] CHR Extension: („Pin it“-Button) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \gpdjojdkbbmdfjfahjcgigfpmkopogic [2013-10-29] CHR Extension: (Pixlr Editor) - C:\Users\Ernst\AppData\Local \Google\Chrome\User Data\Default\Extensions \icmaknaampgiegkcjlimdiidlhopknpk [2013-03-23] CHR Extension: (Google Formulare) - C:\Users\Ernst \AppData\Local\Google\Chrome\User Data\Default \Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2013-04-09] CHR Extension: (Conceptboard) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \jnacnlekfaehkfdbkohnhpmdagnfaeio [2014-10-22] CHR Extension: (Google Maps) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \lneaknkopdijkpnocmklfnjbeapigfbh [2013-03-23] CHR Extension: (Hangouts) - C:\Users\Ernst\AppData\Local \Google\Chrome\User Data\Default\Extensions \nckgahadagoaajjgafhacjanaoiihapd [2014-01-05] CHR Extension: (SpiderFace) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \niojpmjocabemdookjinpjacjgclkhmo [2013-05-05] CHR Extension: (Google Wallet) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR Extension: (Cacoo - Diagramming & Real-Time Collaboration) - C:\Users\Ernst\AppData\Local\Google \Chrome\User Data\Default\Extensions \pcflmbddgcmomcfngehfhlajjapabojh [2013-03-23] CHR Extension: (Google Mail) - C:\Users\Ernst\AppData \Local\Google\Chrome\User Data\Default\Extensions \pjkljhegncpnkpknbcohdijeoejaedia [2013-03-23] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData \RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext \realdownloader.crx [2013-08-14] CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData \adawaretb\toolbar\chrome\toolbar.crx [2013-08-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira \AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-09] (Avira Operations GmbH & Co. KG) S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG) S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype \Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars \PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG) S4 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed] S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin \fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.) S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2000-01-01] (Intel Corporation) R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft \Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareService.exe [707888 2014-10-15] () R2 MoboroboDeviceService; C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [72184 2014- 07-31] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation \NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader \rndlresolversvc.exe [39056 2013-08-14] () R2 Samsung Network Fax Server; C:\Windows \system32\spool\drivers\x64\3\NetFaxServer64.exe [230400 2011-12-05] (Samsung Electronics Co., Ltd.) [File not signed] R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer- Networking Ltd.) R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.) R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013- 01-28] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG) R0 BootDefragDriver; C:\Windows\System32\drivers \BootDefragDriver.sys [17600 2014-06-16] (Glarysoft Ltd) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed] S3 EsgScanner; C:\Windows\System32\DRIVERS \EsgScanner.sys [22704 2012-06-22] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed] S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed] R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-27] (GFI Software) R1 GUBootStartup; C:\Windows\System32\drivers \GUBootStartup.sys [20160 2014-10-25] (Glarysoft Ltd) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [117912 2000-01-01] (Qualcomm Atheros Co., Ltd.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation \NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers \nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-10-25] (Windows (R) Win 7 DDK provider) S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed] S3 SWDUMon; C:\Windows\System32\DRIVERS \SWDUMon.sys [16152 2014-09-15] () S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software) S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider) S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon) S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon) S3 VGPU; No ImagePath S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( ) S3 athr; system32\DRIVERS\athrx.sys [X] S3 BioNTDrv; \??\C:\Program Files (x86)\Paragon Software \Backup and Recovery 2012 Free\program\BioNTDrv.SYS [X] S3 BTMCOM; System32\Drivers\btmcom.sys [X] U3 DfSdkS; No ImagePath S3 dgderdrv; System32\drivers\dgderdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-29 07:36 - 2014-10-29 07:37 - 00026696 _____ () C:\Users\Ernst\Downloads\FRST.txt 2014-10-29 07:36 - 2014-10-29 07:36 - 02113024 _____ (Farbar) C:\Users\Ernst\Downloads\FRST64.exe 2014-10-29 07:36 - 2014-10-29 07:36 - 00000000 ____D () C:\FRST 2014-10-29 07:35 - 2014-10-29 07:35 - 01104896 _____ (Farbar) C:\Users\Ernst\Downloads\FRST (1).exe 2014-10-29 07:33 - 2014-10-29 07:33 - 01104896 _____ (Farbar) C:\Users\Ernst\Downloads\FRST.exe 2014-10-29 07:12 - 2014-10-29 07:12 - 00001154 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-10-26 20:45 - 2014-10-29 07:00 - 00003340 _____ () C:\Windows\System32\Tasks \RealPlayerRealUpgradeScheduledTaskS-1-5-21- 1452134163-409198413-971361212-1000 2014-10-26 20:45 - 2014-10-29 07:00 - 00003206 _____ () C:\Windows\System32\Tasks \RealPlayerRealUpgradeLogonTaskS-1-5-21-1452134163- 409198413-971361212-1000 2014-10-25 16:21 - 2014-10-26 01:22 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2014-10-25 16:21 - 2014-10-25 16:22 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator 2014-10-25 16:21 - 2014-10-25 16:21 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows \system32\Drivers\stflt.sys 2014-10-25 16:21 - 2014-10-25 16:21 - 00001045 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk 2014-10-25 16:21 - 2014-10-25 16:21 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\Spyware Terminator 2014-10-25 16:21 - 2014-10-25 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Spyware Terminator 2012 2014-10-25 15:54 - 2012-07-06 18:41 - 00000864 _____ () C:\Windows\system32\Drivers\etc\hosts.20141025- 165427.backup 2014-10-25 15:53 - 2012-07-06 18:41 - 00000864 _____ () C:\Windows\system32\Drivers\etc\hosts.20141025- 165331.backup 2014-10-25 07:25 - 2014-10-25 07:25 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-10-25 07:25 - 2014-10-25 07:25 - 00000000 ____D () C:\sh4ldr 2014-10-25 07:25 - 2014-10-25 07:25 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-10-25 07:25 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys 2014-10-25 07:24 - 2014-10-25 07:25 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-10-25 06:47 - 2014-10-25 06:47 - 00001224 _____ () C:\Users\Ernst\Desktop\JRT.txt 2014-10-22 19:52 - 2014-10-22 19:52 - 00866549 _____ () C:\Users\Ernst\Downloads\Wasserauto_Philippinen.wmv 2014-10-22 19:52 - 2014-10-22 19:52 - 00866549 _____ () C:\Users\Ernst\Downloads\Wasserauto_Philippinen (1).wmv 2014-10-20 06:32 - 2014-10-29 07:01 - 00002312 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2014-10-20 06:32 - 2014-10-20 06:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Lavasoft 2014-10-19 20:56 - 2014-10-19 20:56 - 00003887 _____ () C:\Users\Ernst\.ganttproject 2014-10-19 20:56 - 2014-10-19 20:56 - 00000115 _____ () C:\Users\Ernst\java0.log 2014-10-19 20:47 - 2014-10-19 20:56 - 00001834 _____ () C:\Users\Ernst\ganttproject.log 2014-10-18 16:09 - 2014-10-20 22:33 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-16 22:27 - 2014-10-16 22:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET 2014-10-16 06:21 - 2014-10-16 06:22 - 07323197 _____ () C:\Users\Ernst\Downloads\Ohne Kampf kein Fortschritt.mp4 2014-10-16 06:20 - 2014-10-16 06:20 - 11167569 _____ () C:\Users\Ernst\Downloads\Lohnsteuer runter! - Statements.mp4 2014-10-16 06:06 - 2014-10-16 06:10 - 131910820 _____ () C:\Users\Ernst\Downloads\FSG WERBEVIDEO NEU WINDOWSMEDIA PLAYER.wmv 2014-10-16 06:02 - 2014-10-16 06:04 - 55515214 _____ () C:\Users\Ernst\Downloads\'Lohnsteuer runter!'.mp4 2014-10-16 05:36 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-16 05:36 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-16 05:36 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-16 05:36 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-16 05:36 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-16 05:36 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-16 05:36 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-16 05:35 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-16 05:35 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-16 05:35 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-16 05:35 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-16 05:35 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-16 05:35 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-16 05:35 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-16 05:35 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-16 05:35 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-16 05:35 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-16 05:35 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-16 05:35 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-16 05:35 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-16 05:35 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-16 05:35 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows \system32\ieetwcollectorres.dll 2014-10-16 05:35 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-16 05:35 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-16 05:35 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-16 05:35 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-16 05:35 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows \system32\ieetwproxystub.dll 2014-10-16 05:35 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-16 05:35 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-16 05:35 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-16 05:35 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-16 05:35 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-16 05:35 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-16 05:35 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-16 05:35 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-16 05:35 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows \system32\ieetwcollector.exe 2014-10-16 05:35 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows \system32\MsSpellCheckingFacility.exe 2014-10-16 05:35 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-16 05:35 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-16 05:35 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows \system32\JavaScriptCollectionAgent.dll 2014-10-16 05:35 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-16 05:35 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-16 05:35 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-16 05:35 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ieetwproxystub.dll 2014-10-16 05:35 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-16 05:35 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows \SysWOW64\MshtmlDac.dll 2014-10-16 05:35 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-16 05:35 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-16 05:35 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-16 05:35 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-16 05:35 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-16 05:35 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-16 05:35 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows \SysWOW64\jscript9diag.dll 2014-10-16 05:35 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-16 05:35 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-16 05:35 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows \system32\mshtmlmedia.dll 2014-10-16 05:35 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows \SysWOW64\JavaScriptCollectionAgent.dll 2014-10-16 05:35 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-16 05:35 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-16 05:35 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-16 05:35 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows \SysWOW64\mshtmlmedia.dll 2014-10-16 05:35 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-16 05:35 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-16 05:35 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-16 05:35 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-16 05:35 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-16 05:33 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-16 05:33 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-16 05:33 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-16 05:33 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-16 05:33 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-16 05:33 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-16 05:33 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-10-16 05:33 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-10-16 05:33 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-16 05:33 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-16 05:33 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-16 05:33 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-16 05:33 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-10-16 05:32 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-16 05:32 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-16 05:32 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-16 05:32 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-16 05:32 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-16 05:32 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-16 05:32 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-16 05:32 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-16 05:32 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-16 05:32 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-16 05:32 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-16 05:32 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers \rdpwd.sys 2014-10-16 05:32 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers \tssecsrv.sys 2014-10-13 21:39 - 2014-10-13 21:39 - 00001257 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk 2014-10-13 21:37 - 2014-10-13 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Elaborate Bytes 2014-10-13 21:37 - 2014-10-13 21:37 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-10-13 06:19 - 2012-07-06 18:41 - 00000864 _____ () C:\Windows\system32\Drivers\etc\hosts.20141013- 071934.backup 2014-10-11 21:32 - 2014-10-11 21:32 - 00001176 _____ () C:\Users\Ernst\Desktop\Auslogics DiskDefrag.lnk 2014-10-11 21:32 - 2014-10-11 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Auslogics 2014-10-11 21:32 - 2014-10-11 21:32 - 00000000 ____D () C:\ProgramData\Auslogics 2014-10-11 21:32 - 2014-10-11 21:32 - 00000000 ____D () C:\Program Files (x86)\Auslogics 2014-10-11 18:26 - 2014-10-11 18:26 - 00000000 ____D () C:\Users\Ernst\AppData\Local\Parise_Samuele 2014-10-11 18:20 - 2014-10-11 18:20 - 00001101 _____ () C:\Users\Public\Desktop\HDD Guardian.lnk 2014-10-11 18:20 - 2014-10-11 18:20 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\Parise Samuele 2014-10-11 18:20 - 2014-10-11 18:20 - 00000000 ____D () C:\ProgramData\Parise Samuele 2014-10-11 18:20 - 2014-10-11 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \HDD Guardian 0.6.1 2014-10-11 18:20 - 2014-10-11 18:20 - 00000000 ____D () C:\Program Files (x86)\HDD Guardian 0.6.1 2014-10-11 17:51 - 2014-10-11 17:51 - 00001193 _____ () C:\Users\Ernst\Desktop\CrystalDiskInfo.lnk 2014-10-11 17:51 - 2014-10-11 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \CrystalDiskInfo 2014-10-11 17:51 - 2014-10-11 17:51 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo 2014-10-11 08:19 - 2014-10-11 08:19 - 00000000 ____D () C:\Users\Ernst\.android 2014-10-08 06:09 - 2014-10-11 10:51 - 00000000 ____D () C:\ProgramData\AutoKMS 2014-10-05 21:39 - 2014-10-05 21:40 - 00000000 ____D () C:\Users\Ernst\Desktop\Neuer Ordner 2014-10-05 08:32 - 2014-10-05 08:32 - 00000000 ____D () C:\Users\Ernst\Downloads \00_fertige_pdf_Oberösterreich_teil2 2014-10-05 08:29 - 2014-10-05 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7 -Zip 2014-10-05 08:29 - 2014-10-05 08:29 - 00000000 ____D () C:\Program Files\7-Zip 2014-10-02 21:35 - 2014-10-02 21:35 - 00001443 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk 2014-10-02 18:04 - 2014-10-02 18:06 - 00000000 ____D () C:\Users\Ernst\Documents\FSG-Willi PDF 2014-10-02 16:38 - 2014-10-02 16:39 - 00000000 ____D () C:\Users\Ernst\Documents\Kyäni geheime Dokumente der Pharmaindustrie 2014-10-02 12:03 - 2014-10-02 12:26 - 456467922 _____ () C:\Users\Ernst\Desktop\Der grüne Planet (Spielfilm)-SD.mp4 2014-10-01 06:19 - 2014-10-01 06:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Skype 2014-10-01 06:14 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 06:14 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-30 15:47 - 2014-09-30 15:47 - 00000000 ____D () C:\Users\Ernst\Downloads\FSG Sonsitges 2014-09-30 15:42 - 2014-10-13 14:16 - 00000000 ____D () C:\Users\Ernst\Downloads\Ablage 2014-09-29 20:59 - 2014-09-29 21:00 - 00758250 _____ () C:\Users\Ernst\Desktop\2014-09-04 GR.jpeg 2014-09-29 20:59 - 2014-09-29 21:00 - 00476526 _____ () C:\Users\Ernst\Desktop\2014-09-04 GR1.jpeg ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-29 07:12 - 2014-09-21 07:28 - 00002105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Mozilla Thunderbird.lnk 2014-10-29 07:12 - 2014-09-21 07:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-10-29 07:12 - 2013-07-08 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-29 07:12 - 2013-03-16 08:10 - 00001166 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Mozilla Firefox.lnk 2014-10-29 07:12 - 2013-03-16 08:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-29 07:11 - 2012-07-22 19:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows \SysWOW64\FlashPlayerApp.exe 2014-10-29 07:11 - 2012-07-22 19:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows \SysWOW64\FlashPlayerCPLApp.cpl 2014-10-29 07:11 - 2012-07-22 19:50 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-10-29 07:11 - 2012-07-22 19:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-29 07:10 - 2013-11-07 16:18 - 00001796 _____ () C:\Users\Ernst\Desktop\XnView.lnk 2014-10-29 07:10 - 2013-03-06 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \XnView 2014-10-29 07:10 - 2013-03-06 19:31 - 00000000 ____D () C:\Program Files (x86)\XnView 2014-10-29 07:09 - 2014-03-18 04:48 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2014-10-29 07:09 - 2013-06-09 05:04 - 01537059 _____ () C:\Windows\WindowsUpdate.log 2014-10-29 07:09 - 2012-07-10 07:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \FileZilla FTP Client 2014-10-29 07:09 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012- 9C450E1B7327-5P-1.C7483456-A289-439d-8115- 601632D005A0 2014-10-29 07:09 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012- 9C450E1B7327-5P-0.C7483456-A289-439d-8115- 601632D005A0 2014-10-29 07:07 - 2014-05-13 13:25 - 00002972 _____ () C:\Windows\System32\Tasks\GU5SkipUAC 2014-10-29 07:07 - 2014-05-13 13:25 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Glary Utilities 5.lnk 2014-10-29 07:07 - 2014-05-13 13:25 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5 2014-10-29 07:06 - 2014-05-13 13:25 - 00002630 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5 2014-10-29 07:06 - 2014-05-13 13:25 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2014-10-29 07:00 - 2014-08-05 04:08 - 00027383 _____ () C:\Windows\setupact.log 2014-10-29 07:00 - 2013-07-06 17:59 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-29 07:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-27 22:50 - 2012-07-07 16:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-27 16:28 - 2014-08-06 19:29 - 00025556 _____ () C:\Windows\PFRO.log 2014-10-27 05:48 - 2012-11-27 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \MyFree Codec 2014-10-26 20:51 - 2011-04-12 08:43 - 00700160 _____ () C:\Windows\system32\perfh007.dat 2014-10-26 20:51 - 2011-04-12 08:43 - 00150300 _____ () C:\Windows\system32\perfc007.dat 2014-10-26 20:51 - 2009-07-14 06:13 - 01622976 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-25 15:50 - 2014-05-13 13:25 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers \GUBootStartup.sys 2014-10-25 15:48 - 2012-07-07 17:19 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\Dropbox 2014-10-25 13:58 - 2014-03-26 08:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers \MBAMSwissArmy.sys 2014-10-25 06:27 - 2012-07-07 17:22 - 00000000 ___RD () C:\Users\Ernst\Dropbox 2014-10-22 20:09 - 2012-07-07 17:00 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\vlc 2014-10-22 18:45 - 2013-07-06 17:59 - 00003854 _____ () C:\Windows\System32\Tasks \GoogleUpdateTaskMachineCore 2014-10-22 18:45 - 2012-07-07 16:30 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-21 20:00 - 2014-01-07 20:41 - 00003758 _____ () C:\Windows\System32\Tasks\Real Player-Online- Aktualisierungsprogramm 2014-10-21 17:32 - 2014-01-02 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \RealNetworks 2014-10-21 17:30 - 2014-01-03 11:50 - 00000000 ____D () C:\ProgramData\Real 2014-10-21 17:30 - 2014-01-03 11:50 - 00000000 ____D () C:\Program Files (x86)\Real 2014-10-21 17:29 - 2014-01-03 11:50 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll 2014-10-21 17:28 - 2014-01-03 11:50 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll 2014-10-21 17:28 - 2014-01-03 11:50 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll 2014-10-21 17:28 - 2013-09-11 18:06 - 00272896 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll 2014-10-21 17:27 - 2013-09-11 18:06 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2014-10-21 17:27 - 2006-04-19 06:00 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2014-10-20 22:33 - 2014-03-26 07:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \ Malwarebytes Anti-Malware 2014-10-20 22:33 - 2014-03-26 07:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-19 20:56 - 2012-07-06 18:16 - 00000000 ____D () C:\Users\Ernst 2014-10-19 06:00 - 2012-11-27 21:12 - 00442027 _____ () C:\Users\Ernst\AppData\Local\runtasticConnect.log 2014-10-18 16:54 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Accessories 2014-10-18 15:54 - 2013-08-28 05:00 - 00000000 ____D () C:\AdwCleaner 2014-10-18 08:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-10-17 04:09 - 2013-10-04 13:42 - 00691808 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-17 04:05 - 2014-05-06 15:04 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-16 22:30 - 2012-07-06 19:11 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-16 22:27 - 2013-08-14 06:12 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 22:20 - 2012-03-14 12:42 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-16 21:44 - 2012-07-29 12:54 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\Skype 2014-10-13 21:32 - 2013-03-06 20:20 - 00000000 ____D () C:\Users\Ernst\AppData\Local\CrashDumps 2014-10-13 14:24 - 2012-08-13 16:51 - 00000121 _____ () C:\Users\Public\LMDebug.log 2014-10-13 06:07 - 2013-01-05 14:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-10-12 19:50 - 2013-06-09 18:38 - 00003110 _____ () C:\Windows\System32\Tasks\{0E309762-8DE8-42B8-A4FE- 6AEA3FCD9FD0} 2014-10-11 21:32 - 2012-07-06 18:17 - 00001484 _____ () C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-11 08:25 - 2014-02-20 19:57 - 00001956 _____ () C:\Users\Public\Desktop\MoboRobo.lnk 2014-10-11 08:25 - 2013-08-02 13:31 - 00000000 ____D () C:\ProgramData\Moborobo 2014-10-11 08:25 - 2013-08-02 13:31 - 00000000 ____D () C:\Program Files (x86)\Moborobo 2014-10-11 08:19 - 2012-10-31 09:37 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\MyPhoneExplorer 2014-10-09 12:31 - 2013-05-07 15:36 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows \system32\Drivers\avnetflt.sys 2014-10-09 12:31 - 2013-03-27 16:38 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows \system32\Drivers\avipbb.sys 2014-10-09 12:31 - 2013-03-27 16:38 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows \system32\Drivers\avgntflt.sys 2014-10-09 06:25 - 2012-07-06 18:24 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-05 08:01 - 2012-07-07 14:21 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\Adobe 2014-10-04 05:49 - 2013-09-16 03:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Avira 2014-10-04 05:49 - 2013-08-29 18:03 - 00000000 ____D () C:\ProgramData\Package Cache 2014-10-04 05:49 - 2012-10-10 05:18 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-10-02 21:35 - 2013-08-23 06:52 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2014-10-02 21:35 - 2012-07-23 06:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \DVDVideoSoft 2014-10-02 21:35 - 2012-07-23 06:02 - 00000000 ____D () C:\Users\Ernst\AppData\Roaming\DVDVideoSoft 2014-10-02 18:05 - 2013-09-10 18:02 - 00000000 ____D () C:\Users\Ernst\Documents\Freemake 2014-10-02 07:39 - 2013-12-14 22:23 - 00001026 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Audacity.lnk 2014-10-02 07:39 - 2013-12-14 22:23 - 00000000 ____D () C:\Program Files (x86)\Audacity 2014-10-01 10:11 - 2014-03-26 07:59 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers \mbamchameleon.sys 2014-10-01 10:11 - 2014-03-26 07:59 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers \mwac.sys 2014-10-01 10:11 - 2013-10-25 04:55 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers \mbam.sys 2014-10-01 06:19 - 2014-08-05 16:53 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-10-01 06:19 - 2012-07-29 12:54 - 00000000 ____D () C:\ProgramData\Skype Files to move or delete: ==================== C:\ProgramData\ISTask.dll C:\Users\Ernst\jobq.dat C:\Users\Ernst\oodrrs.dll C:\Users\Ernst\oodrsurs.dll C:\Users\Ernst\oodskrec.exe C:\Users\Ernst\ooliveupdate.exe C:\Users\Ernst\oorwiz3.dll C:\Users\Ernst\oorwiz3r.dll C:\Users\Ernst\oosu.dll C:\Users\Ernst\ooviewer.dll C:\Users\Ernst\pb-setup-5.4.0701.exe Some content of TEMP: ==================== C:\Users\Ernst\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-26 07:30 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01 Ran by Ernst at 2014-10-29 07:37:33 Running from C:\Users\Ernst\Downloads Boot Mode: Normal ================================================ ========== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D- 285F-8768-AAE50FA36859} AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541- 12A1-DAEA-0033-9B8057AAB996} AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5- 349B-D564-3A83-A0F22C2DF32B} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77- 27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A- 831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2- 2B6C-32B5A979FEED} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) VIDEO DVR (HKLM-x32\...\{EBD0EE76-2CFC-4EE5-AFE6- 7EEAA3B14332}) (Version: 2012.04.17 - -) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702- 0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620- E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft) AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\... \{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7 -1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden Apple Application Support (HKLM-x32\...\{78002155-F025- 4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38- 4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9- 4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo Burning Studio 2013 v.11.0.5 (HKLM-x32\... \{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG) Ashampoo Slideshow Studio 2012 v.1.0.2 (HKLM-x32\... \{91B33C97-65E9-BC54-E48F-B5E531F7886F}_is1) (Version: 1.0.2 - Ashampoo GmbH & Co. KG) Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF- 41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.0.0.0 - Auslogics Labs Pty Ltd) Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318- cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira) AvsP (HKLM-x32\...\AvsP_is1) (Version: - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3- 2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.33 - Abelssoft) Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA- 4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix) CrystalDiskInfo 6.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.1 - Crystal Dew World) DHTML Editing Component (HKLM-x32\...\{2EA870FA- 585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Digieffects Phenomena Particle Effects (HKLM-x32\... \MAGIX_{B2D05F0A-841B-459F-8D2B-1802DB6449C8}) (Version: 1.0.0.1 - MAGIX AG) Digieffects Phenomena Particle Effects (Version: 1.0.0.1 - MAGIX AG) Hidden DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14 -B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software) DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF- 43C8-AE6A-D03E82BC67A2_is1) (Version: 0.9.5.4 - Tin2tin) EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) EPSON TWAIN 5 (HKLM-x32\...\{254BEB3E-1085-4D66- 9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.) FamilySearch Indexing 3.15.1 (HKLM-x32\...\0591-8077- 9297-0833) (Version: 3.15.1 - FamilySearch) FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse) Firebird SQL Server - MAGIX Edition (HKLM-x32\... \{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9- BC43FB6782C1}_is1) (Version: 2.1.32.905 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.) Free Audio Converter version 5.0.22.128 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.22.128 - DVDVideoSoft Ltd.) Free DVD Video Converter version 2.0.22.922 (HKLM-x32\... \Free DVD Video Converter_is1) (Version: 2.0.22.922 - DVDVideoSoft Ltd.) Free MP4 Video Converter version 5.0.39.430 (HKLM-x32\... \Free MP4 Video Converter_is1) (Version: 5.0.39.430 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.46.923 (HKLM-x32\... \Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.) GfK ConsumerClient 3.2 (HKLM-x32\...\GfK ConsumerClient_is1) (Version: - GfK Austria) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Glary Utilities 5.11 (HKLM-x32\...\Glary Utilities 5) (Version: 5.11.0.23 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.) Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86- 879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40- B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk Plugin (HKLM-x32\...\{A7E7E283-8AB2-3EFE- A3BD-8482F72BAFCF}) (Version: 3.16.0.12200 - Google) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0- 4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.) GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) HappyFoto-Designer 5.1 (HKLM-x32\...\HappyFoto- Designer_is1) (Version: - ) HDD Guardian 0.6.1 (HKLM-x32\...\{F67EF53C-11BF-4EC8 -B025-EC85CABA50B5}) (Version: - ) Helix YUV Codecs (remove only) (HKLM-x32\... \HelixYUVCodecs) (Version: - ) HOFER Bestellsoftware 4.12.1 (HKLM-x32\...\HOFER Bestellsoftware) (Version: 4.12.1 - ORWO Net) honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA- E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech) iDRS(tm) OCR Software by I.R.I.S (HKLM-x32\...\iDRS(tm) OCR Software by I.R.I.S) (Version: 1.00.13.00 - Samsung Electronics Co., Ltd.) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - ) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A- 41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\... \{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden iTunes (HKLM\...\{F46AA0F1-E284-4878-A462- 5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4 -87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4- 87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Livebrush Lite (x32 Version: 1.5 - MoreMeYou) Hidden LMMS 0.4.10 (HKLM-x32\...\lmms) (Version: 0.4.10 - LMMS Developers) MAGIX 3D Maker 7 Download-Version (HKLM-x32\... \MAGIX_MSI_3D7) (Version: 7.0.0.482 - MAGIX AG) MAGIX 3D Maker 7 Download-Version (x32 Version: 7.0.0.482 - MAGIX AG) Hidden MAGIX Music Maker for MySpace 15.0.1.8 (D) (HKLM- x32\...\MAGIX Music Maker for MySpace D) (Version: 15.0.1.8 - MAGIX AG) MAGIX Screenshare (HKLM-x32\...\MAGIX_{06A60F3C- B270-42FE-B49E-244657482573}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden MAGIX Slideshow Maker 2 (HKLM-x32\... \MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.8 - MAGIX AG) MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.8 - MAGIX AG) Hidden MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_ {F30AE017-6791-43F1-8591-D31EDDDDFF1A}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (Demo) (HKLM-x32\... \MAGIX_{FFE3FC8E-1CF2-4E59-B238-20C3F6A50EC2}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Video deluxe 2013 Premium (Demo) (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (Digieffects Phenomena) (HKLM-x32\...\MAGIX_{6F6BB3DF-C1AA-45A5-9C68- EC9C7D04532C}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Video deluxe 2013 Premium (Digieffects Phenomena) (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (Filmvorlagen) (HKLM- x32\...\MAGIX_{EC2C6B52-3A9B-496C-AF87- 942048549D1B}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Video deluxe 2013 Premium (Filmvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (HKLM-x32\...\MAGIX_ {47E960B1-A285-4D31-87BA-4D2936FC8FF1}) (Version: 12.0.0.32 - MAGIX AG) MAGIX Video deluxe 2013 Premium (NewBlueFX Video Essentials IV) (HKLM-x32\...\MAGIX_{CAB61998-F4A7- 4EB4-9C59-72110F5461C8}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Video deluxe 2013 Premium (NewBlueFX Video Essentials IV) (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (Soundtrack Maker- Stile) (HKLM-x32\...\MAGIX_{A13907E8-5967-4B91-9DE5- F63ED4C4A71B}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Video deluxe 2013 Premium (Soundtrack Maker- Stile) (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (Überblendeffekte) (HKLM-x32\...\MAGIX_{CA701D10-C1B3-4FD1-97B8- 2C78EB974CAF}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Video deluxe 2013 Premium (Überblendeffekte) (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (Vasco da Gama 6 HD MAGIX Edition) (HKLM-x32\...\MAGIX_{59A402D7-AD63- 4FEF-B5AD-9774AE2DAFE9}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Video deluxe 2013 Premium (Vasco da Gama 6 HD MAGIX Edition) (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (Version: 12.0.0.32 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Premium (Video Plugins) (HKLM-x32\...\MAGIX_{D3EF8C39-9E84-4EB0-AD09- 0C2FA6E08C8C}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Video deluxe 2013 Premium (Video Plugins) (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe MX Plus Sonderedition (HKLM-x32\... \MAGIX_{876C2B35-5C72-4E21-8BAA-67BAE24E35E2}) (Version: 11.0.5.0 - MAGIX AG) MAGIX Video deluxe MX Plus Sonderedition (x32 Version: 11.0.5.0 - MAGIX AG) Hidden MAGIX Video deluxe Premium 2013 Update (Version: 12.0.1.4 - MAGIX AG) Hidden MAGIX Video deluxe Premium 2013 Update (Version: 12.0.3.4 - MAGIX AG) Hidden MAGIX Video deluxe Premium 2013 Update (Version: 12.0.4.2 - MAGIX AG) Hidden MAGIX Xtreme Druck Center 5.0.0.7399 (D) (HKLM-x32\... \MAGIX Xtreme Druck Center D) (Version: 5.0.0.7399 - MAGIX AG) MAGIX Xtreme Web Designer 5 Download-Version 5.0.1.8620 (D) (HKLM-x32\...\MAGIX Xtreme Web Designer 5 Download-Version D) (Version: 5.0.1.8620 - MAGIX AG) Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM- x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\... \{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44- E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\... \{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\... \Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8 -2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\... \{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\... \{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\... \{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\... \{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\... \{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8- 22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356- 3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72- A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F- 21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9- 88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167- 68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation) MoboRobo 2.1.8.215 (HKLM-x32\...\{02B934E4-C574-4605 -842B-01CD16295185}_is1) (Version: 2.1.8.215 - MoboRobo Inc.) Mozilla Firefox 33.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 en-US)) (Version: 33.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\... \MozillaMaintenanceService) (Version: 31.2.0 - Mozilla) Mozilla Thunderbird 31.2.0 (x86 en-US) (HKLM-x32\... \Mozilla Thunderbird 31.2.0 (x86 en-US)) (Version: 31.2.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F- 4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\... \{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\... \{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others) MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - ) MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7128 - MyHeritage.com) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\... \{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} _Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186 -46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952- 0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186- 46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186 -46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\... \{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} _Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden O&O DiskRecovery (HKLM\...\{635436AD-C111-4DD7-B532 -F1B162661028}) (Version: 9.0.223 - O&O Software GmbH) OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D- A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - ) paint.net (HKLM\...\{F509C1F4-0029-49F9-B145- A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40 -94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.) Perfect Effects 8 (HKLM-x32\...\{ABC791C9-E95B-40C8- 8BDD-F5E84E2E268B}) (Version: 8.1.0 - onOne Software) Personal Backup 5.4 (HKLM-x32\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev) Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev) Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.) Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28- E2EF88D83DFD}) (Version: 5.2.5 - Ihr Firmenname) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83 -42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496- 933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek High Definition Audio Driver (HKLM-x32\... \{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) runtastic Connect Version 1.0.8 (HKLM-x32\...\{55A5F70F- 0E08-4894-AA46-3E67E4833E3D}_is1) (Version: 1.0.8 - runtastic GmbH) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696 -4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG Mobile Composite Device Software (HKLM\... \SAMSUNG Mobile Composite Device) (Version: - ) SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - ) Samsung Mobile phone USB driver Drive Software (HKLM\... \Samsung Mobile phone USB driver Drive) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\... \SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM\... \SAMSUNG Mobile USB Modem) (Version: - ) Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.25.01 - Samsung Electronics Co., Ltd.) Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9- 417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.) Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.36.00 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (HKLM-x32\...\InstallShield_ {698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.03.00 - Samsung Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000- 0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53- 4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden ShiftN 4.0 (HKLM-x32\...\ShiftN_is1) (Version: 4.0 - Marcus Hebel) Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories) SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE- 8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0- 81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8- 5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524- 78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.) Spotify (HKCU\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886- 4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer- Networking Ltd.) SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87- 2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC) Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E- 4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726- 9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP- LINK) TP-LINK Drahtlos Tool (HKLM-x32\...\{B9A431FF-FDB1- 40E5-B5F3-215290FD62DE}) (Version: 7.0 - TP-LINK) TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.3020.2 - TuneUp Software) TuneUp Utilities 2013 (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden Vasco da Gama 6 HD MAGIX Edition (HKLM-x32\... \{9432F8D1-09C7-4C78-8F68-B163206698CD}) (Version: 6.50.0000 - MotionStudios) VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden Video Essentials IV for Magix (HKLM-x32\...\NewBlue Video Essentials IV for Magix) (Version: 3.0 - NewBlue) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Wartung Samsung CLX-6220 Series (HKLM-x32\...\Samsung CLX-6220 Series) (Version: - Samsung Electronics Co.,Ltd) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6- 9A44-96258C37C812}_is1) (Version: - Wargaming.net) XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.) XnConvert 1.65 (HKLM-x32\...\XnConvert_is1) (Version: 1.65 - Gougelet Pierre-e) XnView 2.24 (HKLM-x32\...\XnView_is1) (Version: 2.24 - Gougelet Pierre-e) xp-AntiSpy 3.98-2 (HKLM-x32\...\xp-AntiSpy) (Version: - Christian Taubenheim) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 20-10-2014 18:19:17 Geplanter Prüfpunkt 25-10-2014 06:24:51 Installed SpyHunter ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2012-07-06 18:41 - 00000864 ____N C: \Windows\system32\Drivers\etc\hosts 127.0.0.1 validation.sls.microsoft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {013508E8-69BE-4825-ACEA-7B9CB3051CDF} - System32\Tasks \TuneUpUtilities_Task_BkGndMaintenance2013 => C: \Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software) Task: {022BB42C-A61A-49CB-855C-478EDDD6E9EF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe Task: {3FFBF332-7375-42A4-8E79-8CA808D6F32A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1 -5-21-1452134163-409198413-971361212-1000 => C: \Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {4113C7D8-0A71-43AD-93D6-F144BEF33FC7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {5FADB0CD-6E74-4B78-866B-145AF2622BA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C: \Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07] (Google Inc.) Task: {6BECE35E-F258-47CD-8A22-E6D5862C0453} - System32\Tasks\Real Player-Online- Aktualisierungsprogramm => C:\Program Files (x86)\Real \RealPlayer\update\realsched.exe [2014-10-21] (RealNetworks, Inc.) Task: {6F5E2E90-0C3B-49E4-8790-33F74561B62B} - System32\Tasks\{0E309762-8DE8-42B8-A4FE- 6AEA3FCD9FD0} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer? LastError=1618 Task: {741C1253-C997-4E4F-876D-F71594355C6E} - System32\Tasks\Microsoft\Windows\WindowsBackup \AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {75FBFB81-B8A3-4B76-A64A-1FE289D38EF8} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM \1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated) Task: {818C883B-BE78-4233-A7F8-FEB7BDCB6618} - System32\Tasks \RealDownloaderDownloaderScheduledTaskS-1-5-21- 1452134163-409198413-971361212-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader \recordingmanager.exe [2013-08-14] (RealNetworks, Inc.) Task: {8AE75C2D-A882-4019-96A1-0211A7D87B22} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014- 07-11] (Oracle Corporation) Task: {916C458F-A8EC-4706-BEC1-10F46B023214} - System32\Tasks\Adobe Flash Player Updater => C:\Windows \SysWOW64\Macromed\Flash \FlashPlayerUpdateService.exe [2014-10-29] (Adobe Systems Incorporated) Task: {96D193A5-CAA5-4FC4-87F5-C252D2CE06A9} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-09-19] (CHIP) Task: {99DC05B6-E7C7-404C-8714-60FAE671707F} - System32\Tasks\GoogleUpdateTaskMachineUA => C: \Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07] (Google Inc.) Task: {9B4F27EB-CB2E-4CC5-A34B-06F1162F1BAE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5- 21-1452134163-409198413-971361212-1000 => C: \Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {D8B2D828-D183-480E-9749-B2AC63A87FD4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {E372E1BE-A008-40A3-91C6-EF571E11365A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-10-28] (Glarysoft Ltd) Task: {E49DE805-4A8D-4728-843D-CE7A757E2C87} - System32\Tasks \RealDownloaderRealUpgradeScheduledTaskS-1-5-21- 1452134163-409198413-971361212-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {EFD06B77-4DA0-4B21-A408-353B0A4D69FB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {F1E228D3-411C-49A6-BFF9-9E02B4E03598} - System32\Tasks\Google Updater and Installer => C:\Users \Ernst\AppData\Local\Google\Update\GoogleUpdate.exe Task: {F426C84B-4070-4CE6-8EAF-C92546F26A0C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-10-28] (Glarysoft Ltd) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash \FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe Task: C:\Windows\Tasks \GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-07-06 18:24 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display \NvSmartMax64.dll 2013-01-03 20:08 - 2000-01-01 01:00 - 00034304 _____ () C:\Windows\System32\spd__l.dll 2014-03-03 19:17 - 2000-01-01 01:00 - 00034304 _____ () C:\Windows\System32\spe__l.dll 2009-11-13 03:40 - 2009-11-13 03:40 - 00027648 _____ () C:\Windows\System32\ssy2cl6.dll 2014-09-21 07:09 - 2014-09-11 07:06 - 00020240 _____ () C:\Windows\system32\spool\PRTPROCS \x64\TeamViewer_PrintProcessor.dll 2014-10-15 12:37 - 2014-10-15 12:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe 2014-10-15 13:03 - 2014-10-15 13:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll 2014-10-15 13:04 - 2014-10-15 13:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll 2013-08-02 13:31 - 2014-07-31 15:51 - 00072184 _____ () C:\Program Files (x86)\Moborobo \MoboroboDeviceService.exe 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared \OFFICE14\Cultures\OFFICE.ODF 2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader \rndlresolversvc.exe 2013-08-02 13:31 - 2014-07-31 15:54 - 00941632 _____ () C:\Program Files (x86)\Moborobo\DriverInstall.dll 2014-07-06 06:31 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-07-06 06:31 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-07-06 06:31 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-07-06 06:31 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2014-07-06 06:31 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av \BDSmartDB.dll 2014-10-28 03:07 - 2014-10-28 03:07 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll 2014-10-16 10:15 - 2014-10-16 10:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared \OFFICE14\Cultures\OFFICE.ODF 2014-10-17 14:49 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application \38.0.2125.104\libglesv2.dll 2014-10-17 14:49 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application \38.0.2125.104\libegl.dll 2014-10-17 14:49 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application \38.0.2125.104\pdf.dll 2014-10-17 14:49 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application \38.0.2125.104\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:07BF512B AlternateDataStreams: C:\ProgramData\TEMP:E8BE05FA AlternateDataStreams: C:\Users\Ernst \Downloads:Shareaza.GUID AlternateDataStreams: C:\Users\Ernst\Documents\1.doc: {4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: C:\Users\Ernst\Documents\Platz 01.jpg:com.dropbox.attributes AlternateDataStreams: C:\Users\Ernst\Documents\Platz 02 Gumpenberger Robert - Reifrose.jpg:com.dropbox.attributes AlternateDataStreams: C:\Users\Ernst\Documents\Platz 03 Gumpenberger Robert - Watzmann von Andiesen.JPG:com.dropbox.attributes ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support \APSDaemon.exe" MSCONFIG\startupreg: Family Tree Builder Update => C: \Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Spotify Web Helper => "C:\Users \Ernst\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\ZTE Join Air\UIExec.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-1452134163-409198413- 971361212-500 - Administrator - Disabled) Ernst (S-1-5-21-1452134163-409198413-971361212-1000 - Administrator - Enabled) => C:\Users\Ernst Gast (S-1-5-21-1452134163-409198413-971361212-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1452134163-409198413- 971361212-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/29/2014 07:05:31 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0x1718 Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0 Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1 Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2 Berichtskennung: DATA BECKER Update Service.exe3 Error: (10/29/2014 07:00:57 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/28/2014 05:10:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0xb74 Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0 Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1 Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2 Berichtskennung: DATA BECKER Update Service.exe3 Error: (10/28/2014 05:07:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/27/2014 04:29:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/27/2014 04:43:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0x17ec Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0 Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1 Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2 Berichtskennung: DATA BECKER Update Service.exe3 Error: (10/27/2014 04:39:51 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/26/2014 08:53:50 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "S:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)" Error: (10/26/2014 08:45:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/26/2014 07:06:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0xc74 Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0 Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1 Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2 Berichtskennung: DATA BECKER Update Service.exe3 System errors: ============= Error: (10/29/2014 07:01:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: StarOpen UimBus Uim_IM Uim_VIM Error: (10/29/2014 07:01:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht. Error: (10/29/2014 07:00:24 AM) (Source: Microsoft- Windows-BitLocker-Driver) (EventID: 24620) (User: NT- AUTORITÄT) Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{a2f5cffb-c78d-11e1- a6b4-806e6f6e6963}" können nicht gelesen werden. Error: (10/29/2014 07:00:24 AM) (Source: Microsoft- Windows-BitLocker-Driver) (EventID: 24620) (User: NT- AUTORITÄT) Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{dfbb2773-ccde-11e1- a00a-806e6f6e6963}" können nicht gelesen werden. Error: (10/29/2014 07:00:13 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (10/28/2014 05:08:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: StarOpen UimBus Uim_IM Uim_VIM Error: (10/28/2014 05:05:38 AM) (Source: Microsoft- Windows-BitLocker-Driver) (EventID: 24620) (User: NT- AUTORITÄT) Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{a2f5cffb-c78d-11e1- a6b4-806e6f6e6963}" können nicht gelesen werden. Error: (10/28/2014 05:05:38 AM) (Source: Microsoft- Windows-BitLocker-Driver) (EventID: 24620) (User: NT- AUTORITÄT) Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{dfbb2773-ccde-11e1- a00a-806e6f6e6963}" können nicht gelesen werden. Error: (10/28/2014 05:05:15 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (10/27/2014 04:30:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: StarOpen UimBus Uim_IM Uim_VIM Microsoft Office Sessions: ========================= Error: (10/29/2014 07:05:31 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: DATA BECKER Update Service.exe0.0.4.14d89246bntdll.dll6.1.7601.18247521ea8e7 c0000374000ce753171801cff33e56b28388C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows \SysWOW64\ntdll.dll962689e9-5f31-11e4-9581- 50e549d64120 Error: (10/29/2014 07:00:57 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/28/2014 05:10:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: DATA BECKER Update Service.exe0.0.4.14d89246bntdll.dll6.1.7601.18247521ea8e7 c0000374000ce753b7401cff26521d07720C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows \SysWOW64\ntdll.dll61566c78-5e58-11e4-8245- 50e549d64120 Error: (10/28/2014 05:07:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/27/2014 04:29:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/27/2014 04:43:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: DATA BECKER Update Service.exe0.0.4.14d89246bntdll.dll6.1.7601.18247521ea8e7 c0000374000ce75317ec01cff198344576b7C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows \SysWOW64\ntdll.dll733ce0dd-5d8b-11e4-a45b- 50e549d64120 Error: (10/27/2014 04:39:51 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/26/2014 08:53:50 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: S:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006) Error: (10/26/2014 08:45:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/26/2014 07:06:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: DATA BECKER Update Service.exe0.0.4.14d89246bntdll.dll6.1.7601.18247521ea8e7 c0000374000ce753c7401cff0e2ef0162fbC:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dll2e76f610 -5cd6-11e4-96bd-50e549d64120 CodeIntegrity Errors: =================================== Date: 2014-10-11 09:26:02.266 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:26:02.163 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:25:56.400 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:25:56.300 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:25:21.066 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:25:20.966 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:25:15.574 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:25:15.474 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:24:25.794 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-11 09:24:25.674 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo \MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz Percentage of memory in use: 34% Total physical RAM: 8175.24 MB Available physical RAM: 5374.69 MB Total Pagefile: 16348.66 MB Available Pagefile: 12996.73 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:465.46 GB) (Free:33.6 GB) NTFS Drive i: (Windows) (Fixed) (Total:94.14 GB) (Free:37.34 GB) NTFS ==================== MBR & Partition Table ================== ================================================ ======== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1C3101F6) Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.5 GB) - (Type=07 NTFS) ================================================ ======== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 04B6B96D) Partition 1: (Not Active) - (Size=17.6 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=94.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================
__________________ Lebe die Gegenwart , gestalte die Zukunft , die Vergangenheit kannst du nicht mehr ändern . |
|
29.10.2014, 19:38
| #8 |
| /// the machine /// TB-Ausbilder | Bitable.com - widerspenstig und unlöschbar? So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Und mach mal WordWrap raus in deinem Editor. Das Log ist ja unlesbar.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Bitable.com - widerspenstig und unlöschbar? |
| ebenfalls, einstellungen, einträge, fehlercode 0x81000006, fehlercode 0xc0000374, fehlercode windows, firefox, gesucht, googeln, installiert, löschbar, löschen, rechner, spyhunter, spyhunter entfernen, startseite, unlöschbar, vorhanden, windows |
Linear-Darstellung
