| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "bat=exe" Fehlermeldungen bei Windows 7 StartWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
22.08.2014, 13:36
| #1 |
 |  "bat=exe" Fehlermeldungen bei Windows 7 Start Hallo Leute, ein Laptop von einen bekannten bekommt beim Starten ca 15 cmd Fenster und die Fehlermeldung: "bat=exe" konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang" Dieses kann man dann ca 15x mit OK Bestätigen und dann kann man den PC nutzen. System inst Windows 7 64 Bit. Eine Systemwiederherstellung von Windows war ohne Erfolg, selbst 1 Monat in der Vergangenheit behebt das Problem nicht. Was kann ich tun? # FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2014
Ran by Manni (administrator) on LAPPI-MANNI on 22-08-2014 14:52:25
Running from C:\Users\Manni\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe [1974408 2010-03-29] (T-Systems International GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-29] (Easybits)
HKLM-x32\...\Run: [fst_de_82] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-24] (Hewlett-Packard)
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [ISUSPM Startup] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [PriceMeterW] => "C:\Users\Manni\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\MountPoints2: {0f29d6a1-9c88-11e0-ae2c-c80aa93671f0} - G:\LaunchU3.exe -a
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\MountPoints2: {b1e45b6b-1b28-11e1-ba22-c80aa93671f0} - G:\iStudio.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_ir_14_27_ff&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtAyB0CtAyDtAyB0FyEyBtN0D0Tzu0SzytCyBtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CyBtBtA0EyBzztG0CyEyBtBtG0D0DyDyBtGyByD0E0CtGtCtDtCyEtDtC0ByC0C0D0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FyBtDtDyE0EtCtGyE0DzzzztG0FyB0CtAtGtDyEzy0AtGtCyByEtA0BzztD0FtA0FyByD2Q&cr=464099971&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=6a204f59-994d-40ab-b68c-d9bdaffa677b&searchtype=ds&q={searchTerms}&installDate={installDate}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=6a204f59-994d-40ab-b68c-d9bdaffa677b&searchtype=ds&q={searchTerms}&installDate={installDate}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tmpl=8&tb_id=60368
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?tmpl=8&TbId=60368
URLSearchHook: HKLM-x32 - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File
URLSearchHook: HKCU - Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10053&barid={EC832BE0-0DA5-11E3-9493-C80AA93671F0}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_ir_14_27_ff&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtAyB0CtAyDtAyB0FyEyBtN0D0Tzu0SzytCyBtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CyBtBtA0EyBzztG0CyEyBtBtG0D0DyDyBtGyByD0E0CtGtCtDtCyEtDtC0ByC0C0D0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FyBtDtDyE0EtCtGyE0DzzzztG0FyB0CtAtGtDyEzy0AtGtCyByEtA0BzztD0FtA0FyByD2Q&cr=464099971&ir=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=6a204f59-994d-40ab-b68c-d9bdaffa677b&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_ir_14_27_ff&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtAyB0CtAyDtAyB0FyEyBtN0D0Tzu0SzytCyBtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CyBtBtA0EyBzztG0CyEyBtBtG0D0DyDyBtGyByD0E0CtGtCtDtCyEtDtC0ByC0C0D0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FyBtDtDyE0EtCtGyE0DzzzztG0FyB0CtAtGtDyEzy0AtGtCyByEtA0BzztD0FtA0FyByD2Q&cr=464099971&ir=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5E7FF07BCB37C353&affID=119557&tsp=4962
SearchScopes: HKCU - {16ED00DE-DF19-4BC9-9E03-52C3121B7124} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP76F65E04-BF3E-4CAD-B520-C67C175B67EE&q={searchTerms}&SSPV=
SearchScopes: HKCU - {8E25DF21-98F1-47A6-A2A4-3C261D916603} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE498
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid={EC832BE0-0DA5-11E3-9493-C80AA93671F0}&crg=3.5000006.10053&st=23
BHO: video MediaPlay-Air -> {11111111-1111-1111-1111-110511951199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll No File
BHO: Cinema-Plus-1.2 -> {11111111-1111-1111-1111-110611051148} -> C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho64.dll (Cinema Plus)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Cinema-Plus-1.2 -> {11111111-1111-1111-1111-110611051148} -> C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho.dll (Cinema Plus)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {990af1c2-5a27-4460-8149-ecc6bc122af3} -> No File
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: PricePeep -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> C:\Program Files (x86)\PricePeep\pricepeep.dll No File
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515
FF DefaultSearchEngine: qone8
FF SelectedSearchEngine: qone8
FF Homepage: hxxp://start.qone8.com/?type=hppp&ts=1404975844&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Cinema-Plus-1.2 - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com [2014-07-11]
FF Extension: video MediaPlayer - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com [2014-07-11]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By Sweetpacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-08-01]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-13]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By Sweetpacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-04-01]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\z0xngxin.default\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (YouTube) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google Search) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Boost) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn [2014-07-04]
CHR Extension: (Cinema-Plus-1.2) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom [2014-07-10]
CHR Extension: (No Name) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2013-11-29]
CHR Extension: (Norton Identity Protection) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-06-07]
CHR Extension: (Google Wallet) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2013-08-26]
CHR Extension: (Gmail) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2011-12-16]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 DFSVC; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [376832 2009-10-21] (T-Systems International GmbH) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-10] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-10] (globalUpdate) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]
S2 Update findopolis; "C:\Program Files (x86)\findopolis\updatefindopolis.exe" [X]
S2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-13] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys [525016 2014-03-31] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\ENG64.SYS [126040 2014-07-18] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\EX64.SYS [2099288 2014-07-18] (Symantec Corporation)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 TridVid; C:\Windows\System32\DRIVERS\TridVid6010.sys [287488 2010-10-10] (10Moons Technologies Co.,Ltd)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys [61112 2014-07-04] (StdLib)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-22 14:52 - 2014-08-22 14:52 - 00033033 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:48 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 13:30 - 2014-08-22 14:52 - 00000000 ____D () C:\FRST
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 10:04 - 2014-07-31 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-24 13:12 - 2014-07-25 16:22 - 00000000 ____D () C:\Users\Manni\martin
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\ProgramData\SSScanAppDataDir
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\ProgramData\MSScanAppDataDir
2014-07-23 11:00 - 2014-07-23 11:00 - 00001140 _____ () C:\Users\Manni\Desktop\Continue Zip Extractor Installation.lnk
2014-07-23 10:52 - 2014-07-30 09:52 - 00000000 ____D () C:\Users\Manni\Desktop\Arbeitssicherheit
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-22 14:52 - 2014-08-22 14:52 - 00033033 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-22 14:52 - 2014-08-22 13:30 - 00000000 ____D () C:\FRST
2014-08-22 14:52 - 2009-07-14 06:51 - 01005075 _____ () C:\Windows\setupact.log
2014-08-22 14:48 - 2014-08-22 14:45 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 14:44 - 2011-02-15 18:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-22 14:43 - 2012-05-31 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-22 14:38 - 2011-06-14 09:07 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A8B97CD3-7C97-48E7-8FFF-7B2BF938225D}
2014-08-22 14:22 - 2010-03-18 02:27 - 01486302 _____ () C:\Windows\WindowsUpdate.log
2014-08-22 14:20 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-22 14:20 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-22 14:13 - 2014-07-10 21:44 - 00001460 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5_user.job
2014-08-22 14:13 - 2014-07-10 21:44 - 00001442 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.job
2014-08-22 14:13 - 2014-07-10 21:43 - 00001562 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-1.job
2014-08-22 14:13 - 2014-07-10 21:43 - 00001360 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.job
2014-08-22 14:13 - 2014-07-10 21:42 - 00002202 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.job
2014-08-22 14:13 - 2014-07-04 15:36 - 00000934 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-22 14:13 - 2014-06-11 19:11 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-22 14:13 - 2011-02-15 18:33 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-22 14:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-22 13:56 - 2011-11-01 15:32 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-22 13:56 - 2010-12-08 16:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 12:41 - 2014-05-06 22:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-22 12:41 - 2010-11-02 13:50 - 00000000 ____D () C:\Users\Manni
2014-08-22 12:39 - 2014-07-14 16:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-08-22 12:39 - 2014-07-04 15:31 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-08-22 12:39 - 2014-05-30 17:05 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-22 12:39 - 2014-03-31 17:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-22 12:39 - 2014-01-21 13:02 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-22 12:39 - 2011-06-08 14:39 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-22 12:39 - 2010-03-18 02:43 - 00000000 ____D () C:\ProgramData\Norton
2014-08-22 12:39 - 2009-11-15 02:15 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-22 12:38 - 2014-07-08 20:15 - 00000000 ____D () C:\Program Files (x86)\F978377C-B7D4-4536-8E10-14CA97B13394
2014-08-22 12:38 - 2011-01-14 13:10 - 00000000 ____D () C:\Program Files (x86)\Inbox Toolbar
2014-08-22 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-22 12:31 - 2013-07-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-18 15:47 - 2012-06-17 14:17 - 00000000 ____D () C:\Users\Manni\Sigrid_Rezepte
2014-08-15 15:32 - 2010-11-03 15:21 - 00000000 ____D () C:\Users\Manni\Kegeln
2014-08-14 22:49 - 2013-08-14 18:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-10 08:46 - 2013-10-21 17:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-08-05 19:09 - 2010-11-13 15:30 - 00000000 ____D () C:\Users\Manni\FZ
2014-08-05 11:30 - 2014-05-30 17:01 - 00000000 ____D () C:\temp
2014-08-01 12:39 - 2013-11-29 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 17:36 - 2011-06-16 16:24 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 17:36 - 2011-06-16 16:23 - 315134067 _____ () C:\Windows\MEMORY.DMP
2014-07-31 16:44 - 2013-12-29 09:58 - 00000000 ____D () C:\ProgramData\Easybits Magic Desktop for HP
2014-07-31 15:47 - 2014-07-10 21:42 - 00000938 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-31 10:06 - 2014-07-31 10:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 09:52 - 2014-07-23 10:52 - 00000000 ____D () C:\Users\Manni\Desktop\Arbeitssicherheit
2014-07-29 19:48 - 2010-03-18 02:29 - 02143880 _____ () C:\Windows\PFRO.log
2014-07-25 17:58 - 2011-07-07 08:44 - 00000000 ____D () C:\Users\Manni\Aktuell
2014-07-25 16:22 - 2014-07-24 13:12 - 00000000 ____D () C:\Users\Manni\martin
2014-07-25 07:23 - 2014-07-04 16:10 - 00000000 ____D () C:\ProgramData\374311380
2014-07-24 22:35 - 2014-06-19 16:49 - 00000000 ____D () C:\Users\Manni\Desktop\Neuer Ordner
2014-07-24 22:35 - 2011-08-28 16:09 - 01024000 ___SH () C:\Users\Manni\Desktop\Thumbs.db
2014-07-24 22:28 - 2013-03-14 19:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 22:28 - 2009-11-14 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 22:12 - 2013-03-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 08:05 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\ProgramData\SSScanAppDataDir
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\ProgramData\MSScanAppDataDir
2014-07-23 11:00 - 2014-07-23 11:00 - 00001140 _____ () C:\Users\Manni\Desktop\Continue Zip Extractor Installation.lnk
Some content of TEMP:
====================
C:\Users\Manni\AppData\Local\Temp\nsc986.exe
C:\Users\Manni\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-02-25 16:11
==================== End Of Log ============================
--- --- --- #FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2014
Ran by Manni at 2014-08-22 14:56:04
Running from C:\Users\Manni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
1400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0804.2223.38385 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help English (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help French (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help German (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0804.2223.38385 - ATI) Hidden
Cinema-Plus-1.2 (HKLM-x32\...\Cinema-Plus-1.2) (Version: 1.34.7.1 - Cinema Plus)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3325 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3325 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.1.1005 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2130 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2130 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.2 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.7.0 - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 2011.02.12 - www.hardcopy.de)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 1.0.0 - Inbox.com, Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java(TM) 6 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416015FF}) (Version: 6.0.150 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
T-Home Dialerschutz-Software (HKLM-x32\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version: - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
01-08-2014 10:46:54 Windows Update
10-08-2014 06:42:14 Installed Java 7 Update 67
10-08-2014 10:13:07 Removed Java(TM) SE Development Kit 6 Update 15 (64-bit)
14-08-2014 20:31:17 Windows Update
22-08-2014 10:06:54 Wiederherstellungsvorgang
22-08-2014 11:42:31 Revo Uninstaller's restore point - Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:44:55 Removed Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:55:33 Revo Uninstaller's restore point - Search Protect
22-08-2014 11:59:40 Revo Uninstaller's restore point - video MediaPlay-Air
22-08-2014 12:26:18 Revo Uninstaller's restore point - GMX Desktop Icons
22-08-2014 12:39:18 Revo Uninstaller's restore point - GMX MailCheck für Internet Explorer
22-08-2014 12:41:38 Revo Uninstaller's restore point - GMX Softwareaktualisierung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-07-05 15:53 - 00000867 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 d3oxij66pru1i3.cloudfront.net
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {00A2143C-288B-4611-88E8-4AEFCC12549C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {0315E158-5D1B-4C24-B7BD-CB737D944E07} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {0E27F6A1-8900-45BF-B630-C819492F06C2} - System32\Tasks\cocwrgcn => C:\Users\Manni\AppData\Local\cocwrgcn.bat [2014-07-07] ()
Task: {12A909A7-A915-4690-93E4-8C739E117D95} - System32\Tasks\wfodnof => C:\Users\Manni\AppData\Local\wfodnof.bat
Task: {13C0A6FB-F1D8-45E9-BE95-CB694C9EF0C8} - System32\Tasks\koswc => C:\Users\Manni\AppData\Local\koswc.bat [2014-07-07] ()
Task: {1B68DDFB-4D08-408E-AD58-0DC7C1D78011} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5_user => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe [2014-07-10] (Cinema Plus)
Task: {1E334E91-4473-4C00-95BF-1523CC431FEC} - System32\Tasks\ttahnlby => C:\Users\Manni\AppData\Local\ttahnlby.bat [2014-07-07] ()
Task: {279301D3-A9FB-46A0-9214-C747CF76545D} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-10] (globalUpdate)
Task: {27CE954C-20F7-4E97-AC66-0AE5817FF5D7} - System32\Tasks\kfuync => C:\Users\Manni\AppData\Local\kfuync.bat [2014-07-07] ()
Task: {2C7B34C0-9642-4F1C-8B21-47A364A0CCEB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {2DC77031-4158-43E6-A0D8-9348F4AACC7A} - System32\Tasks\jgcebxt => C:\Users\Manni\AppData\Local\jgcebxt.bat
Task: {2E48DDAE-834D-414C-A0B4-6E966EB1878E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {34E8088A-C36B-429C-8DDD-7ADB2468760A} - System32\Tasks\bcidpkfz => C:\Users\Manni\AppData\Local\bcidpkfz.bat [2014-07-07] ()
Task: {37EDA866-EA3A-4CDF-80A3-6C18F6BD0313} - System32\Tasks\atviuwjb => C:\Users\Manni\AppData\Local\atviuwjb.bat [2014-07-07] ()
Task: {389AD2E4-023F-47CC-AD91-B636F7F141A3} - System32\Tasks\0 => Iexplore.exe
Task: {395760AC-D090-4C72-84A0-F51FF9671608} - System32\Tasks\vvlltc => C:\Users\Manni\AppData\Local\vvlltc.bat [2014-07-07] ()
Task: {3EB9C719-B90B-478A-8CB5-14FA78FC1DA9} - System32\Tasks\hcuojdw => C:\Users\Manni\AppData\Local\hcuojdw.bat [2014-07-07] ()
Task: {45036BD0-3DA5-4574-8854-1F68E4F2598E} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5 => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe [2014-07-10] (Cinema Plus)
Task: {452C3DE2-2BA0-455B-A340-894553A2480B} - System32\Tasks\xildor => C:\Users\Manni\AppData\Local\xildor.bat
Task: {470255AC-3406-44C6-8B03-EF695BCB09EA} - System32\Tasks\vckzyho => C:\Users\Manni\AppData\Local\vckzyho.bat [2014-07-07] ()
Task: {482F6C06-2026-4877-9AF1-D954C02AE723} - System32\Tasks\hxjbtn => C:\Users\Manni\AppData\Local\hxjbtn.bat [2014-07-07] ()
Task: {53752472-D7A0-483E-A31A-204A8E322315} - System32\Tasks\yrdwpbam => C:\Users\Manni\AppData\Local\yrdwpbam.bat [2014-07-07] ()
Task: {568FC11B-13C4-49BB-BB4F-321161212AAA} - System32\Tasks\cxmbwla => C:\Users\Manni\AppData\Local\cxmbwla.bat [2014-07-07] ()
Task: {57637382-1B1F-45D2-A198-2540635520E6} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2 => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.exe [2014-07-10] (Cinema Plus)
Task: {59FF3560-52B4-4010-9A5C-9EB85C868435} - System32\Tasks\pricemeterdownloader => C:\Users\Manni\AppData\Local\PriceMeter\pricemeterd.exe
Task: {5A63283D-215D-4428-8543-0BAD7DED2AE6} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5D83D403-C505-4611-800F-7988B37C0742} - System32\Tasks\thlxdj => C:\Users\Manni\AppData\Local\thlxdj.bat [2014-07-07] ()
Task: {5EEC57B0-4161-4A0B-83CD-0774565ED408} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {62354AA0-9626-4046-94DB-35143ED1C08A} - System32\Tasks\rwbfjosw => C:\Users\Manni\AppData\Local\rwbfjosw.bat [2014-07-07] ()
Task: {6596B45D-E47E-4C1B-A5E0-D241F21430B4} - System32\Tasks\4680 => Wscript.exe C:\Users\Manni\AppData\Local\Temp\launchie.vbs //B
Task: {68F6D1D5-5AF5-4D8D-833D-97D113BB174C} - System32\Tasks\cmymq => C:\Users\Manni\AppData\Local\cmymq.bat
Task: {70380FC0-647A-4D69-A5B9-152A28069808} - System32\Tasks\cncwr => C:\Users\Manni\AppData\Local\cncwr.bat [2014-07-07] ()
Task: {802A4CBD-8C34-409E-A27A-7BB66BCB8968} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-10] (globalUpdate)
Task: {86F52852-72F6-442B-B69F-2582D219A477} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {97BAAC2D-ABB2-4594-A3D0-641A86D3AF81} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A04C623C-5D83-4B46-B3A5-AFF3211AB742} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {A25851BB-A2DE-49F0-88D0-E2E6804C50B1} - System32\Tasks\zercimy => C:\Users\Manni\AppData\Local\zercimy.bat [2014-07-07] ()
Task: {A4858354-CF83-4B64-8334-AD10685C8292} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4 => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.exe [2014-07-10] (Cinema Plus)
Task: {AAC68578-92E8-4703-A1C8-C20D6AF38F62} - System32\Tasks\euldbj => C:\Users\Manni\AppData\Local\euldbj.bat [2014-07-07] ()
Task: {B0440841-1685-43F0-BDFE-0EE014FCF809} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION
Task: {B4753996-0693-45AB-B44E-629A03944B11} - System32\Tasks\ckcqenf => C:\Users\Manni\AppData\Local\ckcqenf.bat [2014-07-07] ()
Task: {B4F95A3E-4981-4D61-A7B3-AB7861AD9E9F} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-1 => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-codedownloader.exe [2014-07-10] (Cinema Plus)
Task: {BB656CB5-DD11-4A97-979B-45104C51E9A3} - System32\Tasks\blerf => C:\Users\Manni\AppData\Local\blerf.bat
Task: {BDD59F76-4315-48B1-945F-B2E4CDE7F910} - System32\Tasks\jfcyuqn => C:\Users\Manni\AppData\Local\jfcyuqn.bat [2014-07-07] ()
Task: {C4BEB79C-0B57-4EB6-A170-AE20FCF84421} - System32\Tasks\dultkbj => C:\Users\Manni\AppData\Local\dultkbj.bat [2014-07-07] ()
Task: {C7E4A8C7-0A49-40DB-B0B0-76F7B7E14CC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {CBAF75D9-4A25-4041-A2F5-5FB4214D7480} - System32\Tasks\rdfqa => C:\Users\Manni\AppData\Local\rdfqa.bat
Task: {D6720897-3796-4410-B465-BDFD4C6B848A} - System32\Tasks\cnaob => C:\Users\Manni\AppData\Local\cnaob.bat [2014-07-07] ()
Task: {D9D9CEEA-736D-42F6-82B0-2317C9599064} - System32\Tasks\sxbadc => C:\Users\Manni\AppData\Local\sxbadc.bat [2014-07-07] ()
Task: {DB802726-D195-4A90-98D6-1DA8CA90B528} - System32\Tasks\ykvhrd => C:\Users\Manni\AppData\Local\ykvhrd.bat
Task: {DE7CAB67-59AD-4664-8A09-62E328D2C103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E26D4FC0-020D-4882-A2CA-122EF3642D99} - System32\Tasks\tbhutb => C:\Users\Manni\AppData\Local\tbhutb.bat [2014-07-07] ()
Task: {E41A9173-3D19-4554-8AB5-BA876DFE5441} - System32\Tasks\numss => C:\Users\Manni\AppData\Local\numss.bat [2014-07-07] ()
Task: {E41F8BE0-222B-4402-8CD1-AB2C2C0C98FD} - System32\Tasks\cfaefde => C:\Users\Manni\AppData\Local\cfaefde.bat [2014-07-07] ()
Task: {E96E061B-0CC6-4D5C-A090-A798A94DF377} - System32\Tasks\kawlb => C:\Users\Manni\AppData\Local\kawlb.bat [2014-07-07] ()
Task: {EBC9B429-D6AE-4B26-A4D0-F579ABAD46A5} - System32\Tasks\psbwfitn => C:\Users\Manni\AppData\Local\psbwfitn.bat [2014-07-07] ()
Task: {EEECBA7C-C3ED-4744-84A9-B8BAF396CA8A} - System32\Tasks\eljqou => C:\Users\Manni\AppData\Local\eljqou.bat
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-1.job => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-codedownloader.exe
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.job => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.exe
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.job => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.exe
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.job => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5_user.job => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-01-23 12:23 - 2010-04-21 10:59 - 00058880 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_x64.dll
2009-11-14 19:25 - 2009-07-06 21:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-03-01 13:37 - 2008-12-02 14:21 - 00041984 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 16:46 - 2009-10-02 16:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-03-18 02:25 - 2010-03-18 02:25 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2011-01-23 12:23 - 2010-04-21 11:00 - 00058368 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_Win32.dll
2011-03-01 13:37 - 2011-02-04 09:35 - 00815616 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2011-03-01 13:37 - 2010-09-30 10:14 - 00055296 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_03.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/22/2014 02:15:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: Lappi-Manni)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/22/2014 01:36:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 21.8.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1398
Startzeit: 01cfbdfc72054406
Endzeit: 60
Anwendungspfad: C:\Users\Manni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UBWI1AG\FRST64.exe
Berichts-ID: 7f004efe-29f0-11e4-ab33-c80aa93671f0
Error: (08/22/2014 08:33:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 724
Startzeit: 01cfbb66d70faea7
Endzeit: 0
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 32bfbbd7-29c6-11e4-b029-c80aa93671f0
Error: (08/18/2014 09:44:39 AM) (Source: globalUpdate Update) (EventID: 1) (User: NT-AUTORITÄT)
Description: globalUpdate Update has encountered a fatal error.
ver=1.3.25.0.private;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files (x86)\globalUpdate\CrashReports\98bc82b4-87da-4853-9b79-5cb43f836e8c.dmp
Error: (08/16/2014 11:34:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm cmd.exe, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b3c
Startzeit: 01cfb9344f38d8a6
Endzeit: 312
Anwendungspfad: C:\Windows\SYSTEM32\cmd.exe
Berichts-ID: 75ce7901-2528-11e4-9698-c80aa93671f0
Error: (08/16/2014 11:29:46 AM) (Source: MsiInstaller) (EventID: 1024) (User: Lappi-Manni)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/15/2014 10:05:29 AM) (Source: MsiInstaller) (EventID: 1024) (User: Lappi-Manni)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/13/2014 04:25:59 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {16cbb024-e2c8-4a7a-87f8-21379c840df4}
Error: (08/10/2014 08:49:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17207, Zeitstempel: 0x53a20c50
Name des fehlerhaften Moduls: Cinema-Plus-1.2-bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53bdbd1d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02eda65c
ID des fehlerhaften Prozesses: 0xb14
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (08/07/2014 11:09:21 AM) (Source: globalUpdate Update) (EventID: 1) (User: NT-AUTORITÄT)
Description: globalUpdate Update has encountered a fatal error.
ver=1.3.25.0.private;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files (x86)\globalUpdate\CrashReports\968cb9e4-9e11-41b8-aeca-d49e436a0676.dmp
System errors:
=============
Error: (08/22/2014 02:13:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BHDrvx64
SRTSP
Error: (08/22/2014 02:13:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update findopolis" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/22/2014 02:12:55 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (08/22/2014 02:12:38 PM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.
Error: (08/22/2014 01:20:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (08/22/2014 01:19:56 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (08/22/2014 01:16:03 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (08/22/2014 00:41:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BHDrvx64
SRTSP
Error: (08/22/2014 00:41:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update findopolis" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/22/2014 00:41:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5.
Microsoft Office Sessions:
=========================
Error: (07/29/2014 10:26:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 116 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/29/2014 10:25:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 253 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/08/2014 00:06:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.
Error: (08/29/2013 05:42:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14026 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/13/2012 00:34:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1107 seconds with 240 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-08-22 14:52:21.161
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 14:39:16.298
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 14:24:54.170
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 12:08:41.049
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 07:22:24.312
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 08:17:50.468
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-16 11:38:13.950
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-15 10:32:30.832
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-14 12:38:46.136
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-13 15:28:27.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II Dual-Core M320
Percentage of memory in use: 70%
Total physical RAM: 1788.2 MB
Available physical RAM: 525.07 MB
Total Pagefile: 3576.4 MB
Available Pagefile: 1601.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:219.13 GB) (Free:143.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.46 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 041DF713)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End Of Log ============================
Geändert von 0815Horst (22.08.2014 um 13:58 Uhr) |
|
22.08.2014, 16:49
| #2 |
| /// TB-Ausbilder   | "bat=exe" Fehlermeldungen bei Windows 7 Start Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Da gibt es viel zu tun... wir beginnen erst mal so: Scan mit Combofix
|
|
23.08.2014, 10:39
| #3 |
| | "bat=exe" Fehlermeldungen bei Windows 7 Start Hallo Matthias,
__________________hier ist Norton 360 online drauf. Habe es einfach nciht deaktiviert bekommen. Leider gab Google auch keine Hilfe. Habe es durchlaufen lassen trotz Norton: Code:
ATTFilter ComboFix 14-08-21.01 - Manni 23.08.2014 11:07:31.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1788.432 [GMT 2:00]
ausgeführt von:: c:\users\Manni\Desktop\ComboFix.exe
AV: Norton 360 Online *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Norton 360 Online *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton 360 Online *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Cinema-Plus-1.2
c:\program files (x86)\Cinema-Plus-1.2\1293297481.mxaddon
c:\program files (x86)\Cinema-Plus-1.2\360-60548.crx
c:\program files (x86)\Cinema-Plus-1.2\60548.crx
c:\program files (x86)\Cinema-Plus-1.2\60548.xpi
c:\program files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.exe
c:\program files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.exe
c:\program files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe
c:\program files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4.crx
c:\program files (x86)\Cinema-Plus-1.2\background.html
c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho.dll
c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho64.dll
c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-codedownloader.exe
c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2.ico
c:\program files (x86)\Cinema-Plus-1.2\Uninstall.exe
c:\programdata\374311380
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-23 bis 2014-08-23 ))))))))))))))))))))))))))))))
.
.
2014-08-23 09:21 . 2014-08-23 09:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-23 09:01 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-23 09:01 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-23 09:01 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-23 09:01 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-23 09:00 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-23 09:00 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-23 09:00 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-23 09:00 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-08-22 13:01 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-22 13:01 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-22 13:01 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-22 13:01 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-22 13:01 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-22 13:01 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-22 13:01 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-22 13:01 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-22 11:53 . 2014-07-16 03:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-22 11:53 . 2014-07-16 02:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-08-22 11:53 . 2014-06-03 10:02 3241984 ----a-w- c:\windows\system32\msi.dll
2014-08-22 11:53 . 2014-06-03 10:02 1941504 ----a-w- c:\windows\system32\authui.dll
2014-08-22 11:53 . 2014-06-03 09:29 2363392 ----a-w- c:\windows\SysWow64\msi.dll
2014-08-22 11:53 . 2014-06-03 10:02 112064 ----a-w- c:\windows\system32\consent.exe
2014-08-22 11:53 . 2014-06-03 10:02 504320 ----a-w- c:\windows\system32\msihnd.dll
2014-08-22 11:53 . 2014-06-03 09:29 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-08-22 11:53 . 2014-06-03 09:29 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2014-08-22 11:52 . 2014-06-16 02:10 985536 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-08-22 11:42 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-22 11:42 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-22 11:39 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-22 11:39 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-22 11:32 . 2014-08-22 11:32 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-08-22 11:30 . 2014-08-22 12:57 -------- d-----w- C:\FRST
2014-07-24 11:12 . 2014-07-25 14:22 -------- d-----w- c:\users\Manni\martin
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-22 13:08 . 2010-11-02 12:53 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-07-11 01:02 . 2014-07-19 12:44 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-09 07:13 . 2012-05-31 16:05 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-09 07:13 . 2011-09-26 08:08 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-07 13:09 . 2014-07-07 13:09 267 ----a-w- c:\users\Manni\AppData\Local\psbwfitn.bat
2014-07-07 13:07 . 2014-07-07 13:07 267 ----a-w- c:\users\Manni\AppData\Local\vvlltc.bat
2014-07-07 13:05 . 2014-07-07 13:05 267 ----a-w- c:\users\Manni\AppData\Local\bcidpkfz.bat
2014-07-07 13:03 . 2014-07-07 13:03 267 ----a-w- c:\users\Manni\AppData\Local\ckcqenf.bat
2014-07-07 13:01 . 2014-07-07 13:01 267 ----a-w- c:\users\Manni\AppData\Local\euldbj.bat
2014-07-07 08:54 . 2014-07-07 08:54 267 ----a-w- c:\users\Manni\AppData\Local\koswc.bat
2014-07-07 08:52 . 2014-07-07 08:52 267 ----a-w- c:\users\Manni\AppData\Local\dultkbj.bat
2014-07-07 08:50 . 2014-07-07 08:50 267 ----a-w- c:\users\Manni\AppData\Local\thlxdj.bat
2014-07-07 08:48 . 2014-07-07 08:48 267 ----a-w- c:\users\Manni\AppData\Local\zercimy.bat
2014-07-07 08:43 . 2014-07-07 08:43 267 ----a-w- c:\users\Manni\AppData\Local\kfuync.bat
2014-07-07 08:41 . 2014-07-07 08:41 267 ----a-w- c:\users\Manni\AppData\Local\rwbfjosw.bat
2014-07-07 08:39 . 2014-07-07 08:39 267 ----a-w- c:\users\Manni\AppData\Local\kawlb.bat
2014-07-07 08:37 . 2014-07-07 08:37 267 ----a-w- c:\users\Manni\AppData\Local\vckzyho.bat
2014-07-07 08:35 . 2014-07-07 08:35 267 ----a-w- c:\users\Manni\AppData\Local\atviuwjb.bat
2014-07-07 08:33 . 2014-07-07 08:33 267 ----a-w- c:\users\Manni\AppData\Local\cocwrgcn.bat
2014-07-07 08:31 . 2014-07-07 08:31 267 ----a-w- c:\users\Manni\AppData\Local\yrdwpbam.bat
2014-07-07 08:29 . 2014-07-07 08:29 267 ----a-w- c:\users\Manni\AppData\Local\jfcyuqn.bat
2014-07-07 08:27 . 2014-07-07 08:27 267 ----a-w- c:\users\Manni\AppData\Local\cfaefde.bat
2014-07-07 08:25 . 2014-07-07 08:25 267 ----a-w- c:\users\Manni\AppData\Local\hcuojdw.bat
2014-07-07 08:23 . 2014-07-07 08:23 267 ----a-w- c:\users\Manni\AppData\Local\sxbadc.bat
2014-07-07 08:21 . 2014-07-07 08:21 267 ----a-w- c:\users\Manni\AppData\Local\numss.bat
2014-07-07 08:19 . 2014-07-07 08:19 267 ----a-w- c:\users\Manni\AppData\Local\cnaob.bat
2014-07-07 08:17 . 2014-07-07 08:17 267 ----a-w- c:\users\Manni\AppData\Local\cxmbwla.bat
2014-07-07 08:14 . 2014-07-07 08:14 267 ----a-w- c:\users\Manni\AppData\Local\ttahnlby.bat
2014-07-07 08:12 . 2014-07-07 08:12 267 ----a-w- c:\users\Manni\AppData\Local\cncwr.bat
2014-07-07 08:10 . 2014-07-07 08:10 267 ----a-w- c:\users\Manni\AppData\Local\tbhutb.bat
2014-07-07 08:08 . 2014-07-07 08:08 267 ----a-w- c:\users\Manni\AppData\Local\hxjbtn.bat
2014-07-04 07:42 . 2014-07-05 15:03 61112 ----a-w- c:\windows\system32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys
2014-06-18 02:18 . 2014-07-09 21:05 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 21:05 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-18 01:10 . 2014-07-09 21:05 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-06-12 19:05 . 2014-06-12 19:05 46376 ----a-w- c:\windows\system32\drivers\netfilter64.sys
2014-06-06 10:10 . 2014-07-09 21:05 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 21:05 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 21:01 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 21:01 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 21:01 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-09 21:05 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-09 21:05 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-09 21:05 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-09 21:05 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-09 21:05 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-09 21:05 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-09 21:05 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-09 21:05 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-09 21:05 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-09 21:05 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-09 21:05 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-09 21:05 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-09 21:05 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-09 21:05 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-09 21:05 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-05-08 10:52 513648 ----a-w- c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"T-Home Dialerschutz-Software"="c:\program files (x86)\T-Home\Dialerschutz-Software\Defender64.exe" [2010-03-29 1974408]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2013-12-29 1258504]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
c:\users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Hardcopy.LNK - c:\program files (x86)\Hardcopy\hardcopy.exe [2011-3-1 1727488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 Update findopolis;Update findopolis;c:\program files (x86)\findopolis\updatefindopolis.exe;c:\program files (x86)\findopolis\updatefindopolis.exe [x]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 DFSYS;T-Home Dialerschutz Hooking Treiber;c:\program files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS;c:\program files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TridVid;Video Grabber;c:\windows\system32\DRIVERS\TridVid6010.sys;c:\windows\SYSNATIVE\DRIVERS\TridVid6010.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1504000.00D\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1504000.00D\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMEFA64.SYS [x]
S1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64;{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64;c:\windows\system32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys;c:\windows\SYSNATIVE\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys [x]
S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1504000.00D\SYMNETS.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DFSVC;T-Home Dialerschutz Dienst;c:\program files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe;c:\program files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SipIMNDI;T-Home Dialerschutz VoIP Service;c:\windows\system32\DRIVERS\SipIMNDI64.sys;c:\windows\SYSNATIVE\DRIVERS\SipIMNDI64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-31 07:13]
.
2014-08-23 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-04 19:41]
.
2014-08-22 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-04 19:41]
.
2014-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15 16:33]
.
2014-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15 16:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-14 171520]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://rocket-find.com/?f=1&a=rckt_ir_14_27_ff&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtAyB0CtAyDtAyB0FyEyBtN0D0Tzu0SzytCyBtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CyBtBtA0EyBzztG0CyEyBtBtG0D0DyDyBtGyByD0E0CtGtCtDtCyEtDtC0ByC0C0D0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FyBtDtDyE0EtCtGyE0DzzzztG0FyB0CtAtGtDyEzy0AtGtCyByEtA0BzztD0FtA0FyByD2Q&cr=464099971&ir=
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
mDefault_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
mStart Page = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=6a204f59-994d-40ab-b68c-d9bdaffa677b&searchtype=ds&q={searchTerms}&installDate={installDate}
mSearchAssistant = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
mCustomizeSearch = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\
FF - prefs.js: browser.search.selectedEngine - qone8
FF - prefs.js: browser.startup.homepage - hxxp://start.qone8.com/?type=hppp&ts=1404975844&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110611051148} - c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho.dll
BHO-{990af1c2-5a27-4460-8149-ecc6bc122af3} - (no file)
BHO-{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - c:\program files (x86)\PricePeep\pricepeep.dll
Wow6432Node-HKCU-Run-ISUSPM Startup - c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
Wow6432Node-HKCU-Run-PriceMeterW - c:\users\Manni\AppData\Local\PriceMeter\pricemeterw.exe
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
Wow6432Node-HKLM-Run-fst_de_82 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110511951199} - c:\program files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Cinema-Plus-1.2 - c:\program files (x86)\Cinema-Plus-1.2\Uninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.4.0.13\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.4.0.13;c:\program files (x86)\Norton 360\Engine64\21.4.0.13"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-23 11:32:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-08-23 09:32
.
Vor Suchlauf: 15 Verzeichnis(se), 153.922.609.152 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 152.938.594.304 Bytes frei
.
- - End Of File - - 6021D38AED0227187B96FE6147BDD99C
4576B765DFBA06B1E3EDDD7B983B8768
|
|
23.08.2014, 12:37
| #4 |
| /// TB-Ausbilder | "bat=exe" Fehlermeldungen bei Windows 7 Start Servus, ok, gut gemacht.  So geht es weiter: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
25.08.2014, 11:10
| #5 |
| | "bat=exe" Fehlermeldungen bei Windows 7 Start Hallo, so dann will ich mal die ganzen log posten  Code:
ATTFilter # AdwCleaner v3.308 - Bericht erstellt am 25/08/2014 um 09:32:55
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Manni - LAPPI-MANNI
# Gestartet von : C:\Users\Manni\Desktop\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : globalUpdatem
Dienst Gelöscht : IePluginServices
[#] Dienst Gelöscht : Web Assistant Updater
Dienst Gelöscht : {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\WindowsProtectManger
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Inbox Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Program Files\SupraSavings
Ordner Gelöscht : C:\Users\Manni\AppData\Local\cool_mirage
Ordner Gelöscht : C:\Users\Manni\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Manni\AppData\Local\PriceMeter
Ordner Gelöscht : C:\Users\Manni\AppData\Local\WeatherAlerts
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Genesis_07101933
Ordner Gelöscht : C:\Users\Manni\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Manni\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Manni\AppData\LocalLow\Inbox Toolbar
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Manni\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\z0xngxin.default\Extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
[!] Ordner Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\drivers\netfilter64.sys
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys
Datei Gelöscht : C:\Users\Manni\daemonprocess.txt
Datei Gelöscht : C:\Users\Manni\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\Manni\Desktop\Continue Zip Extractor Installation.lnk
Datei Gelöscht : C:\Users\Manni\Desktop\eBay.lnk
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml
Datei Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
***** [ Tasks ] *****
Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : globalUpdateUpdateTaskMachineUA
Task Gelöscht : Optimizer Pro Schedule
Task Gelöscht : pricemeterdownloader
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Manni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SOFTWARE\5e53d98fb36ae846
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0059599.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0059599.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0060548.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0060548.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0060548.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2724407
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611051148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622052248}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611051148}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622052248}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\FreeSoftToday
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Inbox Toolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
Schlüssel Gelöscht : HKCU\Software\SoftwareUpdater
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PricePeep
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\suprasavings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\video MediaPlay-Air
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\DealPlyLive
Schlüssel Gelöscht : HKLM\SOFTWARE\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\FrEeSoFtOdAy
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Inbox Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\PriceMeterLiveUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\qone8Software
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsProtectManger
Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Updater By Sweetpacks
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\suprasavings
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "qone8");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "qone8");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.qone8.com/?type=hppp&ts=1404975844&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX");
Zeile gelöscht : user_pref("extensions.acaseyvelezaolcom61788.61788.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anthropologie.com%2[...]
Zeile gelöscht : user_pref("extensions.acaseyvelezaolcom61788.61788.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls%22[...]
Zeile gelöscht : user_pref("extensions.ad55cd0d79f24466095b3188599e8e4f86b2faf04e86f4bcfa878632814acf518com60548.60548.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.aff8065806db34c09ba06d6caf0e991728453cb257fef4ed58934b08be5605617com59599.59599.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1471b4108ab545aaa48fb3ba4aff9dd9");
-\\ Google Chrome v
[ Datei : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [43912 octets] - [25/08/2014 09:28:57]
AdwCleaner[S0].txt - [39415 octets] - [25/08/2014 09:32:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39476 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Manni on 25.08.2014 at 11:01:03,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-418493526-2778782540-3642645566-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-418493526-2778782540-3642645566-1000\Software\web assistant
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\Manni\AppData\Roaming\mozilla\firefox\profiles\380272r2.default-1404892408515\prefs.js
user_pref("extensions.acaseyvelezaolcom61788.61788.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dea
user_pref("extensions.aff8065806db34c09ba06d6caf0e991728453cb257fef4ed58934b08be5605617com59599.59599.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
Emptied folder: C:\Users\Manni\AppData\Roaming\mozilla\firefox\profiles\380272r2.default-1404892408515\minidumps [12 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.08.2014 at 11:38:37,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 25.08.2014 Suchlauf-Zeit: 09:50:32 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.03.04.09 Rootkit Datenbank: v2014.02.20.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Manni Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 269445 Verstrichene Zeit: 36 Min, 17 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 5 PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\Inbox.WS.com IE Toolbar, In Quarantäne, [89c04bb495e580b63511e88d5ea40ff1], PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Inbox.WS.com IE Toolbar, In Quarantäne, [a7a2f40b72086bcbec5ad0a58f730ff1], PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, In Quarantäne, [2a1f748b49314aec02f0a50c21e23ec2], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511951199}, In Quarantäne, [4702f609dd9de74f33ce71c1d232b947], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511951199}, In Quarantäne, [4702f609dd9de74f33ce71c1d232b947], Registrierungswerte: 1 PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, In Quarantäne, [2a1f748b49314aec02f0a50c21e23ec2] Registrierungsdaten: 0 (No malicious items detected) Ordner: 2 PUP.Optional.HDStreamer, C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb, In Quarantäne, [54f5ad52a1d982b44f25cdbce81a07f9], PUP.Optional.WhiteSmoke.A, C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj, In Quarantäne, [5dec08f784f69b9b3636ef9c8a7809f7], Dateien: 10 PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\google-chrome (1).exe, In Quarantäne, [d673ee110674c1755e276cdaef12946c], PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\google-chrome.exe, In Quarantäne, [f95035cabebcaf87dea7ba8c9a673fc1], PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\Setup (1).exe, In Quarantäne, [cb7ea857a3d79f97582d0e3856ab629e], PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\Setup (2).exe, In Quarantäne, [41083fc0d6a4da5cd8adde68748dbf41], PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\Setup (3).exe, In Quarantäne, [d07917e893e7b680cabb0e38010011ef], PUP.Optional.Solimba.mr, C:\Users\Manni\Downloads\Setup (4).exe, In Quarantäne, [c188c23d93e768ce731f8fc106fb7987], PUP.Optional.Solimba.mr, C:\Users\Manni\Downloads\setup (5).exe, In Quarantäne, [6adf7f804c2e092d8210f858ee1343bd], PUP.Optional.Solimba.mr, C:\Users\Manni\Downloads\setup (6).exe, In Quarantäne, [cb7eb7482a504aec454dcc84c93810f0], PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\Setup.exe, In Quarantäne, [381157a85624c96d83024bfb1fe29769], PUP.Optional.JumpyApps.A, C:\Users\Manni\Downloads\zipextractorsetup.exe, In Quarantäne, [4dfc5aa54e2cae88f0fbf826f70db44c], Physische Sektoren: 0 (No malicious items detected) (end) |
|
25.08.2014, 11:14
| #6 |
| | "bat=exe" Fehlermeldungen bei Windows 7 StartFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2014 Ran by Manni (administrator) on LAPPI-MANNI on 25-08-2014 11:40:28 Running from C:\Users\Manni\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe (T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe (T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-14] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe [1974408 2010-03-29] (T-Systems International GmbH) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-29] (Easybits) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann) ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKLM-x32 - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {16ED00DE-DF19-4BC9-9E03-52C3121B7124} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {8E25DF21-98F1-47A6-A2A4-3C261D916603} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE498 BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: No Name -> {990af1c2-5a27-4460-8149-ecc6bc122af3} -> No File BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Cinema-Plus-1.2c - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\caseyvelez@aol.com [2014-08-23] FF Extension: video MediaPlayer - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com [2014-07-11] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-08-01] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-13] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-04-01] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR HomePage: CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter} CHR Extension: (YouTube) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16] CHR Extension: (Google-Suche) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16] CHR Extension: (Cinema-Plus-1.2) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom [2014-07-10] CHR Extension: (Norton Identity Protection) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-06-07] CHR Extension: (Google Wallet) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] CHR Extension: (Google Mail) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2011-12-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) R2 DFSVC; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [376832 2009-10-21] (T-Systems International GmbH) [File not signed] R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed] R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] () R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.) R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X] S2 Update findopolis; "C:\Program Files (x86)\findopolis\updatefindopolis.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation) R3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-13] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys [525016 2014-03-31] (Symantec Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\ENG64.SYS [126040 2014-07-18] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\EX64.SYS [2099288 2014-07-18] (Symantec Corporation) R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH) S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-31] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation) S3 TridVid; C:\Windows\System32\DRIVERS\TridVid6010.sys [287488 2010-10-10] (10Moons Technologies Co.,Ltd) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-25 11:38 - 2014-08-25 11:38 - 00001747 _____ () C:\Users\Manni\Desktop\JRT.txt 2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Windows\ERUNT 2014-08-25 10:58 - 2014-08-25 10:59 - 01016261 _____ (Thisisu) C:\Users\Manni\Desktop\JRT.exe 2014-08-25 10:49 - 2014-08-25 10:49 - 00003495 _____ () C:\Users\Manni\Desktop\mbam.txt 2014-08-25 09:49 - 2014-08-25 10:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-25 09:45 - 2014-08-25 09:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-25 09:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-25 09:45 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-25 09:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-25 09:42 - 2014-08-25 09:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manni\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-25 09:38 - 2014-08-25 09:38 - 00039901 _____ () C:\Users\Manni\Desktop\AdwCleaner[S0].txt 2014-08-25 09:28 - 2014-08-25 09:34 - 00000000 ____D () C:\AdwCleaner 2014-08-25 09:26 - 2014-08-25 09:27 - 01364531 _____ () C:\Users\Manni\Desktop\adwcleaner_3.308.exe 2014-08-23 11:32 - 2014-08-23 11:32 - 00029498 _____ () C:\ComboFix.txt 2014-08-23 11:01 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-23 11:01 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-23 11:01 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-23 11:01 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-23 11:01 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-23 11:01 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-23 11:01 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-23 11:01 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-23 11:01 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-23 11:01 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-23 11:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-23 11:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-23 11:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-23 11:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-08-22 18:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-08-22 18:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-08-22 18:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-08-22 18:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-08-22 18:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-08-22 18:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-08-22 18:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-08-22 18:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-08-22 18:22 - 2014-08-23 11:32 - 00000000 ____D () C:\Qoobox 2014-08-22 18:20 - 2014-08-23 11:29 - 00000000 ____D () C:\Windows\erdnt 2014-08-22 18:15 - 2014-08-22 18:14 - 05572006 ____R (Swearware) C:\Users\Manni\Desktop\ComboFix.exe 2014-08-22 18:13 - 2014-08-22 18:14 - 05572006 _____ (Swearware) C:\Users\Manni\Downloads\ComboFix.exe 2014-08-22 15:01 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-22 15:01 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-22 15:01 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-22 15:01 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-22 15:01 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-22 15:01 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-22 15:01 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-22 15:01 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-22 14:56 - 2014-08-22 14:57 - 00049858 _____ () C:\Users\Manni\Desktop\Addition.txt 2014-08-22 14:52 - 2014-08-25 11:41 - 00022389 _____ () C:\Users\Manni\Desktop\FRST.txt 2014-08-22 14:45 - 2014-08-22 14:48 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt 2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe 2014-08-22 13:53 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-22 13:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-22 13:53 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-22 13:53 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-22 13:53 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-22 13:53 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-22 13:53 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-22 13:53 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-22 13:53 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-22 13:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-22 13:45 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-22 13:45 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-22 13:45 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-22 13:45 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-22 13:45 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-22 13:45 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-22 13:45 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-22 13:45 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-22 13:45 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-22 13:45 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-22 13:45 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-22 13:45 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-22 13:45 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-22 13:45 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-22 13:44 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-22 13:44 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-22 13:44 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-22 13:44 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-22 13:44 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-22 13:44 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-22 13:44 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-22 13:44 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-22 13:44 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-22 13:44 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-22 13:44 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-22 13:44 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-22 13:44 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-22 13:44 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-22 13:44 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-22 13:44 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-22 13:44 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-22 13:44 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-22 13:44 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-22 13:44 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-22 13:44 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-22 13:44 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-22 13:44 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-22 13:44 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-22 13:44 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-22 13:44 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-22 13:44 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-22 13:44 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-22 13:44 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-22 13:44 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-22 13:44 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-22 13:44 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-22 13:44 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-22 13:44 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-22 13:44 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-22 13:44 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-22 13:44 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-22 13:44 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-22 13:44 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-22 13:44 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-22 13:44 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-22 13:44 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-22 13:44 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-22 13:44 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-22 13:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-22 13:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-22 13:39 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-22 13:39 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk 2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-08-22 13:30 - 2014-08-25 11:40 - 00000000 ____D () C:\FRST 2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3) 2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2) 2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1) 2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist 2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp 2014-07-31 10:04 - 2014-07-31 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-25 11:41 - 2014-08-22 14:52 - 00022389 _____ () C:\Users\Manni\Desktop\FRST.txt 2014-08-25 11:40 - 2014-08-22 13:30 - 00000000 ____D () C:\FRST 2014-08-25 11:38 - 2014-08-25 11:38 - 00001747 _____ () C:\Users\Manni\Desktop\JRT.txt 2014-08-25 11:11 - 2009-07-14 06:51 - 01006643 _____ () C:\Windows\setupact.log 2014-08-25 11:08 - 2011-11-08 14:11 - 00000000 ____D () C:\Users\Manni\AppData\Local\CrashDumps 2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Windows\ERUNT 2014-08-25 10:59 - 2014-08-25 10:58 - 01016261 _____ (Thisisu) C:\Users\Manni\Desktop\JRT.exe 2014-08-25 10:56 - 2010-03-18 02:27 - 01838767 _____ () C:\Windows\WindowsUpdate.log 2014-08-25 10:53 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-25 10:53 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-25 10:49 - 2014-08-25 10:49 - 00003495 _____ () C:\Users\Manni\Desktop\mbam.txt 2014-08-25 10:46 - 2014-08-25 09:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-25 10:45 - 2014-06-11 19:11 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-08-25 10:45 - 2011-02-15 18:33 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-25 10:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-25 10:44 - 2011-02-15 18:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-25 10:44 - 2010-03-18 02:29 - 02149172 _____ () C:\Windows\PFRO.log 2014-08-25 10:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech 2014-08-25 10:43 - 2012-05-31 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-25 09:45 - 2014-08-25 09:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-25 09:43 - 2014-08-25 09:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manni\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-25 09:38 - 2014-08-25 09:38 - 00039901 _____ () C:\Users\Manni\Desktop\AdwCleaner[S0].txt 2014-08-25 09:34 - 2014-08-25 09:28 - 00000000 ____D () C:\AdwCleaner 2014-08-25 09:34 - 2013-11-29 19:43 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-25 09:34 - 2010-11-02 13:55 - 00000995 _____ () C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-25 09:34 - 2010-11-02 13:50 - 00000000 ____D () C:\Users\Manni 2014-08-25 09:27 - 2014-08-25 09:26 - 01364531 _____ () C:\Users\Manni\Desktop\adwcleaner_3.308.exe 2014-08-25 09:27 - 2011-06-14 09:07 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A8B97CD3-7C97-48E7-8FFF-7B2BF938225D} 2014-08-23 11:32 - 2014-08-23 11:32 - 00029498 _____ () C:\ComboFix.txt 2014-08-23 11:32 - 2014-08-22 18:22 - 00000000 ____D () C:\Qoobox 2014-08-23 11:32 - 2014-04-23 08:56 - 00000000 ____D () C:\Users\dub_cm_auto 2014-08-23 11:29 - 2014-08-22 18:20 - 00000000 ____D () C:\Windows\erdnt 2014-08-23 11:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-08-23 11:23 - 2009-07-14 04:34 - 91750400 _____ () C:\Windows\system32\config\software.bak 2014-08-23 11:23 - 2009-07-14 04:34 - 17301504 _____ () C:\Windows\system32\config\system.bak 2014-08-23 11:23 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\default.bak 2014-08-23 11:23 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak 2014-08-23 11:23 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak 2014-08-22 18:14 - 2014-08-22 18:15 - 05572006 ____R (Swearware) C:\Users\Manni\Desktop\ComboFix.exe 2014-08-22 18:14 - 2014-08-22 18:13 - 05572006 _____ (Swearware) C:\Users\Manni\Downloads\ComboFix.exe 2014-08-22 15:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-22 15:22 - 2009-11-14 18:25 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-22 15:13 - 2013-08-14 18:13 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-22 15:08 - 2010-11-02 14:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-22 15:00 - 2014-05-06 22:16 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-22 14:57 - 2014-08-22 14:56 - 00049858 _____ () C:\Users\Manni\Desktop\Addition.txt 2014-08-22 14:48 - 2014-08-22 14:45 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt 2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe 2014-08-22 13:56 - 2011-11-01 15:32 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-08-22 13:56 - 2010-12-08 16:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk 2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-08-22 12:39 - 2014-07-14 16:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360 2014-08-22 12:39 - 2014-03-31 17:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-08-22 12:39 - 2014-01-21 13:02 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-22 12:39 - 2011-06-08 14:39 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64 2014-08-22 12:39 - 2010-03-18 02:43 - 00000000 ____D () C:\ProgramData\Norton 2014-08-22 12:39 - 2009-11-15 02:15 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI 2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing 2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-08-22 12:38 - 2014-07-08 20:15 - 00000000 ____D () C:\Program Files (x86)\F978377C-B7D4-4536-8E10-14CA97B13394 2014-08-22 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-08-22 12:31 - 2013-07-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-18 15:47 - 2012-06-17 14:17 - 00000000 ____D () C:\Users\Manni\Sigrid_Rezepte 2014-08-15 15:32 - 2010-11-03 15:21 - 00000000 ____D () C:\Users\Manni\Kegeln 2014-08-10 08:46 - 2013-10-21 17:34 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3) 2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2) 2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1) 2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist 2014-08-07 04:06 - 2014-08-22 13:39 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-22 13:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-05 19:09 - 2010-11-13 15:30 - 00000000 ____D () C:\Users\Manni\FZ 2014-08-05 11:30 - 2014-05-30 17:01 - 00000000 ____D () C:\temp 2014-08-01 12:39 - 2013-11-29 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-01 01:41 - 2014-08-22 13:44 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-01 01:16 - 2014-08-22 13:44 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp 2014-07-31 17:36 - 2011-06-16 16:24 - 00000000 ____D () C:\Windows\Minidump 2014-07-31 17:36 - 2011-06-16 16:23 - 315134067 _____ () C:\Windows\MEMORY.DMP 2014-07-31 16:44 - 2013-12-29 09:58 - 00000000 ____D () C:\ProgramData\Easybits Magic Desktop for HP 2014-07-31 10:06 - 2014-07-31 10:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-30 09:52 - 2014-07-23 10:52 - 00000000 ____D () C:\Users\Manni\Desktop\Arbeitssicherheit Some content of TEMP: ==================== C:\Users\Manni\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-02-25 16:11 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2014
Ran by Manni at 2014-08-25 11:42:18
Running from C:\Users\Manni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
1400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0804.2223.38385 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help English (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help French (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help German (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0804.2223.38385 - ATI) Hidden
Cinema-Plus-1.2 (HKLM-x32\...\Cinema-Plus-1.2) (Version: 1.34.7.1 - Cinema Plus)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3325 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3325 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.1.1005 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2130 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2130 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.2 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.7.0 - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 2011.02.12 - www.hardcopy.de)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java(TM) 6 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416015FF}) (Version: 6.0.150 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
T-Home Dialerschutz-Software (HKLM-x32\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version: - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
10-08-2014 06:42:14 Installed Java 7 Update 67
10-08-2014 10:13:07 Removed Java(TM) SE Development Kit 6 Update 15 (64-bit)
14-08-2014 20:31:17 Windows Update
22-08-2014 10:06:54 Wiederherstellungsvorgang
22-08-2014 11:42:31 Revo Uninstaller's restore point - Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:44:55 Removed Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:55:33 Revo Uninstaller's restore point - Search Protect
22-08-2014 11:59:40 Revo Uninstaller's restore point - video MediaPlay-Air
22-08-2014 12:26:18 Revo Uninstaller's restore point - GMX Desktop Icons
22-08-2014 12:39:18 Revo Uninstaller's restore point - GMX MailCheck für Internet Explorer
22-08-2014 12:41:38 Revo Uninstaller's restore point - GMX Softwareaktualisierung
22-08-2014 12:59:57 Windows Update
23-08-2014 09:00:01 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-08-23 11:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {00A2143C-288B-4611-88E8-4AEFCC12549C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {0315E158-5D1B-4C24-B7BD-CB737D944E07} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {0E27F6A1-8900-45BF-B630-C819492F06C2} - System32\Tasks\cocwrgcn => C:\Users\Manni\AppData\Local\cocwrgcn.bat [2014-07-07] ()
Task: {12A909A7-A915-4690-93E4-8C739E117D95} - System32\Tasks\wfodnof => C:\Users\Manni\AppData\Local\wfodnof.bat
Task: {13C0A6FB-F1D8-45E9-BE95-CB694C9EF0C8} - System32\Tasks\koswc => C:\Users\Manni\AppData\Local\koswc.bat [2014-07-07] ()
Task: {1E334E91-4473-4C00-95BF-1523CC431FEC} - System32\Tasks\ttahnlby => C:\Users\Manni\AppData\Local\ttahnlby.bat [2014-07-07] ()
Task: {27CE954C-20F7-4E97-AC66-0AE5817FF5D7} - System32\Tasks\kfuync => C:\Users\Manni\AppData\Local\kfuync.bat [2014-07-07] ()
Task: {2C7B34C0-9642-4F1C-8B21-47A364A0CCEB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {2DC77031-4158-43E6-A0D8-9348F4AACC7A} - System32\Tasks\jgcebxt => C:\Users\Manni\AppData\Local\jgcebxt.bat
Task: {2E48DDAE-834D-414C-A0B4-6E966EB1878E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {34E8088A-C36B-429C-8DDD-7ADB2468760A} - System32\Tasks\bcidpkfz => C:\Users\Manni\AppData\Local\bcidpkfz.bat [2014-07-07] ()
Task: {37EDA866-EA3A-4CDF-80A3-6C18F6BD0313} - System32\Tasks\atviuwjb => C:\Users\Manni\AppData\Local\atviuwjb.bat [2014-07-07] ()
Task: {389AD2E4-023F-47CC-AD91-B636F7F141A3} - System32\Tasks\0 => Iexplore.exe
Task: {395760AC-D090-4C72-84A0-F51FF9671608} - System32\Tasks\vvlltc => C:\Users\Manni\AppData\Local\vvlltc.bat [2014-07-07] ()
Task: {3EB9C719-B90B-478A-8CB5-14FA78FC1DA9} - System32\Tasks\hcuojdw => C:\Users\Manni\AppData\Local\hcuojdw.bat [2014-07-07] ()
Task: {452C3DE2-2BA0-455B-A340-894553A2480B} - System32\Tasks\xildor => C:\Users\Manni\AppData\Local\xildor.bat
Task: {470255AC-3406-44C6-8B03-EF695BCB09EA} - System32\Tasks\vckzyho => C:\Users\Manni\AppData\Local\vckzyho.bat [2014-07-07] ()
Task: {482F6C06-2026-4877-9AF1-D954C02AE723} - System32\Tasks\hxjbtn => C:\Users\Manni\AppData\Local\hxjbtn.bat [2014-07-07] ()
Task: {53752472-D7A0-483E-A31A-204A8E322315} - System32\Tasks\yrdwpbam => C:\Users\Manni\AppData\Local\yrdwpbam.bat [2014-07-07] ()
Task: {568FC11B-13C4-49BB-BB4F-321161212AAA} - System32\Tasks\cxmbwla => C:\Users\Manni\AppData\Local\cxmbwla.bat [2014-07-07] ()
Task: {5A63283D-215D-4428-8543-0BAD7DED2AE6} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5D83D403-C505-4611-800F-7988B37C0742} - System32\Tasks\thlxdj => C:\Users\Manni\AppData\Local\thlxdj.bat [2014-07-07] ()
Task: {5EEC57B0-4161-4A0B-83CD-0774565ED408} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {62354AA0-9626-4046-94DB-35143ED1C08A} - System32\Tasks\rwbfjosw => C:\Users\Manni\AppData\Local\rwbfjosw.bat [2014-07-07] ()
Task: {6596B45D-E47E-4C1B-A5E0-D241F21430B4} - System32\Tasks\4680 => Wscript.exe C:\Users\Manni\AppData\Local\Temp\launchie.vbs //B
Task: {68F6D1D5-5AF5-4D8D-833D-97D113BB174C} - System32\Tasks\cmymq => C:\Users\Manni\AppData\Local\cmymq.bat
Task: {70380FC0-647A-4D69-A5B9-152A28069808} - System32\Tasks\cncwr => C:\Users\Manni\AppData\Local\cncwr.bat [2014-07-07] ()
Task: {86F52852-72F6-442B-B69F-2582D219A477} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {97BAAC2D-ABB2-4594-A3D0-641A86D3AF81} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A04C623C-5D83-4B46-B3A5-AFF3211AB742} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {A25851BB-A2DE-49F0-88D0-E2E6804C50B1} - System32\Tasks\zercimy => C:\Users\Manni\AppData\Local\zercimy.bat [2014-07-07] ()
Task: {AAC68578-92E8-4703-A1C8-C20D6AF38F62} - System32\Tasks\euldbj => C:\Users\Manni\AppData\Local\euldbj.bat [2014-07-07] ()
Task: {B4753996-0693-45AB-B44E-629A03944B11} - System32\Tasks\ckcqenf => C:\Users\Manni\AppData\Local\ckcqenf.bat [2014-07-07] ()
Task: {BB656CB5-DD11-4A97-979B-45104C51E9A3} - System32\Tasks\blerf => C:\Users\Manni\AppData\Local\blerf.bat
Task: {BDD59F76-4315-48B1-945F-B2E4CDE7F910} - System32\Tasks\jfcyuqn => C:\Users\Manni\AppData\Local\jfcyuqn.bat [2014-07-07] ()
Task: {C4BEB79C-0B57-4EB6-A170-AE20FCF84421} - System32\Tasks\dultkbj => C:\Users\Manni\AppData\Local\dultkbj.bat [2014-07-07] ()
Task: {C7E4A8C7-0A49-40DB-B0B0-76F7B7E14CC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {CBAF75D9-4A25-4041-A2F5-5FB4214D7480} - System32\Tasks\rdfqa => C:\Users\Manni\AppData\Local\rdfqa.bat
Task: {D6720897-3796-4410-B465-BDFD4C6B848A} - System32\Tasks\cnaob => C:\Users\Manni\AppData\Local\cnaob.bat [2014-07-07] ()
Task: {D9D9CEEA-736D-42F6-82B0-2317C9599064} - System32\Tasks\sxbadc => C:\Users\Manni\AppData\Local\sxbadc.bat [2014-07-07] ()
Task: {DB802726-D195-4A90-98D6-1DA8CA90B528} - System32\Tasks\ykvhrd => C:\Users\Manni\AppData\Local\ykvhrd.bat
Task: {DE7CAB67-59AD-4664-8A09-62E328D2C103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E26D4FC0-020D-4882-A2CA-122EF3642D99} - System32\Tasks\tbhutb => C:\Users\Manni\AppData\Local\tbhutb.bat [2014-07-07] ()
Task: {E41A9173-3D19-4554-8AB5-BA876DFE5441} - System32\Tasks\numss => C:\Users\Manni\AppData\Local\numss.bat [2014-07-07] ()
Task: {E41F8BE0-222B-4402-8CD1-AB2C2C0C98FD} - System32\Tasks\cfaefde => C:\Users\Manni\AppData\Local\cfaefde.bat [2014-07-07] ()
Task: {E96E061B-0CC6-4D5C-A090-A798A94DF377} - System32\Tasks\kawlb => C:\Users\Manni\AppData\Local\kawlb.bat [2014-07-07] ()
Task: {EBC9B429-D6AE-4B26-A4D0-F579ABAD46A5} - System32\Tasks\psbwfitn => C:\Users\Manni\AppData\Local\psbwfitn.bat [2014-07-07] ()
Task: {EEECBA7C-C3ED-4744-84A9-B8BAF396CA8A} - System32\Tasks\eljqou => C:\Users\Manni\AppData\Local\eljqou.bat
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-11-14 19:25 - 2009-07-06 21:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-01-23 12:23 - 2010-04-21 10:59 - 00058880 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_x64.dll
2011-03-01 13:37 - 2008-12-02 14:21 - 00041984 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 16:46 - 2009-10-02 16:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-03-18 02:25 - 2010-03-18 02:25 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2011-01-23 12:23 - 2010-04-21 11:00 - 00058368 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_Win32.dll
2011-03-01 13:37 - 2011-02-04 09:35 - 00815616 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2011-03-01 13:37 - 2010-09-30 10:14 - 00055296 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_03.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (07/29/2014 10:26:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 116 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/29/2014 10:25:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 253 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/08/2014 00:06:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.
Error: (08/29/2013 05:42:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14026 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/13/2012 00:34:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1107 seconds with 240 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-08-23 11:20:55.401
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-23 11:20:54.652
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-22 14:52:21.161
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 14:39:16.298
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 14:24:54.170
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 12:08:41.049
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 07:22:24.312
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 08:17:50.468
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-16 11:38:13.950
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-15 10:32:30.832
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II Dual-Core M320
Percentage of memory in use: 49%
Total physical RAM: 1788.2 MB
Available physical RAM: 898.02 MB
Total Pagefile: 3576.4 MB
Available Pagefile: 1854.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:219.13 GB) (Free:142.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.46 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 041DF713)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End Of Log ============================
|
|
Hybrid-Darstellung
