![]() |
|
Plagegeister aller Art und deren Bekämpfung: Win7 32Bit Home Premium - Windows Befehlsprozessor will ...\Shuka\PackerV2.exe startenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() | #1 |
![]() | ![]() Win7 32Bit Home Premium - Windows Befehlsprozessor will ...\Shuka\PackerV2.exe starten Hallo und guten Tag zusammen, ich habe hier einen Laptop stehen der bei jedem booten eine änderung des Befehlsprozessor will. Der Pfad der aufgerufen werden soll ist ellenlang endet aber auf ...\Shuka\PackerV2.exe. Ich habe mit FRST schon mal einen Scan gemacht, ich hoffe das jemand mir Tipps geben kann wie am besten vorzugehen ist, um den Störenfried wieder los zu werden. Falls ich Infos vergessen habe, liefere ich die gerne nach. Vielen Dank schon mal im voraus, Stonecrax FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2015 01 Ran by Vroni (administrator) on VAIO_NOTEBOOK on 30-01-2015 11:08:40 Running from C:\Users\Vroni\Desktop Loaded Profiles: Vroni (Available profiles: Vroni) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\FastPlayer\FPUpdaterService.exe (globalUpdate) C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe () C:\Program Files\LPT\srpts.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Smartbar) C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.exe () C:\Users\Vroni\AppData\Roaming\InetStat\inetstat.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe () C:\Program Files\FastPlayer\WebBrowser.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe (Symantec Corporation) C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\ccsvchst.exe () C:\Users\Vroni\AppData\Local\RGMService\RGMUpdater.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe () C:\Program Files\LPT\srptsl.exe () C:\Users\Vroni\AppData\Local\RGMService\RGMLoader.exe (Symantec Corporation) C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\ccsvchst.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe (Samsung Electronics.) C:\Program Files\Samsung\Samsung Magician\Samsung Magician.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2014\OneClick.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TUDefragBackend32.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe () C:\Users\Vroni\AppData\Local\LPT\srptm.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated) HKLM\...\Run: [] => [X] HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated) HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [Google Update] => C:\Users\Vroni\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-21] (Google Inc.) HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [GoogleChromeAutoLaunch_45191224BF4F697402CEEF6853EA9D19] => C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.) HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-08-27] (Smartbar) HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [InetStat] => C:\Users\Vroni\AppData\Roaming\InetStat\inetstat.exe [702478 2014-10-14] () HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [cmd] => C:\Users\Vroni\AppData\Local\Temp\Shuka\PackerV2.exe [5113856 2014-12-08] (Packer Framework) <===== ATTENTION HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\MountPoints2: {254fc985-3669-11e3-ad42-806e6f6e6963} - D:\shelexec.exe .\starter.html Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserFastPlayer.lnk ShortcutTarget: WebBrowserFastPlayer.lnk -> C:\Program Files\FastPlayer\WebBrowser.exe () Startup: C:\Users\Vroni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk ShortcutTarget: Samsung Magician.lnk -> C:\Program Files\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.) ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\buShell.dll (Symantec Corporation) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-533857234-3230724435-3058745666-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504&q={searchTerms} HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGps3182xY2a1NdTJWekBtEYhW4L2qQ_8uef-WJUDiBt68mbtqS04HHB5wy09kVgkaCL8i31x6z8d0DrpySaetdI4nIk144svg,, HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms} HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms} HKU\S-1-5-21-533857234-3230724435-3058745666-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yHDybDS6nILGdA0nLw,,&q={searchTerms} HKU\S-1-5-21-533857234-3230724435-3058745666-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV= HKU\S-1-5-21-533857234-3230724435-3058745666-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yHDybDS6nILGdA0nLw,,&q={searchTerms} HKU\S-1-5-21-533857234-3230724435-3058745666-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504 SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms} SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-533857234-3230724435-3058745666-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yHDybDS6nILGdA0nLw,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-533857234-3230724435-3058745666-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504&q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll No File BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation) BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation) Toolbar: HKU\S-1-5-21-533857234-3230724435-3058745666-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.121.128.10 212.121.128.11 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504 FireFox: ======== FF ProfilePath: C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default FF DefaultSearchEngine: mystartsearch FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV= FF SelectedSearchEngine: Trovi search FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-533857234-3230724435-3058745666-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-533857234-3230724435-3058745666-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF user.js: detected! => C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\user.js FF SearchPlugin: C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\searchplugins\trovi-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml FF Extension: Radio Canyon - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [2014-10-14] FF Extension: videos_MediaPlayers_v1.1 - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\975af956-6d8c-4897-837a-25c267d2cec1@gmail.com [2014-10-14] FF Extension: Fast Start - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\faststartff@gmail.com [2014-10-14] FF Extension: remotexulmanagerxulforgecom - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\remotexulmanager@xulforge.com [2014-10-24] FF Extension: WEB.DE MailCheck - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\toolbar@web.de.xpi [2014-09-20] FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-09-20] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-18] FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\extensions\faststartff@gmail.com FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\IPSFFPlgn FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\IPSFFPlgn [2014-10-25] FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\coFFPlgn [2015-01-30] FF HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Firefox\Extensions: [{5179B536-9073-3059-FF21-41709DF461E7}] - C:\Program Files\ver5SpeedChecker\180.xpi FF Extension: SpeedChecker - C:\Program Files\ver5SpeedChecker\180.xpi [2014-10-14] StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504 Chrome: ======= CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV= CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV=", "chrome://newtab/?source=home", "hxxp://www.mystartsearch.com/?type=hp&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504", "hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV=" CHR DefaultSearchKeyword: Default -> trovi.search CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SAT=CNTS CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms} CHR Profile: C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (almhciamckkbjlmapgjalcpciigohefi) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\almhciamckkbjlmapgjalcpciigohefi [2014-10-25] CHR Extension: (Google Docs) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-21] CHR Extension: (Google Drive) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-21] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12] CHR Extension: (YouTube) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-21] CHR Extension: (Adblock Plus) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-21] CHR Extension: (Google-Suche) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-21] CHR Extension: (Blöcke Deluxe) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpeikjapgbmncgiaijjfondlfflajnlb [2014-06-21] CHR Extension: (CHIP Online) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjmdobefakhdbfdpnnopoaldabldbgd [2014-06-21] CHR Extension: (The QR Code Generator) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2014-06-21] CHR Extension: (AdBlock) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-21] CHR Extension: (Dropbox) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-06-21] CHR Extension: (View Plug-ins) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjpifmjicccpbkfjdkehimhgklfkbanh [2014-10-24] CHR Extension: (Norton Security Toolbar) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-10-27] CHR Extension: (Google Wallet) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21] CHR Extension: (Google Mail) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-21] CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\Exts\Chrome.crx [2014-11-03] CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx [2014-10-14] StartMenuInternet: Google Chrome.BFEL4LOH3ZTRW2USQVE3O2GWV4 - C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.mystartsearch.com/?type=sc&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504 ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 FastPlayerUpdaterService; C:\Program Files\FastPlayer\FPUpdaterService.exe [382464 2015-01-22] () [File not signed] S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-14] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-14] (globalUpdate) [File not signed] R2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [34304 2014-08-27] () <==== ATTENTION R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation) R2 N360; C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation) R2 RGMUpdater; C:\Users\Vroni\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed] S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1773368 2014-03-20] (TuneUp Software) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20141030.001\BHDrvx86.sys [1138392 2014-10-24] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360\0604010.00E\ccSetx86.sys [132768 2012-06-07] (Symantec Corporation) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-10-25] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-10-25] (Symantec Corporation) R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [202112 2005-10-18] (Conexant Systems, Inc.) R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [998656 2005-10-18] (Conexant Systems, Inc.) R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20141101.001\IDSvix86.sys [476888 2014-10-27] (Symantec Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation) R1 MpKsl83bf9539; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A04910A-565B-453E-BFC1-CB5763CAE8D3}\MpKsl83bf9539.sys [39464 2015-01-30] (Microsoft Corporation) R3 Mvc25U870_VID_1262&PID_25FD; C:\Windows\System32\Drivers\Mvc25U870.sys [55680 2005-12-29] (Micro Vision Co.,Ltd) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20141118.050\NAVENG.SYS [95704 2014-10-25] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20141118.050\NAVEX15.SYS [1636696 2014-10-25] (Symantec Corporation) R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation) R3 SPI; C:\Windows\System32\DRIVERS\SonyPI.sys [14720 2007-08-03] (Sony Corporation) S3 SRTSP; C:\Windows\System32\Drivers\N360\0604010.00E\SRTSP.SYS [574112 2012-07-06] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360\0604010.00E\SRTSPX.SYS [32928 2012-07-06] (Symantec Corporation) R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1076472 2005-11-17] (SigmaTel, Inc.) R0 SymDS; C:\Windows\System32\drivers\N360\0604010.00E\SYMDS.SYS [340088 2012-01-17] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360\0604010.00E\SYMEFA.SYS [924320 2012-05-22] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [141944 2014-10-25] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360\0604010.00E\Ironx86.SYS [149624 2012-01-17] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360\0604010.00E\SYMNETS.SYS [318584 2012-01-17] (Symantec Corporation) R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [217472 2005-10-04] (Texas Instruments) S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [3712 2005-07-11] (TOSHIBA Corporation.) [File not signed] R3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [46592 2005-09-16] (TOSHIBA Corporation) [File not signed] R3 Tosrfbd; C:\Windows\System32\Drivers\tosrfbd.sys [108672 2005-10-07] (TOSHIBA CORPORATION) [File not signed] R3 Tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36480 2005-09-15] (TOSHIBA Corporation) [File not signed] R1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed] R3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [62848 2005-10-07] (TOSHIBA Corporation.) [File not signed] R3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed] S3 TosRfSnd; C:\Windows\System32\drivers\TosRfSnd.sys [52864 2005-11-11] (TOSHIBA Corporation) [File not signed] R3 Tosrfusb; C:\Windows\System32\Drivers\tosrfusb.sys [36736 2005-11-15] (TOSHIBA CORPORATION) [File not signed] R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2014-02-10] (TuneUp Software) S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [587176 2012-11-13] (eMPIA Technology, Inc.) S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [551208 2012-11-13] (eMPIA Technology, Inc.) R1 {6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}Gw; C:\Windows\System32\drivers\{6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}Gw.sys [43152 2014-10-18] (StdLib) S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x86\Sandra.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-30 11:08 - 2015-01-30 11:08 - 00031917 _____ () C:\Users\Vroni\Desktop\FRST.txt 2015-01-30 11:08 - 2015-01-30 11:08 - 00000000 ____D () C:\FRST 2015-01-30 11:06 - 2015-01-30 11:00 - 02130432 _____ (Farbar) C:\Users\Vroni\Desktop\FRST64.exe 2015-01-30 11:06 - 2015-01-30 11:00 - 01121792 _____ (Farbar) C:\Users\Vroni\Desktop\FRST.exe 2015-01-02 15:34 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-30 11:08 - 2010-11-20 22:01 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-30 11:07 - 2014-10-14 21:13 - 00000260 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job 2015-01-30 11:07 - 2013-10-17 10:28 - 00000000 ____D () C:\Users\Vroni\AppData\Local\Adobe 2015-01-30 11:07 - 2013-10-16 15:18 - 01131182 _____ () C:\Windows\WindowsUpdate.log 2015-01-30 11:06 - 2009-07-14 05:39 - 00045246 _____ () C:\Windows\setupact.log 2015-01-30 11:04 - 2009-07-14 05:34 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-30 11:04 - 2009-07-14 05:34 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-30 11:04 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-01-30 10:58 - 2014-12-11 13:15 - 00000000 ____D () C:\Users\Vroni\AppData\Local\RGMService 2015-01-30 10:57 - 2014-10-14 21:11 - 00000886 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-01-30 10:57 - 2014-09-20 16:44 - 00000000 ____D () C:\Users\Vroni\AppData\Roaming\Skype 2015-01-30 10:57 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-29 14:02 - 2014-12-11 13:13 - 00001779 _____ () C:\Users\Vroni\Desktop\FastPlayer.lnk 2015-01-29 14:02 - 2014-10-14 21:10 - 00000000 ____D () C:\Program Files\FastPlayer 2015-01-02 15:34 - 2013-10-17 10:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-02 15:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-01-02 15:33 - 2013-10-17 08:28 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-02 15:29 - 2014-10-14 21:13 - 00000266 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job 2015-01-02 15:28 - 2013-10-17 08:28 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Files in the root of some directories ======= 2014-10-14 21:14 - 2014-10-14 21:14 - 1484176 _____ (enter) C:\Users\Vroni\AppData\Roaming\RKJ.exe 2014-10-14 21:13 - 2014-10-14 21:13 - 1971088 _____ (enter) C:\Users\Vroni\AppData\Roaming\SLOBCEOV.exe 2014-07-19 17:43 - 2014-07-19 17:44 - 0001456 _____ () C:\Users\Vroni\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-08-05 10:49 - 2014-08-05 10:49 - 0007605 _____ () C:\Users\Vroni\AppData\Local\Resmon.ResmonCfg Files to move or delete: ==================== C:\Users\Vroni\AppData\Local\Temp\Shuka\PackerV2.exe Some content of TEMP: ==================== C:\Users\Vroni\AppData\Local\Temp\asrla0gc.dll C:\Users\Vroni\AppData\Local\Temp\CLmt3.exe C:\Users\Vroni\AppData\Local\Temp\cu7dz7vs.dll C:\Users\Vroni\AppData\Local\Temp\d8ry5sp4.dll C:\Users\Vroni\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Vroni\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Vroni\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Vroni\AppData\Local\Temp\jyjben87.dll C:\Users\Vroni\AppData\Local\Temp\KUIU.EXE C:\Users\Vroni\AppData\Local\Temp\mjakizdc.dll C:\Users\Vroni\AppData\Local\Temp\optprosetup.exe C:\Users\Vroni\AppData\Local\Temp\rlrkfmt9.dll C:\Users\Vroni\AppData\Local\Temp\setup_337.exe C:\Users\Vroni\AppData\Local\Temp\sytcuyo8.dll C:\Users\Vroni\AppData\Local\Temp\vcredist_x86.exe C:\Users\Vroni\AppData\Local\Temp\zVHI6.dll C:\Users\Vroni\AppData\Local\Temp\zVHI6.exe C:\Users\Vroni\AppData\Local\Temp\~dl51A0.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-27 10:45 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-01-2015 01 Ran by Vroni at 2015-01-30 11:09:20 Running from C:\Users\Vroni\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1} AV: Norton 360 Premier Edition (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton 360 Premier Edition (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 Premier Edition (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArtRage 4 Demo (HKLM\...\ArtRage 4 Demo 4.0.4.0) (Version: 4.0.4.0 - Ambient Design) ArtRage 4 Demo (Version: 4.0.4.0 - Ambient Design) Hidden bl (Version: 1.0.0 - Your Company Name) Hidden Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v4.00.20(SO) - ) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) FastPlayer (HKLM\...\FastPlayer) (Version: v1.0.0.6 - SoftForce LLC) <==== ATTENTION Genesis (HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\genesis_10142010) (Version: - ) <==== ATTENTION Google Chrome (HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003) (Version: - ) InetStat (HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\InetStat) (Version: 0.5b - InetStat) <==== ATTENTION! Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.) Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle) LPT System Updater Service (Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) MyBestOffersToday 014.154 (HKLM\...\mbot_de_154_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION mystartsearch uninstall (HKLM\...\mystartsearch uninstall) (Version: - mystartsearch) <==== ATTENTION Norton 360 Premier Edition (HKLM\...\N360) (Version: 6.4.1.14 - Symantec Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - ) PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden ph (Version: 1.0.0 - Your Company Name) Hidden Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Radio Canyon (HKLM\...\Radio Canyon) (Version: 1.35.9.29 - Radio Canyon) <==== ATTENTION! Remote Desktop Access (VuuPC) (HKLM\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION Samsung Magician (HKLM\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.2.1 - Samsung Electronics) SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4511.0 - SigmaTel) Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.) SpeedChecker (HKLM\...\8C838479-A8C6-DAB6-9741-CA5D51691675) (Version: - SpeedChecker-software) <==== ATTENTION SpeedUpMyPC (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.4.8 - Uniblue Systems Limited) <==== ATTENTION TERRATEC Cinergy Hybrid T USB XS FM (32 Bit) (HKLM\...\{271D6941-5F6C-4258-AD43-23839D46DC00}) (Version: 5.09.1202.00 - TERRATEC) TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software) TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN) WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH) WindowsMangerProtect20.0.0.1013 (HKLM\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ATTENTION Windows-Treiberpaket - TerraTec (USB28xxBGA) Media (12/02/2009 5.09.1202.00) (HKLM\...\BB2E2D0714CC6BBEFC9CD54767EBB829C39EADEB) (Version: 12/02/2009 5.09.1202.00 - TerraTec ) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Yahoo Community Smartbar (Version: 11.112.66.19229 - Linkury Inc.) Hidden <==== ATTENTION Yahoo Community Smartbar Engine (HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\{80988241-4c56-4feb-adde-40303855e1b5}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Chrome\Application\38.0.2125.111\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File ==================== Restore Points ========================= 13-10-2014 21:43:59 Windows Update 14-10-2014 21:11:52 Uniblue SpeedUpMyPC installation 14-10-2014 21:53:23 Windows Update 18-10-2014 16:00:39 Windows Update 24-10-2014 21:02:12 Windows Update 27-10-2014 22:35:55 Windows Update 03-11-2014 21:41:44 Windows Update 19-11-2014 21:35:31 Windows Update 19-11-2014 22:43:43 Windows Update 11-12-2014 13:18:05 Windows Update 02-01-2015 15:28:01 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2013-10-18 15:14 - 00000889 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {04346588-A156-479C-8A8A-82A9F1D978CF} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation) Task: {11C3775A-7021-4B09-BF68-C66DBCE56F9C} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation) Task: {16A93931-94AD-4AA0-8AB5-CD7F61CF63C3} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-10-07] (Uniblue Systems Limited) <==== ATTENTION Task: {24A81D2E-DED1-40E6-9B84-A68F0A531872} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-10-14] (globalUpdate) <==== ATTENTION Task: {3CDF70F2-0F0A-4BF1-BF4E-9D8BAB09A527} - System32\Tasks\AdobeAAMUpdater-1.0-Vaio_Notebook-Vroni => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {5FD6F9A4-36BD-47CC-98AD-0BBCFBEDAD89} - System32\Tasks\{30A31F06-EBED-40F7-A45F-CA73290DA860} => pcalua.exe -a C:\Users\Vroni\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=tugs Task: {6B65AB3C-4D3F-45DD-99E9-BEFF3A56B9DF} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation) Task: {A89E4C46-91F4-4E40-A223-747A7FDC39FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {AE63FF24-CE59-45A7-87D7-D828AD29D121} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software) Task: {AEE71CDA-4686-4FF2-9840-295D4F18D816} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-10-07] (Uniblue Systems Limited) <==== ATTENTION Task: {B437AB69-C2A7-4EF9-9F66-BD2C7A76F443} - System32\Tasks\{F2F7615B-BBF4-44EB-870F-C631BF87AC03} => pcalua.exe -a C:\Users\Vroni\Downloads\SP32899\setup.exe -d C:\Users\Vroni\Downloads\SP32899 Task: {D26CBCDB-F271-4609-AC5B-70208743AEE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated) Task: {D6E6E73D-3FC8-433C-ADD8-6F0DF62361FF} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2004-07-20 16:04 - 2004-07-20 16:04 - 00094208 _____ () C:\Windows\System32\TosBtHcrpAPI.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-22 11:49 - 2015-01-22 11:49 - 00382464 _____ () C:\Program Files\FastPlayer\FPUpdaterService.exe 2011-09-05 18:05 - 2011-09-05 18:05 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu 2014-08-27 15:24 - 2014-08-27 15:24 - 00034304 _____ () C:\Program Files\LPT\srpts.exe 2014-08-27 15:24 - 2014-08-27 15:29 - 00044032 _____ () C:\Program Files\LPT\srptc.dll 2014-08-27 15:23 - 2014-08-27 15:28 - 00018944 _____ () C:\Program Files\LPT\Smartbar.Common.dll 2014-08-27 15:28 - 2014-12-11 13:14 - 00327168 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Resources\crdli.dll 2013-10-17 10:21 - 2005-11-10 13:48 - 00094208 _____ () C:\Windows\system32\Mv25U870Prp.ax 2014-08-27 15:29 - 2014-08-27 15:29 - 00052224 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00087552 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\srau.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00167424 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 02426880 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00068608 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\spbl.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00160256 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00015872 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\siem.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00069120 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\sppsm.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00698368 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00016384 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00080384 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00028672 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00071680 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\srut.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00031232 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\srsbs.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00067072 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00152064 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\smti.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00075264 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\smsp.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00011776 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\sidc.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00032256 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\smtu.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00040448 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\smta.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00032768 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\srom.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00049152 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\srbu.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00025600 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\sgml.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00063488 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00026624 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\srpdm.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00045056 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\MACTrackBarLib.dll 2014-08-27 15:24 - 2014-08-27 15:24 - 00026624 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00036864 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00257024 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\srns.dll 2014-10-14 21:47 - 2014-10-14 21:47 - 00702478 _____ () C:\Users\Vroni\AppData\Roaming\InetStat\inetstat.exe 2015-01-21 16:54 - 2015-01-21 16:54 - 00134656 _____ () C:\Program Files\FastPlayer\WebBrowser.exe 2005-07-22 20:30 - 2005-07-22 20:30 - 00065536 _____ () C:\Windows\system32\TosCommAPI.dll 2004-10-14 09:18 - 2004-10-14 09:18 - 00040960 _____ () C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll 2014-10-27 23:19 - 2014-10-22 05:04 - 08910664 _____ () C:\Users\Vroni\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll 2014-10-27 23:19 - 2014-10-22 05:04 - 01681224 _____ () C:\Users\Vroni\AppData\Local\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll 2014-10-27 16:04 - 2014-10-27 16:04 - 00028160 _____ () C:\Users\Vroni\AppData\Local\RGMService\RGMUpdater.exe 2014-03-20 13:44 - 2014-03-20 13:44 - 00568120 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll 2014-08-27 15:24 - 2014-08-27 15:29 - 00036352 _____ () C:\Program Files\LPT\srptsl.exe 2014-08-27 15:24 - 2014-08-27 15:29 - 00071680 _____ () C:\Program Files\LPT\srut.dll 2014-12-01 17:01 - 2014-12-01 17:01 - 00974848 _____ () C:\Users\Vroni\AppData\Local\RGMService\RGMLoader.exe 2014-12-01 17:01 - 2014-12-01 17:01 - 01686016 _____ () C:\Users\Vroni\AppData\Local\RGMService\RGMHost.dll 2014-12-01 17:01 - 2014-12-01 17:01 - 02745856 _____ () C:\Users\Vroni\AppData\Local\RGMService\MonetizationToolsManager.dll 2014-12-01 17:02 - 2014-12-01 17:02 - 01592832 _____ () C:\Users\Vroni\AppData\Local\RGMService\ProtectorsManager.dll 2013-10-17 08:58 - 2013-05-16 13:42 - 00013824 _____ () C:\Program Files\Samsung\Samsung Magician\SAMSUNG_SSD.dll 2014-06-21 06:47 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2014-06-21 06:47 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00142336 _____ () C:\Users\Vroni\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll 2014-03-20 13:41 - 2014-03-20 13:41 - 00611128 _____ () C:\Program Files\TuneUp Utilities 2014\TUKernel.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00152888 _____ () C:\Program Files\TuneUp Utilities 2014\TUBasic.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00820024 _____ () C:\Program Files\TuneUp Utilities 2014\MainControls.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00066360 _____ () C:\Program Files\TuneUp Utilities 2014\TUTransl.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00161080 _____ () C:\Program Files\TuneUp Utilities 2014\PerlRegEx.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00210744 _____ () C:\Program Files\TuneUp Utilities 2014\XMLComponents.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00449848 _____ () C:\Program Files\TuneUp Utilities 2014\GR32_D6.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00129336 _____ () C:\Program Files\TuneUp Utilities 2014\SchedAgent_2007.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00335672 _____ () C:\Program Files\TuneUp Utilities 2014\TUCompression.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00307000 _____ () C:\Program Files\TuneUp Utilities 2014\DEC.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00493368 _____ () C:\Program Files\TuneUp Utilities 2014\Html.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00307000 _____ () C:\Program Files\TuneUp Utilities 2014\ntrtl60.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00456504 _____ () C:\Program Files\TuneUp Utilities 2014\PowerManager.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00469816 _____ () C:\Program Files\TuneUp Utilities 2014\SysInfo.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00656184 _____ () C:\Program Files\TuneUp Utilities 2014\MSI_D6.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00143672 _____ () C:\Program Files\TuneUp Utilities 2014\TUIcoEngineerDirTree.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00076600 _____ () C:\Program Files\TuneUp Utilities 2014\TUShell.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00067896 _____ () C:\Program Files\TuneUp Utilities 2014\SysControls.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00213816 _____ () C:\Program Files\TuneUp Utilities 2014\ProgramRating.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00425784 _____ () C:\Program Files\TuneUp Utilities 2014\VisControls.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00033080 _____ () C:\Program Files\TuneUp Utilities 2014\TUBase.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 01145144 _____ () C:\Program Files\TuneUp Utilities 2014\dxBarD12.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00044856 _____ () C:\Program Files\TuneUp Utilities 2014\dxCoreD12.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00016184 _____ () C:\Program Files\TuneUp Utilities 2014\dxComnD12.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00055608 _____ () C:\Program Files\TuneUp Utilities 2014\dxThemeD12.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00852280 _____ () C:\Program Files\TuneUp Utilities 2014\cxLibraryD12.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00069944 _____ () C:\Program Files\TuneUp Utilities 2014\dxGDIPlusD12.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00154424 _____ () C:\Program Files\TuneUp Utilities 2014\cefcomponent.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00324408 _____ () C:\Program Files\TuneUp Utilities 2014\AppInitialization.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00106808 _____ () C:\Program Files\TuneUp Utilities 2014\TUShredder.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00631096 _____ () C:\Program Files\TuneUp Utilities 2014\TUDiskCleanerClass.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00091960 _____ () C:\Program Files\TuneUp Utilities 2014\TUApps.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00042808 _____ () C:\Program Files\TuneUp Utilities 2014\TURar.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00489272 _____ () C:\Program Files\TuneUp Utilities 2014\Traces.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00082744 _____ () C:\Program Files\TuneUp Utilities 2014\TUOperaClass.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00047928 _____ () C:\Program Files\TuneUp Utilities 2014\TUApplications.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00042808 _____ () C:\Program Files\TuneUp Utilities 2014\TUSafariClass.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00140088 _____ () C:\Program Files\TuneUp Utilities 2014\CommonForms.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00608568 _____ () C:\Program Files\TuneUp Utilities 2014\VirtualTreesR.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00065848 _____ () C:\Program Files\TuneUp Utilities 2014\TUIECacheClass.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00103224 _____ () C:\Program Files\TuneUp Utilities 2014\TUDefragClient.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00961848 _____ () C:\Program Files\TuneUp Utilities 2014\TuningWizard.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00106296 _____ () C:\Program Files\TuneUp Utilities 2014\Internet.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00207672 _____ () C:\Program Files\TuneUp Utilities 2014\dxBarExtItemsD12.bpl 2014-03-20 13:42 - 2014-03-20 13:42 - 00289080 _____ () C:\Program Files\TuneUp Utilities 2014\RegCleaner.bpl 2014-03-20 13:41 - 2014-03-20 13:41 - 00023864 _____ () C:\Program Files\TuneUp Utilities 2014\IEControl.bpl 2014-08-27 15:29 - 2014-08-27 15:29 - 00024576 _____ () C:\Users\Vroni\AppData\Local\LPT\srptm.exe 2014-08-27 15:29 - 2014-08-27 15:29 - 00083968 _____ () C:\Users\Vroni\AppData\Local\LPT\srpt.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00044032 _____ () C:\Users\Vroni\AppData\Local\LPT\srptc.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00018944 _____ () C:\Users\Vroni\AppData\Local\LPT\Smartbar.Common.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00071680 _____ () C:\Users\Vroni\AppData\Local\LPT\srut.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00069120 _____ () C:\Users\Vroni\AppData\Local\LPT\sppsm.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00160256 _____ () C:\Users\Vroni\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00028672 _____ () C:\Users\Vroni\AppData\Local\LPT\Smartbar.Personalization.Common.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00167424 _____ () C:\Users\Vroni\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-533857234-3230724435-3058745666-500 - Administrator - Disabled) Gast (S-1-5-21-533857234-3230724435-3058745666-501 - Limited - Disabled) Vroni (S-1-5-21-533857234-3230724435-3058745666-1000 - Administrator - Enabled) => C:\Users\Vroni ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/30/2015 10:58:11 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/29/2015 02:02:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/12/2014 03:03:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4500 Error: (12/12/2014 03:03:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4500 Error: (12/12/2014 03:03:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/12/2014 03:03:11 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2000 Error: (12/12/2014 03:03:11 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2000 Error: (12/12/2014 03:03:11 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/11/2014 03:48:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8578 Error: (12/11/2014 03:48:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8578 System errors: ============= Error: (01/30/2015 11:07:33 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 113.40.0.0 Aktualisierungsquelle: %NT-AUTORITÄT51 Aktualisierungsphase: 4.6.0305.00 Quellpfad: 4.6.0305.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (01/30/2015 11:07:33 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.189.1901.0 Aktualisierungsquelle: %NT-AUTORITÄT51 Aktualisierungsphase: 4.6.0305.00 Quellpfad: 4.6.0305.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (01/30/2015 11:07:33 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.189.1901.0 Aktualisierungsquelle: %NT-AUTORITÄT51 Aktualisierungsphase: 4.6.0305.00 Quellpfad: 4.6.0305.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (01/30/2015 11:07:32 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.189.1901.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.6.0305.00 Quellpfad: 4.6.0305.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (01/30/2015 10:58:13 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 113.40.0.0 Aktualisierungsquelle: %NT-AUTORITÄT51 Aktualisierungsphase: 4.6.0305.00 Quellpfad: 4.6.0305.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (01/30/2015 10:58:12 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.189.1901.0 Aktualisierungsquelle: %NT-AUTORITÄT51 Aktualisierungsphase: 4.6.0305.00 Quellpfad: 4.6.0305.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (01/30/2015 10:58:12 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.189.1901.0 Aktualisierungsquelle: %NT-AUTORITÄT51 Aktualisierungsphase: 4.6.0305.00 Quellpfad: 4.6.0305.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\NETZWERKDIENST Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (01/30/2015 10:58:12 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error: (01/30/2015 10:58:08 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.189.1901.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.6.0305.00 Quellpfad: 4.6.0305.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (01/30/2015 10:57:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "iPod-Dienst" wurde mit folgendem Fehler beendet: %%-2147417831 Microsoft Office Sessions: ========================= Error: (01/30/2015 10:58:11 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/29/2015 02:02:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/12/2014 03:03:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4500 Error: (12/12/2014 03:03:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4500 Error: (12/12/2014 03:03:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/12/2014 03:03:11 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2000 Error: (12/12/2014 03:03:11 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2000 Error: (12/12/2014 03:03:11 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/11/2014 03:48:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8578 Error: (12/11/2014 03:48:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8578 ==================== Memory info =========================== Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz Percentage of memory in use: 60% Total physical RAM: 3070.05 MB Available physical RAM: 1222.26 MB Total Pagefile: 6138.4 MB Available Pagefile: 4222.43 MB Total Virtual: 2047.88 MB Available Virtual: 1900.71 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:189.66 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 162EBCA0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
Themen zu Win7 32Bit Home Premium - Windows Befehlsprozessor will ...\Shuka\PackerV2.exe starten |
adobe, adware, bonjour, booten, browser, cpu, defender, error, failed, fehler, flash player, home, homepage, installmanager.exe, mozilla, newtab, packerv2.exe, registry, rundll, scan, security, services.exe, shuka, software, starten, svchost.exe, symantec, teredo, updates, vcredist, windows |