Results of screen317's Security Check version 0.99.93
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Kaspersky PURE 3.0
Antivirus up to date! (On Access scanning
disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader XI
Mozilla Firefox (34.0.5)
Google Chrome (39.0.2171.71)
Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
Kaspersky Lab Kaspersky PURE 3.0 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Franz at 2014-12-23 05:44:39
Running from C:\Users\Franz \Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky PURE 3.0 (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ARCHline.XP 2012 12.0.1.450 (HKLM-x32\...\{526F8F65-6A69-4683-AA88-42BB3321C622}_is1) (Version: - IT-Concept Software GmbH)
Benutzerhandbuch EPSON WF-7525 Series (HKLM-x32\...\EPSON WF-7525 Series Useg) (Version: - )
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Elements 9 Organizer (x32 Version: 9.0 - Ihr Firmenname) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Elevated Installer (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.70.0000 - EPSON)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-7525 Series Printer Uninstall (HKLM\...\EPSON WF-7525 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Garmin Express (HKLM-x32\...\{045320b6-c340-4960-aefd-57bf08a9b425}) (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HSB-Fenster V1.8 Hocoplast Austria (HKLM-x32\...\HSBFensterH1.8AT_is1) (Version: - IDAS GmbH)
Intel(R) Network Connections 19.3.141.0 (HKLM\...\PROSetDX) (Version: 19.3.141.0 - Intel)
Intel(R) Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 4.1.0.1046 - Intel Corporation)
ITC Items II 2.0.2011.0 (HKLM-x32\...\{3EF75973-8824-4E9D-BBDC-88AD4CDA9043}_is1) (Version: - IT-Concept Software GmbH)
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MFCDLL Shared Library - Retail Version (x32 Version: 6.0.8665.0 - Unknown) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyFreeCodec (HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\MyFreeCodec) (Version: - )
Netzwerkhandbuch EPSON WF-7525 Series (HKLM-x32\...\EPSON WF-7525 Series Netg) (Version: - )
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Opera Mail 1.0 (HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\Opera 1.0.1040) (Version: 1.0.1040 - Opera Software ASA)
Opera Stable 26.0.1656.32 (HKLM-x32\...\Opera 26.0.1656.32) (Version: 26.0.1656.32 - Opera Software ASA)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Schachermayer Warenkorb 2.7 (HKLM-x32\...\ST6UNST #1) (Version: - )
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Software Updater (HKLM-x32\...\{7B3A525D-9D3D-4618-AE52-A31DE98C8AC3}) (Version: 4.1.4 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC User ATL71 RTL X86 --- (x32 Version: 1.0 - Microsoft Corporation) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
08-12-2014 11:03:31 Windows-Sicherung
09-12-2014 07:28:49 Windows Update
11-12-2014 09:08:43 Windows Update
15-12-2014 11:39:53 Windows-Sicherung
16-12-2014 09:32:21 Windows Update
18-12-2014 08:52:49 Windows Update
20-12-2014 12:49:47 Wiederherstellungsvorgang
20-12-2014 12:59:18 Windows Update
20-12-2014 20:37:25 Windows Update
21-12-2014 19:00:29 Windows-Sicherung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {614D4B26-5F7B-41DB-8BB1-1D75954809A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-18] (Google Inc.)
Task: {64FC8BD3-A656-4E4A-8FF7-1BF2DA8556EE} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-10-21] ()
Task: {A1A49F0E-0299-481F-9437-6D52C33A22DF} - System32\Tasks\Opera scheduled Autoupdate 1416314036 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {AB0C26B9-B545-478B-97FA-31A9EBE2F6B4} - System32\Tasks\{42935CC0-7730-4F0A-B55F-24EA9FD2CDDC} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {B4096647-CA27-446A-B4B4-866428744D28} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {C9DF13B8-8F4F-4F84-A7CD-A2F6EE6FDD9B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-18] (Google Inc.)
Task: {F2C391A8-B508-4DAC-ABEA-12D6DA45C537} - System32\Tasks\{6D39F169-AAF5-4D58-973C-74B23C0A6A77} => pcalua.exe -a E:\Setup_64.exe -d E:\
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-11-12 17:28 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-12-14 10:11 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-14 10:11 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-14 10:11 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-14 10:11 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-11-12 17:57 - 2014-11-12 17:57 - 00020480 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\PSIClient\3e76857867a0d24857cfa272b019ec7d\PSIClient.ni.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-289083667-4207831305-1456943011-500 - Administrator - Disabled)
Franz (S-1-5-21-289083667-4207831305-1456943011-1001 - Administrator - Enabled) => C:\Users\Franz
Gast (S-1-5-21-289083667-4207831305-1456943011-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-289083667-4207831305-1456943011-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/23/2014 05:32:48 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/23/2014 01:08:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/23/2014 01:08:08 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (12/23/2014 01:07:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (12/22/2014 04:41:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/22/2014 04:40:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/22/2014 00:08:05 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (12/22/2014 00:07:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (12/22/2014 10:28:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2014 07:08:40 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Eine der Sicherungsdateien konnte nicht erstellt werden. (0x8078002A)"
System errors:
=============
Error: (12/22/2014 10:26:32 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber PCI hat eine ungültige ID für das untergeordnete Gerät (FFFFFFFFFFFFFFFF00) zurückgegeben.
Error: (12/21/2014 10:29:27 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-12-23 01:08:55.837
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-23 01:08:55.822
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-23 01:08:55.822
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-23 01:08:55.822
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-23 01:08:55.806
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-23 01:08:55.806
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-23 01:08:55.806
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-23 01:08:55.806
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-23 01:08:55.806
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-22 12:08:54.597
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E5-1620 v2 @ 3.70GHz
Percentage of memory in use: 23%
Total physical RAM: 16347.12 MB
Available physical RAM: 12531.7 MB
Total Pagefile: 32692.41 MB
Available Pagefile: 29224.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.37 GB) (Free:148.2 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:1694.8 GB) NTFS
Drive k: (INTENSO) (Fixed) (Total:931.28 GB) (Free:424.45 GB) FAT32
Drive m: (Hitachi) (Fixed) (Total:2794.51 GB) (Free:1193.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 6B625971)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0185435F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
========================================================
Disk: 8 (Size: 931.5 GB) (Disk ID: 34BFE9AB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)
==================== End Of Log ============================
--- --- ---
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Franz (administrator) on FRANZ -PC on 23-12-2014 05:44:19
Running from C:\Users\Franz \Downloads
Loaded Profile: Franz (Available profiles: Franz )
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHDE.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Spotify Ltd) C:\Users\Franz \AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [294896 2014-06-13] (Intel Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\Run: [GoogleChromeAutoLaunch_FDAFADA679E5F48E307A21E45132BA17] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHDE.EXE [241280 2014-11-19] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-10-21] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\Run: [Spotify Web Helper] => C:\Users\Franz \AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-21] (Spotify Ltd)
HKU\S-1-5-21-289083667-4207831305-1456943011-1001\...\RunOnce: [Adobe Speed Launcher] => 1419240428
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-289083667-4207831305-1456943011-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 213.33.99.70
FireFox:
========
FF ProfilePath: C:\Users\Franz \AppData\Roaming\Mozilla\Firefox\Profiles\kxpli8r7.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Franz \AppData\Roaming\Mozilla\Firefox\Profiles\kxpli8r7.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-12-17]
FF Extension: Adblock Plus - C:\Users\Franz \AppData\Roaming\Mozilla\Firefox\Profiles\kxpli8r7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-05]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-11-18]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "hxxp://www.google.at/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-18]
CHR Extension: (Google Docs) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-18]
CHR Extension: (Google Drive) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-18]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2014-11-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-18]
CHR Extension: (James White) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-12-16]
CHR Extension: (YouTube) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-18]
CHR Extension: (Google-Suche) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-18]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-11-18]
CHR Extension: (Google Tabellen) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-18]
CHR Extension: (CHIP Online) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjmdobefakhdbfdpnnopoaldabldbgd [2014-11-18]
CHR Extension: (Wetter Europa) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\gdjjeekgglojebicfpgmiaeaadnhfaol [2014-11-18]
CHR Extension: (Stoppuhr / Timer) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh [2014-11-18]
CHR Extension: (IP-Adresse) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-11-18]
CHR Extension: (Rechner) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2014-11-18]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2014-11-18]
CHR Extension: (Google Maps) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-11-18]
CHR Extension: (Kaspersky Protection) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-11-18]
CHR Extension: (Google Mail-Checker) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-11-18]
CHR Extension: (Google Wallet) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-18]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-11-18]
CHR Extension: (Google Mail) - C:\Users\Franz \AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-18]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [662592 2014-07-23] (SEIKO EPSON CORPORATION)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28144 2014-06-13] (Intel Corporation)
R0 iaStorS; C:\Windows\System32\DRIVERS\iaStorS.sys [658416 2014-06-13] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-11-18] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-11-18] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-11-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-11-18] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-11-18] ()
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 05:44 - 2014-12-23 05:44 - 00022030 _____ () C:\Users\Franz \Downloads\FRST.txt
2014-12-23 05:41 - 2014-12-23 05:41 - 00000897 _____ () C:\Users\Franz \Desktop\checkup.txt
2014-12-23 05:34 - 2014-12-23 05:34 - 00852505 _____ () C:\Users\Franz \Downloads\SecurityCheck.exe
2014-12-23 05:31 - 2014-12-23 05:31 - 00002819 _____ () C:\Users\Franz \Desktop\eset.txt
2014-12-22 16:40 - 2014-12-22 16:40 - 02347384 _____ (ESET) C:\Users\Franz \Downloads\esetsmartinstaller_deu.exe
2014-12-21 09:46 - 2014-12-21 09:47 - 00000699 _____ () C:\Users\Franz \Desktop\JRT.txt
2014-12-21 09:42 - 2014-12-21 09:42 - 01707646 _____ (Thisisu) C:\Users\Franz \Downloads\JRT.exe
2014-12-21 09:42 - 2014-12-21 09:42 - 00000000 ____D () C:\Windows\ERUNT
2014-12-21 09:36 - 2014-12-21 09:47 - 00001202 _____ () C:\Users\Franz \Desktop\mbam.txt
2014-12-20 13:02 - 2014-12-23 05:44 - 00000000 ____D () C:\FRST
2014-12-20 13:01 - 2014-12-20 13:01 - 02122240 _____ (Farbar) C:\Users\Franz \Downloads\FRST64.exe
2014-12-20 12:59 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-20 12:59 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-20 12:54 - 2014-12-23 03:08 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-20 12:54 - 2014-12-20 12:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-20 12:54 - 2014-12-20 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-20 12:54 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-20 12:54 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-20 12:54 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-20 12:53 - 2014-12-20 12:53 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Franz \Downloads\mbam-setup-2.0.4.1028.exe
2014-12-20 12:53 - 2014-12-20 12:53 - 02166272 _____ () C:\Users\Franz \Downloads\AdwCleaner_4.105.exe
2014-12-19 15:28 - 2014-12-20 12:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-19 15:28 - 2014-12-19 15:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-17 14:07 - 2014-12-17 14:07 - 00000000 ____D () C:\Users\Franz \AppData\Local\Macromedia
2014-12-17 13:02 - 2014-12-21 09:47 - 00011356 _____ () C:\Users\Franz \Desktop\AdwCleaner[S1].txt
2014-12-17 12:57 - 2014-12-21 09:41 - 00000000 ____D () C:\AdwCleaner
2014-12-16 13:06 - 2014-12-16 13:06 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2014-12-11 09:09 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 09:09 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 09:09 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 09:09 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 09:09 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 09:09 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 09:09 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 09:09 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 09:09 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 09:09 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 09:08 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 09:08 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 09:08 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 09:08 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 09:08 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 09:08 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 09:08 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 09:08 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 09:08 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 09:08 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 09:08 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 09:08 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 09:08 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 09:08 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 09:08 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 09:08 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 09:08 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 09:08 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 09:08 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 09:08 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 09:08 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 09:08 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 09:08 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 09:08 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 09:08 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 09:08 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 09:08 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 09:08 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 09:08 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 09:08 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 09:08 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 09:08 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 09:08 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 09:08 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 09:08 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 09:08 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 09:08 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 09:08 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 09:08 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 09:08 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 09:08 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 09:08 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 09:08 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 09:08 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 09:08 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 09:08 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 09:08 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 09:08 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 09:08 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 09:08 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 09:08 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 09:08 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 09:08 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 09:08 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 09:08 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 09:08 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 09:08 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 09:07 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 09:07 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 09:07 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 09:07 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 09:07 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 09:07 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 09:07 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 09:07 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 09:07 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 09:07 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 09:07 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 09:07 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 09:07 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 09:07 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 14:02 - 2014-12-09 14:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-28 12:30 - 2014-11-28 12:30 - 00001495 _____ () C:\Users\Franz \Desktop\SCH-Kataloge.lnk
2014-11-28 12:29 - 2014-11-28 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schachermayer Warenkorb
2014-11-28 12:29 - 2014-11-28 12:30 - 00000000 ____D () C:\glink
2014-11-28 12:29 - 2014-11-28 12:29 - 00368640 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-11-28 12:29 - 2014-11-28 12:29 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-11-28 12:23 - 2014-11-28 12:23 - 00229376 ____R (D.E.A.R.) C:\Windows\7FE1B8E1908011d4B33000001A112984.exe
2014-11-28 11:52 - 2014-11-28 12:29 - 00000000 ____D () C:\SCH-KATALOGE
2014-11-28 11:52 - 2014-11-28 11:52 - 00003058 _____ () C:\Windows\System32\Tasks\{42935CC0-7730-4F0A-B55F-24EA9FD2CDDC}
2014-11-24 08:49 - 2014-11-24 08:50 - 16533603 _____ () C:\Users\Franz \Downloads\KA_dwg.zip
2014-11-23 20:53 - 2014-11-23 20:57 - 14400270 _____ () C:\Users\Franz \Downloads\DS_Badewannen (1).zip
2014-11-23 20:53 - 2014-11-23 20:55 - 14400270 _____ () C:\Users\Franz \Downloads\DS_Badewannen.zip
2014-11-23 20:53 - 2014-11-23 20:55 - 08974626 _____ () C:\Users\Franz \Downloads\DS_Duschwaende.zip
2014-11-23 20:53 - 2014-11-23 20:53 - 01410661 _____ () C:\Users\Franz \Downloads\DS_Duschwannen.zip
2014-11-23 20:52 - 2014-11-23 21:04 - 57739706 _____ () C:\Users\Franz \Downloads\DU_cad.zip
2014-11-23 20:39 - 2014-11-23 20:41 - 14008516 _____ (IT-Concept Software GmbH ) C:\Users\Franz \Downloads\ITCItemsIISetup (1).exe
2014-11-23 19:10 - 2014-11-23 19:10 - 00000000 ____D () C:\Users\Franz \AppData\Roaming\Google
2014-11-23 19:09 - 2014-11-23 19:10 - 08028952 _____ () C:\Users\Franz \Desktop\dressed_Table.skp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 05:28 - 2014-11-20 12:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-23 05:10 - 2014-11-18 17:05 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-23 04:40 - 2014-11-12 16:32 - 01557727 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 04:29 - 2014-11-18 12:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-22 17:10 - 2014-11-18 17:05 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-22 14:28 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-22 10:48 - 2014-11-21 13:37 - 00000000 ____D () C:\Users\Franz \AppData\Roaming\Spotify
2014-12-22 10:41 - 2011-04-12 08:43 - 00699726 _____ () C:\Windows\system32\perfh007.dat
2014-12-22 10:41 - 2011-04-12 08:43 - 00149364 _____ () C:\Windows\system32\perfc007.dat
2014-12-22 10:41 - 2009-07-14 06:13 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-22 10:39 - 2014-11-21 13:38 - 00000000 ____D () C:\Users\Franz \AppData\Local\Spotify
2014-12-22 10:33 - 2009-07-14 05:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-22 10:33 - 2009-07-14 05:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-22 10:26 - 2014-11-12 17:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-22 10:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-22 10:26 - 2009-07-14 05:51 - 00066954 _____ () C:\Windows\setupact.log
2014-12-21 10:28 - 2014-11-19 10:20 - 00000000 ____D () C:\ProgramData\EPSON
2014-12-20 13:01 - 2014-11-18 13:33 - 00003864 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416314036
2014-12-20 13:01 - 2014-11-18 13:33 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-20 12:56 - 2010-11-21 04:47 - 00018150 _____ () C:\Windows\PFRO.log
2014-12-20 12:51 - 2014-11-12 16:31 - 00000000 ____D () C:\Users\Franz
2014-12-20 12:50 - 2014-11-18 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-20 12:50 - 2014-11-12 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-20 12:50 - 2014-11-12 17:28 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-20 12:50 - 2014-11-12 17:24 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-20 12:50 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2014-12-20 12:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-20 12:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-17 14:06 - 2014-11-18 13:17 - 00000000 ____D () C:\Users\Franz \AppData\Local\Adobe
2014-12-14 10:11 - 2014-11-18 17:06 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 17:03 - 2014-11-19 11:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 14:17 - 2014-11-18 17:53 - 00000000 ____D () C:\Users\Franz \Documents\ARCHline.XP 2012 Projekte
2014-12-11 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 09:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 09:11 - 2014-11-18 15:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 09:11 - 2014-11-10 16:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 09:10 - 2014-11-10 16:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 12:28 - 2014-11-20 12:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 12:28 - 2014-11-20 12:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 12:28 - 2014-11-20 12:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 18:24 - 2014-11-19 09:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 11:59 - 2014-11-12 16:31 - 00000000 ____D () C:\Users\Franz \AppData\Roaming\Adobe
2014-11-28 12:29 - 2014-03-31 22:46 - 01077344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 20:41 - 2014-11-21 19:43 - 00001035 _____ () C:\Users\Public\Desktop\ITC Items II.lnk
2014-11-23 20:41 - 2014-11-21 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ITC Items II
2014-11-23 20:41 - 2014-11-21 19:43 - 00000000 ____D () C:\Program Files (x86)\ITC Items II
Some content of TEMP:
====================
C:\Users\Franz \AppData\Local\Temp\EPCPSetup.EXE
C:\Users\Franz \AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Franz \AppData\Local\Temp\nvStInst.exe
C:\Users\Franz \AppData\Local\Temp\ose00000.exe
C:\Users\Franz \AppData\Local\Temp\Quarantine.exe
C:\Users\Franz \AppData\Local\Temp\sqlite3.dll
C:\Users\Franz \AppData\Local\Temp\YourFileDownloaderGcoNZWbUqB.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 12:40
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e91630634f71ce4a8431af583bceb697
# engine=21668
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-22 11:46:23
# local_time=2014-12-23 12:46:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky PURE 3.0'
# compatibility_mode=1289 16777213 100 99 55178 110702851 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 218816 170921833 0 0
# scanned=975724
# found=19
# cleaned=0
# scan_time=28892
sh=3705A508A98B68DFDCF3AE2A675E813886F92BF9 ft=1 fh=a746711c3dea4da0 vn="Variante von Win32/ExpressDownloader.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Franz \AppData\Local\Temp\2B4lPleRM9.tmp"
sh=3705A508A98B68DFDCF3AE2A675E813886F92BF9 ft=1 fh=a746711c3dea4da0 vn="Variante von Win32/ExpressDownloader.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Franz \AppData\Local\Temp\4qFCEQwxP5.tmp"
sh=3705A508A98B68DFDCF3AE2A675E813886F92BF9 ft=1 fh=a746711c3dea4da0 vn="Variante von Win32/ExpressDownloader.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Franz \AppData\Local\Temp\YourFileDownloaderGcoNZWbUqB.exe"
sh=81D3BC5422CD7CEEA7B97D67DFF8775696DBEFE3 ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.BQ evtl. unerwünschte Anwendung" ac=I fn="K:\ERAZER\Backup Set 2014-08-02 110235\Backup Files 2014-08-02 110235\Backup files 38.zip"
sh=2A2DE9C79B997068DFD35A7040797F0C8DE7D6AB ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.I evtl. unerwünschte Anwendung" ac=I fn="K:\ERAZER\Backup Set 2014-08-02 110235\Backup Files 2014-08-02 110235\Backup files 39.zip"
sh=5A01055EC3C8F46B94DAFA1476768115CB343D43 ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.BQ evtl. unerwünschte Anwendung" ac=I fn="K:\ERAZER\Backup Set 2014-09-28 125019\Backup Files 2014-09-28 125019\Backup files 39.zip"
sh=881207164169FA011225791F61E47D02A203B422 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="K:\Franz\AppData\Local\Google\Chrome\Solo_292015\Default\Extensions\caoeoilliikemaoebhegdiljnccebgal\1\516ed1a1a35c13.74427837.js"
sh=881207164169FA011225791F61E47D02A203B422 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="K:\Franz\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoeoilliikemaoebhegdiljnccebgal\1\516ed1a1a35c13.74427837.js"
sh=BE3A5951F9D566E9C0B10B41781E42A3A8562B12 ft=1 fh=bfe637157b287a9d vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="K:\Franz\AppData\Roaming\BabSolution\Shared\enhancedNT.dll"
sh=881207164169FA011225791F61E47D02A203B422 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="M:\PerfLogs\AppData\Local\Google\Chrome\Solo_292015\Default\Extensions\caoeoilliikemaoebhegdiljnccebgal\1\516ed1a1a35c13.74427837.js"
sh=881207164169FA011225791F61E47D02A203B422 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="M:\PerfLogs\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoeoilliikemaoebhegdiljnccebgal\1\516ed1a1a35c13.74427837.js"
sh=881207164169FA011225791F61E47D02A203B422 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="M:\Users\Franz\AppData\Local\Google\Chrome\Solo_292015\Default\Extensions\caoeoilliikemaoebhegdiljnccebgal\1\516ed1a1a35c13.74427837.js"
sh=881207164169FA011225791F61E47D02A203B422 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="M:\Users\Franz\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoeoilliikemaoebhegdiljnccebgal\1\516ed1a1a35c13.74427837.js"
sh=BE3A5951F9D566E9C0B10B41781E42A3A8562B12 ft=1 fh=bfe637157b287a9d vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="M:\Users\Franz\AppData\Roaming\BabSolution\Shared\enhancedNT.dll"
sh=9E066125AD5CA9472345A9AD683ECC1E4814DDFC ft=0 fh=0000000000000000 vn="Win32/Packed.ScrambleWrapper.D evtl. unerwünschte Anwendung" ac=I fn="M:\XW-4600\Backup Set 2014-05-25 190004\Backup Files 2014-05-25 190004\Backup files 30.zip"
sh=E4C4C1F20A2B72099929E40174AE1DB75404BCB4 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="M:\XW-4600\Backup Set 2014-05-25 190004\Backup Files 2014-05-25 190004\Backup files 32.zip"
sh=4258DA56014687839CF2D5E1C1D8A25F4DF13CDC ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="M:\XW-4600\Backup Set 2014-05-25 190004\Backup Files 2014-05-25 190004\Backup files 33.zip"
sh=2445C73E16DF5318776259834F5E799A3FE88A8E ft=0 fh=0000000000000000 vn="Win32/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="M:\XW-4600\Backup Set 2014-05-25 190004\Backup Files 2014-05-25 190004\Backup files 4.zip"
sh=0E6CD4F1A3DBBD6414A065D9640A88D03888F05B ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="M:\XW-4600\Backup Set 2014-05-25 190004\Backup Files 2014-05-25 190004\Backup files 45.zip"
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
