Hi Schrauber,
danke das Du mir hilfst.
Hier die Logs:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014
Ran by Männi (administrator) on MAENNI-PC on 03-09-2014 11:10:16
Running from C:\Users\Männi\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\Hp\QuickPlay\Kernel\TV\QPCapSvc.exe
(CyberLink Corp.) C:\Program Files\Hp\QuickPlay\QPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\ImApp.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\WINDOWS\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\WINDOWS\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [181544 2007-09-30] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2007-08-17] (CyberLink Corp.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-09-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [311296 2007-01-08] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288 2007-11-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-02] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1328458002-1274361104-3696180445-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [455968 2007-08-23] (Hewlett-Packard Company)
HKU\S-1-5-21-1328458002-1274361104-3696180445-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1328458002-1274361104-3696180445-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-1328458002-1274361104-3696180445-1000\...\MountPoints2: {050ffd09-4f4c-11e1-883b-001e101fb681} - G:\AutoRun.exe
HKU\S-1-5-21-1328458002-1274361104-3696180445-1000\...\MountPoints2: {3d4818f5-4f15-11e1-8b7d-001e101f50a4} - G:\AutoRun.exe
HKU\S-1-5-21-1328458002-1274361104-3696180445-1000\...\MountPoints2: {4ae01f2e-4d14-11e1-bfa0-001a73e4a985} - G:\AutoRun.exe
HKU\S-1-5-21-1328458002-1274361104-3696180445-1000\...\MountPoints2: {4ae01f40-4d14-11e1-bfa0-001e101fb45e} - G:\AutoRun.exe
HKU\S-1-5-21-1328458002-1274361104-3696180445-1000\...\MountPoints2: {67b17f7e-c694-11e0-84dd-806e6f6e6963} - F:\AUTORUN.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKCU - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
FireFox:
========
FF ProfilePath: C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\searchplugins\computer-bild-suche.xml
FF SearchPlugin: C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: German Dictionary - C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-13]
FF Extension: WOT - C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-28]
FF Extension: everygain Translator - C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\Extensions\ck@everygain.com.xpi [2012-01-30]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-11-12]
FF Extension: Save Session - C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\Extensions\savesession@noasobi.net.xpi [2011-08-18]
FF Extension: Adblock Plus - C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-14]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\Männi\AppData\Roaming\Mozilla\Firefox\Profiles\6i0k917q.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2011-12-31]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-08-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-14]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ajeaeekpfakbiidigngcnelnclhnaibo] - C:\Users\Männi\AppData\Local\CRE\ajeaeekpfakbiidigngcnelnclhnaibo.crx []
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-25]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-25] (AVAST Software)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [457248 2008-12-18] ()
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [191008 2008-12-18] ()
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-09-30] ()
S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-09-30] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-25] ()
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-07-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-25] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-07-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-25] ()
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-09-03] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U4 eabfiltr; No ImagePath
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 11:10 - 2014-09-03 11:10 - 00018511 _____ () C:\Users\Männi\Desktop\FRST.txt
2014-09-03 11:10 - 2014-09-03 11:10 - 00000000 ____D () C:\FRST
2014-09-03 11:07 - 2014-09-03 11:07 - 01096704 _____ (Farbar) C:\Users\Männi\Desktop\FRST.exe
2014-09-03 09:13 - 2014-09-03 09:13 - 00001756 _____ () C:\Users\Männi\Desktop\mbm-03.09.14.txt
2014-09-02 17:00 - 2014-09-02 17:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-02 15:22 - 2014-09-03 07:45 - 00031871 _____ () C:\ProgramData\nvModes.dat
2014-09-02 15:22 - 2014-09-03 07:45 - 00031871 _____ () C:\ProgramData\nvModes.001
2014-09-02 15:22 - 2014-09-02 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-02 14:26 - 2014-09-02 14:26 - 00000000 ____D () C:\Users\Männi\AppData\Local\NVIDIA
2014-09-02 14:25 - 2014-09-02 14:25 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-09-02 14:22 - 2014-09-02 14:34 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-02 14:19 - 2014-09-02 15:22 - 00000000 ____D () C:\Users\Männi\{7602f033-9cc1-4d1f-b599-102ba00da4f0}
2014-09-02 14:03 - 2014-09-02 14:03 - 00000000 ____D () C:\NVIDIA
2014-09-02 13:24 - 2014-07-25 08:46 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-02 13:23 - 2014-07-25 08:46 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-02 13:23 - 2014-07-25 08:46 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-02 13:22 - 2014-09-02 13:26 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-09-02 11:55 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-02 11:55 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-02 11:55 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-02 11:55 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-02 11:46 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-02 11:46 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-02 11:38 - 2014-09-02 11:38 - 00000981 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-02 11:38 - 2014-09-02 11:38 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-02 11:27 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-02 11:27 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-02 11:27 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-02 11:27 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-02 11:27 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-02 11:26 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-02 11:26 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-02 11:26 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-02 11:26 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-02 11:26 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-02 11:26 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-02 11:26 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-02 11:26 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-02 11:26 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-02 11:26 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-02 11:26 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-02 11:26 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-02 11:25 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-02 11:25 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-02 11:25 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-02 11:25 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-02 11:25 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-02 11:25 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-02 11:25 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-02 11:25 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-02 11:25 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-02 11:25 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-02 11:25 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-02 11:25 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-01 21:24 - 2014-02-25 10:56 - 00002533 _____ () C:\Users\Männi\insertbar8.xml
2014-09-01 20:18 - 2014-09-01 20:38 - 06507517 _____ () C:\Users\Männi\Desktop\Sender-Antenne.odt
2014-09-01 11:29 - 2014-09-01 20:13 - 00000000 ____D () C:\Users\Männi\AppData\Local\SearchProtect
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 11:10 - 2014-09-03 11:10 - 00018511 _____ () C:\Users\Männi\Desktop\FRST.txt
2014-09-03 11:10 - 2014-09-03 11:10 - 00000000 ____D () C:\FRST
2014-09-03 11:07 - 2014-09-03 11:07 - 01096704 _____ (Farbar) C:\Users\Männi\Desktop\FRST.exe
2014-09-03 11:05 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 11:05 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 11:02 - 2012-07-06 14:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-03 09:13 - 2014-09-03 09:13 - 00001756 _____ () C:\Users\Männi\Desktop\mbm-03.09.14.txt
2014-09-03 08:38 - 2014-03-31 11:36 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 07:58 - 2007-12-24 22:37 - 01956182 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:49 - 2013-05-14 09:39 - 00000386 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-09-03 07:47 - 2013-05-14 09:39 - 00013464 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-09-03 07:47 - 2007-12-24 22:53 - 00000163 _____ () C:\Users\Public\Documents\hpqp.ini
2014-09-03 07:45 - 2014-09-02 15:22 - 00031871 _____ () C:\ProgramData\nvModes.dat
2014-09-03 07:45 - 2014-09-02 15:22 - 00031871 _____ () C:\ProgramData\nvModes.001
2014-09-03 07:45 - 2014-07-25 15:57 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-09-03 07:45 - 2012-07-06 14:23 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-03 07:45 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-02 20:14 - 2006-11-02 15:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-02 17:01 - 2014-09-02 17:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-02 16:32 - 2011-10-16 10:27 - 00001356 _____ () C:\Users\Männi\AppData\Local\d3d9caps.dat
2014-09-02 15:28 - 2014-09-02 15:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-02 15:22 - 2014-09-02 14:19 - 00000000 ____D () C:\Users\Männi\{7602f033-9cc1-4d1f-b599-102ba00da4f0}
2014-09-02 15:22 - 2011-08-14 17:50 - 00000000 ____D () C:\Users\Männi
2014-09-02 15:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-09-02 15:21 - 2011-08-14 18:04 - 00000000 ____D () C:\Users\Männi\AppData\Local\QuickPlay
2014-09-02 15:21 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2014-09-02 15:21 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-09-02 15:21 - 2006-11-02 12:22 - 50855936 _____ () C:\Windows\system32\config\components_previous
2014-09-02 15:21 - 2006-11-02 12:22 - 46923776 _____ () C:\Windows\system32\config\software_previous
2014-09-02 15:21 - 2006-11-02 12:22 - 31981568 _____ () C:\Windows\system32\config\system_previous
2014-09-02 15:21 - 2006-11-02 12:22 - 05505024 _____ () C:\Windows\system32\config\default_previous
2014-09-02 15:21 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-09-02 15:21 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-09-02 14:47 - 2007-10-26 18:31 - 00353196 _____ () C:\Windows\PFRO.log
2014-09-02 14:34 - 2014-09-02 14:22 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-02 14:34 - 2013-05-14 10:34 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-02 14:26 - 2014-09-02 14:26 - 00000000 ____D () C:\Users\Männi\AppData\Local\NVIDIA
2014-09-02 14:25 - 2014-09-02 14:25 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-09-02 14:25 - 2013-05-14 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-02 14:03 - 2014-09-02 14:03 - 00000000 ____D () C:\NVIDIA
2014-09-02 13:28 - 2007-10-26 19:28 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-09-02 13:26 - 2014-09-02 13:22 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-09-02 13:12 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-09-02 13:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-02 12:38 - 2006-11-02 12:33 - 01566310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-02 12:35 - 2013-10-02 10:34 - 00080720 _____ () C:\Users\Männi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-02 12:08 - 2006-11-02 14:47 - 00335200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-02 12:03 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-02 12:01 - 2013-07-21 11:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-02 11:58 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-02 11:39 - 2014-06-13 14:32 - 00009744 _____ () C:\Windows\SecuniaPackage.log
2014-09-02 11:38 - 2014-09-02 11:38 - 00000981 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-02 11:38 - 2014-09-02 11:38 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-02 11:38 - 2013-08-08 21:29 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-09-02 11:30 - 2013-04-23 13:23 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-02 11:24 - 2012-07-06 14:37 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-02 11:24 - 2011-08-14 20:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-02 11:16 - 2013-12-12 22:14 - 00001835 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-02 10:55 - 2013-09-18 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-02 10:55 - 2011-08-26 12:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-02 10:55 - 2011-08-21 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2014-09-02 10:55 - 2011-08-14 19:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-02 10:55 - 2006-11-02 14:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 20:38 - 2014-09-01 20:18 - 06507517 _____ () C:\Users\Männi\Desktop\Sender-Antenne.odt
2014-09-01 20:13 - 2014-09-01 11:29 - 00000000 ____D () C:\Users\Männi\AppData\Local\SearchProtect
2014-09-01 07:28 - 2013-05-14 10:47 - 00003184 _____ () C:\Windows\setupact.log
2014-08-31 22:12 - 2013-09-18 18:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-31 22:11 - 2013-03-13 17:29 - 00000000 ____D () C:\Program Files\Java
2014-08-31 20:58 - 2013-09-10 20:44 - 00000821 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-31 20:54 - 2012-01-30 20:25 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-08-31 20:42 - 2011-08-15 19:40 - 00000000 ____D () C:\Users\Männi\AppData\Roaming\HpUpdate
2014-08-25 06:53 - 2011-08-15 21:47 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 03:03 - 2014-09-02 11:46 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-09-02 11:46 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
Some content of TEMP:
====================
C:\Users\Männi\AppData\Local\Temp\jre-8u20-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-03 08:02
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-09-2014
Ran by Männi at 2014-09-03 11:11:11
Running from C:\Users\Männi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\{15AE611F-5A40-4BD0-9291-1C6856BDB9A4}) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\{16E20D9D-E7E2-4951-A944-6FFC40870AD4}) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.150.22.0 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
COMPUTERBILD-Abzockschutz (HKLM\...\{AB592087-78A7-424D-A81F-98A922942F73}) (Version: 1.0.52 - J3S)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.60 - Conexant)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)
CyberLink YouCam (Version: 1.0.1002 - CyberLink Corp.) Hidden
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)
EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)
EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden
ESU for Microsoft Vista (HKLM\...\{9BA6E8AF-2122-4825-9B55-98BC351E3C94}) (Version: 2.0.10.1 - Hewlett-Packard)
Google+ Auto Backup (HKLM\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: - )
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden
HP Active Support Library (HKLM\...\{11BB336F-0E58-4977-B866-F24FA334616B}) (Version: 2.3.0.2 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Help and Support (HKLM\...\{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}) (Version: 1.5.1 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - )
HP QuickTouch 1.00 D2 (HKLM\...\{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}) (Version: 1.0.9 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP User Guides 0088 (HKLM\...\{8347A7A5-4AB8-433F-82AA-496B0D189A9B}) (Version: 1.02.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
IncrediMail (Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Java 8 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (Version: 2.8.20.26 - Oracle Corporation) Hidden
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)
LightScribe System Software 1.10.13.1 (Version: 1.10.13.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0 (x86 de) (HKLM\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSCU for Microsoft Vista (HKLM\...\{3D356AA9-2D0C-4373-A762-B42F1A289233}) (Version: 1.0.1.9 - Hewlett-Packard)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.46 - BVRP Software, Inc)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.6796 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (Version: 1.00.6796 - NVIDIA Corporation) Hidden
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3327 - CyberLink Corp.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2129 - CyberLink Corp.)
PowerDirector (Version: 6.5.2129 - CyberLink Corp.) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickPlay SlingPlayer 0.4.4 (HKLM\...\SlingMedia.QPSlingPlayer_is1) (Version: 0.4.4 - SlingMedia)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.13.00.05 - RICOH)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Secure Eraser (HKLM\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
SlimDrivers (HKLM\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Swing GZSZ (HKLM\...\Swing GZSZ) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Deployment Tools (HKLM\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-06-2014 12:26:50 Windows Update
13-06-2014 12:36:26 Windows Update
13-06-2014 13:42:18 Installed Java 8 Update 5
25-07-2014 06:42:35 avast! antivirus system restore point
25-07-2014 06:43:21 Windows Update
25-07-2014 07:18:50 Windows Update
31-08-2014 18:49:11 Windows Update
31-08-2014 18:59:15 Windows Update
01-09-2014 17:53:14 Revo Uninstaller's restore point - Search Protect
02-09-2014 08:44:07 icredimail
02-09-2014 08:45:47 Wiederherstellungsvorgang
02-09-2014 09:45:15 Windows Update
02-09-2014 11:43:34 SlimDrivers Installing Drivers
02-09-2014 12:20:41 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
02-09-2014 13:17:13 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2014-09-02 11:35 - 00450689 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0727D384-0561-48E5-A670-85FDA2E99706} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {36F045E6-8E33-40A1-82F1-CC62108513F1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-25] (AVAST Software)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {52B6D92E-9CB5-4BAA-89CC-1B59FB664F42} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {5905B529-409A-4927-B164-C95EFAB7E128} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {6F66ADFB-DE20-46F8-859E-41F1351617D5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {90794A0D-BC8B-4BFC-A09D-FDE3EB95C980} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {A669214A-2DE2-4190-8AB8-2BC891E7F082} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {BE2ECE0F-E419-416D-83FD-6C5D8466E0C1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-02] (Adobe Systems Incorporated)
Task: {BE3FC4A9-93A5-4D4D-9559-C3D1A624641E} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {CCB33123-040E-4A3A-8CB7-AF64E87A4138} - System32\Tasks\{E6A45C5C-3014-4907-9AD9-7BC375279425} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {CF862239-7043-4CBF-B574-FF92D6318519} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Männi => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2011-08-15] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (whitelisted) =============
2011-08-14 19:32 - 2014-07-25 08:51 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-03 10:27 - 2014-09-03 10:27 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll
2007-12-24 22:52 - 2007-09-30 20:34 - 00271760 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2007-12-24 22:52 - 2007-09-30 20:34 - 00255384 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2013-10-20 14:33 - 2014-07-25 08:52 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-06-16 10:52 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-25 15:56 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-06-16 10:52 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2007-07-12 13:55 - 2007-07-12 13:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 15:43 - 2007-08-14 15:43 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 13:55 - 2007-07-12 13:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2007-10-26 19:11 - 2007-01-09 12:25 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2014-07-25 15:56 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-25 15:56 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2008-12-18 12:05 - 2008-12-18 12:05 - 00457248 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2008-12-18 12:04 - 2008-12-18 12:04 - 00109088 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2008-12-18 12:05 - 2008-12-18 12:05 - 00191008 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2013-10-20 21:47 - 2013-10-20 21:47 - 00033128 _____ () C:\PROGRAM FILES\INCREDIMAIL\BIN\IMHttpComm.dll
2013-10-20 21:47 - 2013-10-20 21:47 - 00072104 _____ () C:\PROGRAM FILES\INCREDIMAIL\BIN\wlessfp1.dll
2013-10-20 21:47 - 2013-10-20 21:47 - 00272808 _____ () C:\PROGRAM FILES\INCREDIMAIL\BIN\ImLookExU.dll
2013-10-01 15:02 - 2013-10-01 15:02 - 00108888 _____ () C:\PROGRAM FILES\INCREDIMAIL\BIN\pmc.dll
2013-10-20 21:47 - 2013-10-20 21:47 - 00033128 _____ () C:\Program Files\IncrediMail\Bin\IMHttpComm.dll
2013-10-20 21:47 - 2013-10-20 21:47 - 00072104 _____ () C:\Program Files\IncrediMail\Bin\wlessfp1.dll
2013-10-20 21:47 - 2013-10-20 21:47 - 00272808 _____ () C:\Program Files\IncrediMail\Bin\ImLookExU.dll
2013-10-20 21:47 - 2013-10-20 21:47 - 00080296 _____ () C:\Program Files\IncrediMail\bin\ImAppRU.dll
2013-10-20 21:47 - 2013-10-20 21:47 - 00133544 _____ () C:\Program Files\IncrediMail\Bin\ImComUtlU.dll
2014-09-02 17:00 - 2014-09-02 17:00 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-08-31 20:56 - 2014-08-31 20:56 - 17048240 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2014 08:38:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0x1608, Anwendungsstartzeit mbam.exe0.
Error: (09/03/2014 08:34:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0x1450, Anwendungsstartzeit mbam.exe0.
Error: (09/03/2014 08:07:31 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MÄNNI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6I0K917Q.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (09/02/2014 07:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0xdc4, Anwendungsstartzeit mbam.exe0.
Error: (09/02/2014 04:34:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVOPENCL32.DLL> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (09/02/2014 04:34:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVOPENCL32.DLL> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (09/02/2014 04:34:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVCPLSETUPINT.EXE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (09/02/2014 04:34:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVCPLSETUPINT.EXE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (09/02/2014 04:34:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVPCIFLT.SYS> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (09/02/2014 04:34:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVPCIFLT.SYS> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
System errors:
=============
Error: (09/03/2014 07:53:28 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update
Error: (09/03/2014 07:47:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: QuickPlay Task Scheduler (QTS)QuickPlay Background Capture Service (QBCS)%%1070
Error: (09/03/2014 07:47:28 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: QuickPlay Background Capture Service (QBCS)
Error: (09/03/2014 07:46:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (09/02/2014 04:34:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: QuickPlay Task Scheduler (QTS)QuickPlay Background Capture Service (QBCS)%%1070
Error: (09/02/2014 04:34:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: QuickPlay Background Capture Service (QBCS)
Error: (09/02/2014 04:33:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (09/02/2014 03:29:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: HP Health Check Service%%1053
Error: (09/02/2014 03:29:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000HP Health Check Service
Error: (09/02/2014 03:24:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: QuickPlay Task Scheduler (QTS)QuickPlay Background Capture Service (QBCS)%%1070
Microsoft Office Sessions:
=========================
Error: (09/03/2014 08:38:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd160801cfc74121da1fc6
Error: (09/03/2014 08:34:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd145001cfc73d0490b4a6
Error: (09/03/2014 08:07:31 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\MÄNNI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6I0K917Q.DEFAULT\SAFEBROWSING-TO_DELETE
Error: (09/02/2014 07:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fddc401cfc6c21d85565d
Error: (09/02/2014 04:34:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVOPENCL32.DLL
Error: (09/02/2014 04:34:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVOPENCL32.DLL
Error: (09/02/2014 04:34:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVCPLSETUPINT.EXE
Error: (09/02/2014 04:34:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVCPLSETUPINT.EXE
Error: (09/02/2014 04:34:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVPCIFLT.SYS
Error: (09/02/2014 04:34:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\MÄNNI\{7602F033-9CC1-4D1F-B599-102BA00DA4F0}\NVPCIFLT.SYS
CodeIntegrity Errors:
===================================
Date: 2014-09-03 08:56:39.356
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:56:38.744
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:56:38.144
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:56:37.548
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:56:36.675
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:56:36.019
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:56:35.421
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:56:34.808
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:50:30.958
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 08:50:30.367
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-64
Percentage of memory in use: 69%
Total physical RAM: 2814.05 MB
Available physical RAM: 863.22 MB
Total Pagefile: 5854.51 MB
Available Pagefile: 3681.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.29 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:137.55 GB) (Free:72.99 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:149.05 GB) (Free:111.4 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:11.5 GB) (Free:2.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (gzsz_funpack) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 19BF5A6A)
Partition 1: (Active) - (Size=137.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: BAB9AB7E)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |