Hi Cosinus
Hier das Log von AdwCleaener: Code:
# AdwCleaner v3.001 - Report created 28/08/2013 at 11:24:41
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Fritz - FRITZ-PC
# Running from : C:\Users\Fritz\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\lao5nbhv.default\jetpack
Folder Deleted : C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\lao5nbhv.default\CT2625848
Folder Deleted : C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\lao5nbhv.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\Search Settings
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16470
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\lao5nbhv.default\prefs.js ]
Line Deleted : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"181.FM Co...\",\"description\":\"usa internet 181.fm c...\",\"url\":\"hxxp://wms-rly.181.fm/181-comedy\"}");
Line Deleted : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2625848.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2625848&octid=CT2625848&SearchSource=15&CUI=UN92484522022191261&SSPV=NT_FF_RD&Lay=1&UM=[...]
Line Deleted : user_pref("CT2625848.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"map\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.awakenedlands.com%2Fbank2.php\",\"EB_MAIN_FRAME_TITLE\":\"AwakenedLands.com%20%3A%3A%[...]
Line Deleted : user_pref("CT2625848.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"11\\\\/17\\\\/2012 00\\\"}\"}");
Line Deleted : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2625848\"}");
Line Deleted : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB DE\"}");
Line Deleted : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1363617930353,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.enabledAddons", "gmailnoads%40mywebber.com:3.9.1,%7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions[...]
-\\ Google Chrome v29.0.1547.57
[ File : C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4777 octets] - [28/08/2013 11:23:57]
AdwCleaner[S0].txt - [4768 octets] - [28/08/2013 11:24:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4828 octets] ########## JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x86
Ran by Fritz on 28.08.2013 at 11:35:39,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Fritz\AppData\Roaming\mozilla\firefox\profiles\lao5nbhv.default\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.08.2013 at 11:37:05,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Und Log sowie Addition file von FRST
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013
Ran by Fritz (administrator) on 28-08-2013 11:40:50
Running from C:\Users\Fritz\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(X10) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe
(Dropbox, Inc.) C:\Users\Fritz\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Labtec\Desktop\6.0\Mouse32V.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-03] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1164584 2010-08-20] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [144784 2008-06-10] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKCU\...\Run: [LWBKEYBOARD] - C:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe [395264 2007-03-26] ()
HKCU\...\Run: [LWBMOUSE] - C:\Program Files\Labtec\Desktop\6.0\MOffice.exe [457728 2007-04-11] ()
HKCU\...\Run: [GoogleChromeAutoLaunch_A6117165C70202AC76D69ED1786D3D94] - C:\Program Files\Google\Chrome\Application\chrome.exe [829392 2013-08-16] (Google Inc.)
Startup: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Fritz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {234FF378-7968-481A-8914-F430A4C0097A} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {37BC9EEB-B7BD-4029-8D8D-74FF83764E6A} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {555B4F49-2C2A-4583-BAE5-4185F4DC14DB} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6301FBE2-53A5-473D-B7DA-FD5CE5DB2896} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
SearchScopes: HKCU - {AE82AD43-839F-4A4A-90B6-46861A7E4347} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {BD963ED2-FF95-4F0C-8B25-9555D48F1874} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU -No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU -No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\Windows\system32\WowCtl2.dll (EzTools Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{F1842C52-12C0-482F-80FE-0B9E92DCED88}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\lao5nbhv.default
FF Homepage: google.de
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('.brightcove.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20(url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1%20%26%26%20url.indexOf('s3.amazonaws.com')%20%3D%3D%20-1%20%26%26%20url.indexOf('ping.chartbeat.net')%20%3D%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*'))%20%7B%20return%20'PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: gmailnoads - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\lao5nbhv.default\Extensions\gmailnoads@mywebber.com.xpi
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\lao5nbhv.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: No Name - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\lao5nbhv.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Yahoo!) - hxxp://de.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=302398&p={searchTerms}
CHR DefaultSuggestURL: (Yahoo!) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0
========================== Services (Whitelisted) =================
R2 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)
==================== Drivers (Whitelisted) ====================
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5313536 2010-02-03] (ATI Technologies Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2012-08-04] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2011-02-04] ()
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [718336 2009-04-03] (Ralink Technology Corp.)
R3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1558368 2010-02-04] (NXP Semiconductors Germany GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 catchme; \??\C:\Users\Fritz\AppData\Local\Temp\catchme.sys [x]
S3 LVUVC; system32\DRIVERS\lvuvc.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-28 11:33 - 2013-08-28 11:24 - 00004908 _____ C:\Users\Fritz\Desktop\AdwCleaner[S0].txt
2013-08-28 11:23 - 2013-08-28 11:24 - 00000000 ____D C:\AdwCleaner
2013-08-28 11:23 - 2013-08-28 11:23 - 01072975 _____ (Farbar) C:\Users\Fritz\Desktop\FRST.exe
2013-08-28 11:22 - 2013-08-28 11:22 - 01021434 _____ (Thisisu) C:\Users\Fritz\Desktop\JRT.exe
2013-08-28 11:22 - 2013-08-28 11:22 - 00994642 _____ C:\Users\Fritz\Desktop\adwcleaner.exe
2013-08-27 22:10 - 2013-08-27 22:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-27 22:10 - 2013-08-27 22:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-27 22:09 - 2013-08-27 22:21 - 00000000 ____D C:\Users\Fritz\Desktop\mbar
2013-08-27 22:07 - 2013-08-27 22:07 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Fritz\Desktop\mbar-1.07.0.1005.exe
2013-08-27 20:23 - 2013-08-27 20:23 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\WinRAR
2013-08-27 20:23 - 2013-08-27 20:23 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-27 20:23 - 2013-08-27 20:23 - 00000000 ____D C:\Program Files\WinRAR
2013-08-27 20:22 - 2013-08-27 20:22 - 01609146 _____ C:\Users\Fritz\Downloads\wrar420d.exe
2013-08-27 18:44 - 2013-08-27 18:44 - 00008718 _____ C:\ComboFix.txt
2013-08-27 18:33 - 2013-08-27 18:34 - 05114158 ____R (Swearware) C:\Users\Fritz\Desktop\ComboFix.exe
2013-08-26 18:49 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-26 18:49 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-26 18:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-26 18:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-26 18:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-26 18:49 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-26 18:49 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-26 18:49 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-26 18:48 - 2013-08-27 18:44 - 00000000 ____D C:\Qoobox
2013-08-26 18:48 - 2013-08-26 18:57 - 00000000 ____D C:\Windows\erdnt
2013-08-25 21:40 - 2013-08-28 11:38 - 00000000 ____D C:\Users\Fritz\Desktop\ihaveshit
2013-08-25 21:37 - 2013-08-25 21:37 - 00000000 ____D C:\FRST
2013-08-25 21:17 - 2013-08-25 21:17 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 21:07 - 2013-08-25 21:07 - 00123950 _____ C:\Users\Fritz\Desktop\OTL2.Txt
2013-08-25 21:06 - 2013-08-25 21:06 - 00073696 _____ C:\Users\Fritz\Desktop\Extras.Txt
2013-08-25 20:58 - 2013-08-25 20:32 - 00602112 _____ (OldTimer Tools) C:\Users\Fritz\Desktop\OTL.exe
2013-08-25 20:33 - 2013-08-25 20:33 - 00000000 _____ C:\Users\Fritz\defogger_reenable
2013-08-25 20:32 - 2013-08-25 20:32 - 00602112 _____ (OldTimer Tools) C:\Users\Fritz\Downloads\OTL.exe
2013-08-18 15:40 - 2013-08-18 15:43 - 00000000 ____D C:\Users\Fritz\Downloads\c
2013-08-18 13:38 - 2013-08-18 13:41 - 83382977 _____ C:\Users\Fritz\Downloads\01 Track 01 18.m4a
2013-08-17 19:33 - 2013-08-17 19:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-15 12:37 - 2013-08-15 12:37 - 00182363 _____ C:\Users\Fritz\Downloads\2013-04-30 Optimierung der Kanalnutzung II.pptx
2013-08-15 12:36 - 2013-08-15 12:36 - 02213817 _____ C:\Users\Fritz\Downloads\2013-04-16 Optimierung der Kanalnutzung zur Vermaktung der VKM.pptx
2013-08-12 20:25 - 2013-08-12 21:26 - 00000000 ____D C:\musicBirgit
2013-08-09 09:54 - 2013-08-09 09:54 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Thunderbird
2013-08-09 09:54 - 2013-08-09 09:54 - 00000000 ____D C:\Users\Fritz\AppData\Local\Thunderbird
2013-08-09 09:54 - 2013-08-09 09:54 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-08-09 09:52 - 2013-08-09 09:52 - 19681592 _____ (Mozilla) C:\Users\Fritz\Downloads\Thunderbird Setup 17.0.8.exe
2013-08-06 22:09 - 2013-08-06 22:10 - 00000000 ____D C:\BirgitMusik
==================== One Month Modified Files and Folders =======
2013-08-28 11:38 - 2013-08-25 21:40 - 00000000 ____D C:\Users\Fritz\Desktop\ihaveshit
2013-08-28 11:37 - 2013-08-28 11:37 - 00000756 _____ C:\Users\Fritz\Desktop\JRT.txt
2013-08-28 11:36 - 2010-09-30 22:22 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-28 11:35 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-28 11:35 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-28 11:31 - 2010-09-30 19:33 - 01453496 _____ C:\Windows\WindowsUpdate.log
2013-08-28 11:30 - 2011-12-12 15:25 - 00000000 ___RD C:\Users\Fritz\Dropbox
2013-08-28 11:30 - 2011-12-12 15:23 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Dropbox
2013-08-28 11:30 - 2010-09-30 22:22 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-28 11:26 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-28 11:26 - 2009-07-14 06:39 - 00125227 _____ C:\Windows\setupact.log
2013-08-28 11:24 - 2013-08-28 11:33 - 00004908 _____ C:\Users\Fritz\Desktop\AdwCleaner[S0].txt
2013-08-28 11:24 - 2013-08-28 11:23 - 00000000 ____D C:\AdwCleaner
2013-08-28 11:23 - 2013-08-28 11:23 - 01072975 _____ (Farbar) C:\Users\Fritz\Desktop\FRST.exe
2013-08-28 11:22 - 2013-08-28 11:22 - 01021434 _____ (Thisisu) C:\Users\Fritz\Desktop\JRT.exe
2013-08-28 11:22 - 2013-08-28 11:22 - 00994642 _____ C:\Users\Fritz\Desktop\adwcleaner.exe
2013-08-28 11:15 - 2012-09-02 22:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-28 08:29 - 2010-03-05 15:11 - 00926412 _____ C:\Windows\PFRO.log
2013-08-27 22:21 - 2013-08-27 22:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-27 22:21 - 2013-08-27 22:09 - 00000000 ____D C:\Users\Fritz\Desktop\mbar
2013-08-27 22:10 - 2013-08-27 22:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-27 22:07 - 2013-08-27 22:07 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Fritz\Desktop\mbar-1.07.0.1005.exe
2013-08-27 20:23 - 2013-08-27 20:23 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\WinRAR
2013-08-27 20:23 - 2013-08-27 20:23 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-27 20:23 - 2013-08-27 20:23 - 00000000 ____D C:\Program Files\WinRAR
2013-08-27 20:22 - 2013-08-27 20:22 - 01609146 _____ C:\Users\Fritz\Downloads\wrar420d.exe
2013-08-27 18:44 - 2013-08-27 18:44 - 00008718 _____ C:\ComboFix.txt
2013-08-27 18:44 - 2013-08-26 18:48 - 00000000 ____D C:\Qoobox
2013-08-27 18:43 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-08-27 18:34 - 2013-08-27 18:33 - 05114158 ____R (Swearware) C:\Users\Fritz\Desktop\ComboFix.exe
2013-08-26 18:58 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-08-26 18:57 - 2013-08-26 18:48 - 00000000 ____D C:\Windows\erdnt
2013-08-25 22:12 - 2010-03-05 14:50 - 00331694 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-25 21:37 - 2013-08-25 21:37 - 00000000 ____D C:\FRST
2013-08-25 21:17 - 2013-08-25 21:17 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 21:17 - 2011-07-10 12:34 - 00000000 ____D C:\ProgramData\Uniblue
2013-08-25 21:07 - 2013-08-25 21:07 - 00123950 _____ C:\Users\Fritz\Desktop\OTL2.Txt
2013-08-25 21:06 - 2013-08-25 21:06 - 00073696 _____ C:\Users\Fritz\Desktop\Extras.Txt
2013-08-25 20:33 - 2013-08-25 20:33 - 00000000 _____ C:\Users\Fritz\defogger_reenable
2013-08-25 20:33 - 2010-09-30 19:34 - 00000000 ____D C:\Users\Fritz
2013-08-25 20:32 - 2013-08-25 20:58 - 00602112 _____ (OldTimer Tools) C:\Users\Fritz\Desktop\OTL.exe
2013-08-25 20:32 - 2013-08-25 20:32 - 00602112 _____ (OldTimer Tools) C:\Users\Fritz\Downloads\OTL.exe
2013-08-21 17:42 - 2010-09-30 22:30 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-20 21:16 - 2012-06-07 21:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-20 21:16 - 2011-05-14 23:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-19 18:17 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-18 15:43 - 2013-08-18 15:40 - 00000000 ____D C:\Users\Fritz\Downloads\c
2013-08-18 14:46 - 2010-09-30 22:25 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\vlc
2013-08-18 13:41 - 2013-08-18 13:38 - 83382977 _____ C:\Users\Fritz\Downloads\01 Track 01 18.m4a
2013-08-18 13:18 - 2012-08-01 15:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-17 19:33 - 2013-08-17 19:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-15 12:37 - 2013-08-15 12:37 - 00182363 _____ C:\Users\Fritz\Downloads\2013-04-30 Optimierung der Kanalnutzung II.pptx
2013-08-15 12:36 - 2013-08-15 12:36 - 02213817 _____ C:\Users\Fritz\Downloads\2013-04-16 Optimierung der Kanalnutzung zur Vermaktung der VKM.pptx
2013-08-12 21:26 - 2013-08-12 20:25 - 00000000 ____D C:\musicBirgit
2013-08-09 09:54 - 2013-08-09 09:54 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Thunderbird
2013-08-09 09:54 - 2013-08-09 09:54 - 00000000 ____D C:\Users\Fritz\AppData\Local\Thunderbird
2013-08-09 09:54 - 2013-08-09 09:54 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-08-09 09:52 - 2013-08-09 09:52 - 19681592 _____ (Mozilla) C:\Users\Fritz\Downloads\Thunderbird Setup 17.0.8.exe
2013-08-06 22:10 - 2013-08-06 22:09 - 00000000 ____D C:\BirgitMusik
2013-08-05 17:16 - 2013-06-17 19:16 - 00000000 ____D C:\Users\Fritz\Desktop\silberne
Files to move or delete:
====================
C:\Users\Fritz\Dropbox 1.2.49.exe
C:\Users\Fritz\Firefox_Setup_8.0.1final.exe
C:\Users\Fritz\USB Adapter DriverOnly Setup - XPVista.exe
C:\Users\Fritz\AppData\Local\Temp\Quarantine.exe
C:\Users\Fritz\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2012-10-16 14:59
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-08-2013
Ran by Fritz at 2013-08-28 11:41:09
Running from C:\Users\Fritz\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
ANNO 1503 GOLD (Version: 1.05.00)
Apple Application Support (Version: 2.1.5)
ATI Catalyst Install Manager (Version: 3.0.762.0)
Caesar IV (Version: 0.18.13)
Catalyst Control Center Core Implementation (Version: 2010.0202.2335.42270)
Catalyst Control Center Graphics Full Existing (Version: 2010.0202.2335.42270)
Catalyst Control Center Graphics Full New (Version: 2010.0202.2335.42270)
Catalyst Control Center Graphics Light (Version: 2010.0202.2335.42270)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0202.2335.42270)
Catalyst Control Center InstallProxy (Version: 2010.0202.2335.42270)
Catalyst Control Center Localization All (Version: 2010.0202.2335.42270)
CCC Help Danish (Version: 2010.0202.2334.42270)
CCC Help Dutch (Version: 2010.0202.2334.42270)
CCC Help English (Version: 2010.0202.2334.42270)
CCC Help Finnish (Version: 2010.0202.2334.42270)
CCC Help French (Version: 2010.0202.2334.42270)
CCC Help German (Version: 2010.0202.2334.42270)
CCC Help Italian (Version: 2010.0202.2334.42270)
CCC Help Japanese (Version: 2010.0202.2334.42270)
CCC Help Norwegian (Version: 2010.0202.2334.42270)
CCC Help Spanish (Version: 2010.0202.2334.42270)
CCC Help Swedish (Version: 2010.0202.2334.42270)
ccc-core-static (Version: 2010.0202.2335.42270)
ccc-utility (Version: 2010.0202.2335.42270)
CDBurnerXP (Version: 4.3.8.2568)
Citavi (Version: 3.0.3.0)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
CyberLink LabelPrint (Version: 2.5.1916)
CyberLink Power2Go (Version: 6.1.3213)
CyberLink PowerDVD Copy (Version: 1.0.6720)
Die Sims™ 2
Die Sims™ 2 Apartment-Leben
Die Sims™ 2 Haustiere
Die Sims Mittelalter (Version: 2.0.113)
DivX-Setup (Version: 2.0.0.86)
Dropbox (HKCU Version: 2.0.22)
f4 3.1.0 (Version: 3.1.0)
Free Audio CD Burner version 1.4
Free YouTube to MP3 Converter version 3.11.32.918 (Version: 3.11.32.918)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (Version: 29.0.1547.57)
Google Update Helper (Version: 1.3.21.153)
Grand Theft Auto San Andreas (Version: 1.00.00001)
Hotel Gigant 2 (Version: 1.00)
Internet-TV für Windows Media Center (Version: 4.2.2.0)
Java 2 Runtime Environment, SE v1.4.2_19 (Version: 1.4.2_19)
Java(TM) 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 14.0.8117.416)
Labtec Keyboard/Desktop Software 6.0
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.4 (Version: 2.0.3008.0)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (Version: 17.0.8)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
NVIDIA Drivers (Version: 1.7)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PDF24 Creator 5.4.0
PDFCreator (Version: 1.0.2)
pdfforge Toolbar v7.4 (Version: 7.4)
PDF-Viewer (Version: 2.5.206.0)
Pixum EasyBook
PlayReady PC Runtime x86 (Version: 1.3.0)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.5995)
Skype™ 5.10 (Version: 5.10.116)
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VLC media player 1.1.4 (Version: 1.1.4)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Fotogalerie (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Windows-Treiberpaket - Ralink (netr28u) Net (04/03/2009 2.03.02.0000) (Version: 04/03/2009 2.03.02.0000)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
Write-N-Cite (Version: III)
X10 Hardware(TM)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:04 - 2013-08-27 18:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {05EE699F-AB25-42D8-8781-558C5D1D2FAD} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)
Task: {06415D9C-B5A1-47CE-8A48-D3FF15EABCF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {079C4C60-5340-4512-A4E0-26DE615EFB98} - System32\Tasks\{C474BD57-0CF1-490B-8970-A19AD48EB8D0} => C:\Program Files\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe [2005-08-05] ()
Task: {0E12083C-0335-49DB-9542-BA1EC6D83ECC} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)
Task: {18E6D428-D26C-4169-BEDF-3B5BDDC952F6} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2010-11-20] (Microsoft Corporation)
Task: {1EC9510D-A439-4950-9399-B6399EDF9EA7} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2009-07-14] (Microsoft Corporation)
Task: {2124DB73-5EB1-41B1-AE3B-82B1DDEBC3F8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {231B179D-2861-41AB-9108-E3B70FB9C434} - System32\Tasks\snfhstx => C:\Windows\system32\KBDDIV2Z.dll No File
Task: {50A80A7F-3D74-4E1B-87C1-F9CAB07D5028} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {5C2C622F-70E9-4194-A7DA-033E827365AD} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2010-11-20] (Microsoft Corporation)
Task: {62E5A3EA-76BE-43A3-8DE3-B3161F351C88} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {8DC9D6DD-1658-4AAE-96DE-93390D757E2F} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2009-07-14] (Microsoft Corporation)
Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2010-11-20] (Microsoft Corporation)
Task: {95F9C944-9B55-4641-8C8F-F57F7F0E07B5} - System32\Tasks\{87B535A0-5E3E-4A0D-AF85-32C6AC6D4E25} => c:\program files\internet explorer\iexplore.exe [2013-02-02] (Microsoft Corporation)
Task: {AE3E244D-B7C9-4E11-8FA3-4F7A984425DC} - System32\Tasks\{AFE0D750-5123-42A8-AD43-5A7BBE436463} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {B0DAD6BB-894F-4270-8BFB-D779A8459FD4} - System32\Tasks\{98D2E35D-3098-4A63-8D95-53C4B79815FF} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {BD23920C-6BE5-41BA-8A07-E0C60AE766F4} - System32\Tasks\{0C7702CE-0413-462F-865A-96A9230F4AF3} => C:\Program Files\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe [2005-08-05] ()
Task: {CD0224E4-5126-4E81-9576-766E6DB13E3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-30] (Google Inc.)
Task: {D52C9982-74DC-47CC-BEDC-519A703A0995} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-30] (Google Inc.)
Task: {E0E0DE4A-B175-4982-819B-0C5BCCC3FB11} - System32\Tasks\{EE3D48B5-79DF-4BFF-ABD0-24C36906AD56} => C:\Program Files\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe [2005-08-05] ()
Task: {FA03DA9C-884F-4656-9A8F-C948F8152A9C} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\Fritz\Thumbs.db:encryptable
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (11/28/2012 01:16:30 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 19845 seconds with 1800 seconds of active time. This session ended with a crash.
Error: (06/30/2012 08:47:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6783 seconds with 300 seconds of active time. This session ended with a crash.
Error: (12/01/2011 00:45:19 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5213 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/25/2011 01:11:54 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17675 seconds with 4380 seconds of active time. This session ended with a crash.
Error: (07/10/2011 11:01:21 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7849 seconds with 3960 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 3071.3 MB
Available physical RAM: 2244.78 MB
Total Pagefile: 6140.89 MB
Available Pagefile: 5244 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.16 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:910.41 GB) (Free:814.52 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:1.29 GB) NTFS
Drive e: (Sims2EP8) (CDROM) (Total:0.98 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=910 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================ |