| jannisjansen | 07.02.2015 14:01 |
Code:
# AdwCleaner v4.110 - Bericht erstellt 07/02/2015 um 12:57:56
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x86)
# Benutzername : Jannis - NEWUSER-EJJB0RL
# Gestarted von : C:\Users\Jannis\Downloads\AdwCleaner_4.110.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : pricemeterliveUpdate
[#] Dienst Gelöscht : pricemeterliveUpdatem
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\2308189059
[!] Ordner Gelöscht : C:\ProgramData\PriceMeterLiveUpdate
Ordner Gelöscht : C:\ProgramData\8e67e68130d81da8
[!] Ordner Gelöscht : C:\Program Files\PriceMeterLiveUpdate
Ordner Gelöscht : C:\Program Files\SearchProtect
Ordner Gelöscht : C:\Users\Jannis\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\Jannis\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Jannis\AppData\Local\PriceMeterLiveUpdate
Ordner Gelöscht : C:\Users\Jannis\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Jannis\AppData\Local\torch
Ordner Gelöscht : C:\Users\Jannis\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\Jannis\AppData\Roaming\Advanced System Protector
Ordner Gelöscht : C:\Users\Jannis\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Jannis\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Ordner Gelöscht : C:\Users\Jannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Ordner Gelöscht : C:\Users\Jannis\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Ordner Gelöscht : C:\Users\Jannis\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ncmikhmcepigcleihlgoaipfdbcdngag
Datei Gelöscht : C:\Windows\system32\SecureAssist.ini
Datei Gelöscht : C:\Windows\system32\SecureAssistOff.ini
Datei Gelöscht : C:\Users\Jannis\AppData\Roaming\Mozilla\Firefox\Profiles\qptok6q6.default\searchplugins\trovi-search.xml
Datei Gelöscht : C:\Users\Jannis\AppData\Roaming\Mozilla\Firefox\Profiles\qptok6q6.default\user.js
***** [ Geplante Tasks ] *****
Task Gelöscht : pricemeterdownloader
Task Gelöscht : PriceMeterLiveUpdateUpdateTaskMachineCore
Task Gelöscht : PriceMeterLiveUpdateUpdateTaskMachineUA
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceMeterLiveUpdate.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickCtrl.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.Update3WebControl.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9
Schlüssel Gelöscht : HKLM\SOFTWARE\CLASSES\Boost.BoostBho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\CLASSES\Boost.BoostBho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{126C78A0-36E7-4697-A3AB-32706144398B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8D73A258-9787-4AE7-9232-41036673FD0E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00A154AE-6C33-4F1E-9057-242350540936}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03EF41A4-BA24-4E49-A2C0-E1D047299287}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{126C78A0-36E7-4697-A3AB-32706144398B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{130CCD34-0382-48E5-B307-0E7E72166828}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26D25DD5-F17A-4D93-9A94-997E2124EEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30279F40-D76B-443C-A34D-F43B35B35CE1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30D1E30D-B7F5-4C7A-8EDA-9F02966538A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{41C35ADE-DEDA-439F-8140-D53F2C76C963}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4211E851-747F-4470-923D-6EF683EE79CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{45F8961E-1314-421E-9F00-BDDE18CF8EA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4825ACAD-F495-4CDD-9603-9C91BABB2B88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5B60D1C0-453A-485D-AE91-61FAC9203719}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74930D00-2198-46FE-B6BC-FEEC60C666C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D0AA0-DC0E-44C9-A398-C874F04D55A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{89449F37-4AB2-46ED-A566-BB3A7797701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8D73A258-9787-4AE7-9232-41036673FD0E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9D24562E-40EC-4E46-B57C-700352059B55}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B1F29F0C-2EC8-487B-97C2-8B8FEA6CEF14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C0756D99-64A1-4332-B783-A5A1B571D431}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CE2102F0-DF63-452E-9CA7-0F75FF4DDD4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CF0A778A-DDA0-4492-9804-EF38C9A9F1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D1C6444C-CC06-4060-A486-736DEAFD9C16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8746A3A-A372-4C8B-96E5-B58F6474EB19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DADFCC6F-66D2-4E1D-A01B-7064CAD2F583}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88C20E16-1EB7-40CE-820C-6CFCB41B1D2F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41634761-D0BA-4C1A-9AC2-04AEE9511370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E860F65C-6645-411C-A662-E12E25FD3A93}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2299856A-6506-42E3-A34F-CD35A47C1B19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89449F37-4AB2-46ED-A566-BB3A7797701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30D1E30D-B7F5-4C7A-8EDA-9F02966538A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89449F37-4AB2-46ED-A566-BB3A7797701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Schlüssel Gelöscht : HKCU\Software\Boost
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PriceMeterLiveUpdate
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Rr Savings
Schlüssel Gelöscht : HKLM\SOFTWARE\Boost
Schlüssel Gelöscht : HKLM\SOFTWARE\DealPlyLive
Schlüssel Gelöscht : HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\SOFTWARE\PriceMeterLiveUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{739027FD-0200-4F32-A9AC-8E4058065C1A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SearchProtect\SearchProtect\bin\VC32Loader.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\013AC89AE8CD1D45889FDECE68DF5C58
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\13FCB74451B14F755A9489A45D48059A
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3A8D788750C70AA57A73B2319DF554AE
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3FB1AAC4382437047A03618BF727B859
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\592A2C0FFC3C7855AA30F38A3C25B7DA
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A426544C5826DA5292547521114EC1F
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CC5ECDC1EDBB7615D81C34F1B6A68589
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D35F7D2F9958FA155AE7953C4A2EE959
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB01B45D33D99A85CB09D2FCEABE5EAC
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF720937002023F49ACAE8048560C5A1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8B501B6E56F182443979D1DFA8309BD4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\DF720937002023F49ACAE8048560C5A1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\8B501B6E56F182443979D1DFA8309BD4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\DF720937002023F49ACAE8048560C5A1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\8B501B6E56F182443979D1DFA8309BD4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PriceMeterLiveUpdate.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v35.0.1 (x86 de)
[qptok6q6.default\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=MDD72D8D3-DC83-49E3-BF03-9681AFF69CA6&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP77FF2A8B-34C7-44C[...]
[qptok6q6.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "Trovi search");
[qptok6q6.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "Trovi search");
[qptok6q6.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=MDD72D8D3-DC83-49E3-BF03-9681AFF69CA6&SearchSource=55&CUI=&UM=8&UP=SP77FF2A8B-34C7-44C9-9713[...]
-\\ Google Chrome v
-\\ Comodo Dragon v
-\\ Opera v27.0.1689.66
-\\ Chrome Canary v
*************************
AdwCleaner[R0].txt - [16850 Bytes] - [07/02/2015 12:51:10]
AdwCleaner[R1].txt - [16910 Bytes] - [07/02/2015 12:56:08]
AdwCleaner[S0].txt - [16532 Bytes] - [07/02/2015 12:57:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16592 Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 18.04.2014 12:07:15, SYSTEM, NEWUSER-EJJB0RL, Protection, Malware Protection, Starting,
Protection, 18.04.2014 12:07:15, SYSTEM, NEWUSER-EJJB0RL, Protection, Malware Protection, Started,
Protection, 18.04.2014 12:07:16, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Starting,
Protection, 18.04.2014 12:08:32, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Started,
Protection, 18.04.2014 12:22:01, SYSTEM, NEWUSER-EJJB0RL, Protection, Malware Protection, Starting,
Protection, 18.04.2014 12:22:01, SYSTEM, NEWUSER-EJJB0RL, Protection, Malware Protection, Started,
Protection, 18.04.2014 12:22:01, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Starting,
Protection, 18.04.2014 12:22:29, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Started,
Update, 18.04.2014 12:38:30, SYSTEM, NEWUSER-EJJB0RL, Scheduler, Malware Database, 2014.4.17.7, 2014.4.18.3,
Protection, 18.04.2014 12:38:33, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Starting,
Protection, 18.04.2014 12:38:33, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopping,
Protection, 18.04.2014 12:38:34, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopped,
Protection, 18.04.2014 12:38:57, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Success,
Protection, 18.04.2014 12:38:57, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Starting,
Protection, 18.04.2014 12:38:58, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Started,
Update, 18.04.2014 15:16:38, SYSTEM, NEWUSER-EJJB0RL, Scheduler, Malware Database, 2014.4.18.3, 2014.4.18.4,
Protection, 18.04.2014 15:16:41, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Starting,
Protection, 18.04.2014 15:16:41, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopping,
Protection, 18.04.2014 15:16:42, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopped,
Protection, 18.04.2014 15:17:10, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Success,
Protection, 18.04.2014 15:17:10, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Starting,
Protection, 18.04.2014 15:17:11, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Started,
Update, 18.04.2014 16:04:44, SYSTEM, NEWUSER-EJJB0RL, Scheduler, Malware Database, 2014.4.18.4, 2014.4.18.5,
Protection, 18.04.2014 16:04:46, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Starting,
Protection, 18.04.2014 16:04:46, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopping,
Protection, 18.04.2014 16:04:47, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopped,
Protection, 18.04.2014 16:05:18, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Success,
Protection, 18.04.2014 16:05:18, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Starting,
Protection, 18.04.2014 16:05:19, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Started,
Update, 18.04.2014 16:58:46, SYSTEM, NEWUSER-EJJB0RL, Scheduler, Malware Database, 2014.4.18.5, 2014.4.18.6,
Protection, 18.04.2014 16:58:48, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Starting,
Protection, 18.04.2014 16:58:48, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopping,
Protection, 18.04.2014 16:58:50, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopped,
Protection, 18.04.2014 16:59:18, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Success,
Protection, 18.04.2014 16:59:18, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Starting,
Protection, 18.04.2014 16:59:19, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Started,
Protection, 18.04.2014 17:37:13, SYSTEM, NEWUSER-EJJB0RL, Protection, Malware Protection, Starting,
Protection, 18.04.2014 17:37:13, SYSTEM, NEWUSER-EJJB0RL, Protection, Malware Protection, Started,
Protection, 18.04.2014 17:37:13, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Starting,
Protection, 18.04.2014 17:37:35, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Started,
Update, 18.04.2014 19:18:35, SYSTEM, NEWUSER-EJJB0RL, Scheduler, Malware Database, 2014.4.18.6, 2014.4.18.7,
Protection, 18.04.2014 19:18:37, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Starting,
Protection, 18.04.2014 19:18:37, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopping,
Protection, 18.04.2014 19:18:40, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Stopped,
Protection, 18.04.2014 19:19:10, SYSTEM, NEWUSER-EJJB0RL, Protection, Refresh, Success,
Protection, 18.04.2014 19:19:10, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Starting,
Protection, 18.04.2014 19:19:13, SYSTEM, NEWUSER-EJJB0RL, Protection, Malicious Website Protection, Started,
(end)
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-02-2015 01
Ran by Jannis (administrator) on NEWUSER-EJJB0RL on 07-02-2015 13:56:59
Running from C:\Users\Jannis\Desktop
Loaded Profiles: Jannis (Available profiles: Jannis)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(FSPro Labs) C:\Program Files\My Lockbox\mylbx.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Elgato Systems) C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe
(CSIS Security Group) C:\Program Files\Heimdal\Client\HeimdalAgent.exe
(Dropbox, Inc.) C:\Users\Jannis\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CSIS Security Group) C:\Program Files\Heimdal\Service\HeimdalAgentService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2305288 2014-06-25] (FSPro Labs)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [1904640 2009-04-23] (AVM Berlin)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\...\Run: [Remote Control Editor] => C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe [1699912 2010-10-26] (Elgato Systems)
HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\...\MountPoints2: {ad467996-c19a-11e3-8db2-00237d49f174} - D:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Heimdal.lnk
ShortcutTarget: Heimdal.lnk -> C:\Program Files\Heimdal\Client\HeimdalAgent.exe (CSIS Security Group)
Startup: C:\Users\Jannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.afb24.com
HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.afb24.com
HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 09 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 10 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 11 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 12 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\..\Interfaces\{D1CC4EFC-5E29-4A3C-A4EE-F792B6181ACF}: [NameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Jannis\AppData\Roaming\Mozilla\Firefox\Profiles\qptok6q6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jannis\AppData\Roaming\Mozilla\Firefox\Profiles\qptok6q6.default\Extensions\abs@avira.com [2015-02-02]
FF Extension: Facebook profile picture revealer - C:\Users\Jannis\AppData\Roaming\Mozilla\Firefox\Profiles\qptok6q6.default\Extensions\jid1-UvjUdyxSwWa06Q122@jetpack.xpi [2014-11-28]
FF Extension: Adblock Plus - C:\Users\Jannis\AppData\Roaming\Mozilla\Firefox\Profiles\qptok6q6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
Chrome:
=======
CHR Profile: C:\Users\Jannis\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [368640 2009-04-23] (AVM Berlin) [File not signed]
S2 HeimdalSecureDNS; C:\Program Files\Heimdal\HeimdalSecureDNS\DnsService.exe [93344 2014-12-11] (Microsoft)
R2 HeimdalService; C:\Program Files\Heimdal\Service\HeimdalAgentService.exe [133280 2014-12-11] (CSIS Security Group)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S4 UI Assistant Service; C:\Program Files\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-09-17] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-04-15] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2009-04-23] (AVM Berlin) [File not signed]
S3 b06diag; C:\Windows\system32\drivers\bxdiagx.sys [75816 2012-03-08] (Broadcom Corporation)
S3 BFN7x86; C:\Windows\system32\drivers\Xeno7x86.sys [130152 2012-02-22] (Bigfoot Networks, Inc.)
S3 BFNVis32; C:\Windows\system32\drivers\XenoVx86.sys [129640 2011-01-14] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [150568 2012-02-22] (Broadcom Corporation)
S3 BXOIS; C:\Windows\system32\drivers\bxois.sys [435240 2012-02-22] (Broadcom Corporation)
S3 e36gbus; C:\Windows\system32\drivers\e36gbus.sys [285056 2009-06-30] (MCCI Corporation)
S3 e36gmgmt; C:\Windows\system32\drivers\e36gmgmt.sys [357376 2009-06-30] (MCCI Corporation)
S3 e36wgps; C:\Windows\system32\drivers\e36wgps.sys [82984 2009-07-10] (Ericsson AB)
S3 ecnssndis; C:\Windows\System32\Drivers\wwanuss.sys [10240 2009-09-22] (Ericsson AB)
S3 ecnssndisfltr; C:\Windows\System32\Drivers\wwanussf.sys [14848 2009-09-22] (Ericsson AB)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [51760 2011-06-03] (FSPro Labs)
S3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [5888 2006-11-01] (FUJITSU LIMITED)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [440832 2009-04-23] (AVM GmbH)
S3 GzTpHid; C:\Windows\system32\drivers\GzTpHid.sys [24576 2006-11-29] (GUNZE)
S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x32.sys [334096 2012-04-20] (Intel(R) Corporation)
S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X32.sys [69392 2012-04-20] (Intel(R) Corporation)
S3 ioatdma1; C:\Windows\System32\Drivers\qd16032.sys [36552 2009-11-16] (Intel Corporation)
S3 ioatdma2; C:\Windows\System32\Drivers\qd26032.sys [37576 2009-11-16] (Intel Corporation)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2011-03-26] (MBB Incorporated)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-07] (Malwarebytes Corporation)
S3 MEI; C:\Windows\system32\drivers\HECI.sys [40832 2009-06-24] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 risdpcie; C:\Windows\system32\drivers\risdpe86.sys [47616 2009-10-28] (REDC)
S3 rixdpcie; C:\Windows\system32\drivers\rixdpe86.sys [38912 2009-09-28] (REDC)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [585920 2010-01-18] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [549952 2010-01-18] (eMPIA Technology, Inc.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
S3 wisdpen; C:\Windows\system32\drivers\wisdpen.sys [30888 2008-03-27] (Wacom Technology)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 13:56 - 2015-02-07 13:58 - 00014775 _____ () C:\Users\Jannis\Desktop\FRST.txt
2015-02-07 13:52 - 2015-02-07 13:52 - 00005028 _____ () C:\Users\Jannis\Desktop\mbam.txt
2015-02-07 13:52 - 2015-02-07 13:52 - 00005028 _____ () C:\mbam.txt
2015-02-07 13:09 - 2015-02-07 13:09 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jannis\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-07 12:47 - 2015-02-07 12:58 - 00000000 ____D () C:\AdwCleaner
2015-02-07 12:47 - 2015-02-07 12:47 - 02112512 _____ () C:\Users\Jannis\Downloads\AdwCleaner_4.110.exe
2015-02-07 12:40 - 2015-02-07 12:40 - 00000000 ____D () C:\Program Files\SEARCH~1
2015-02-05 19:10 - 2015-02-05 19:10 - 00001234 _____ () C:\Users\Jannis\Desktop\Revo Uninstaller.lnk
2015-02-05 19:10 - 2015-02-05 19:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-05 19:09 - 2015-02-05 19:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jannis\Downloads\revosetup95.exe
2015-02-04 21:17 - 2015-02-07 13:57 - 00000000 ____D () C:\FRST
2015-02-04 21:17 - 2015-02-04 21:28 - 00033820 _____ () C:\Users\Jannis\Downloads\FRST.txt
2015-02-04 21:16 - 2015-02-04 21:16 - 02131968 _____ (Farbar) C:\Users\Jannis\Downloads\FRST64.exe
2015-02-04 21:15 - 2015-02-04 21:15 - 01123328 _____ (Farbar) C:\Users\Jannis\Desktop\FRST.exe
2015-02-04 15:52 - 2015-02-04 15:52 - 02347384 _____ (ESET) C:\Users\Jannis\Downloads\esetsmartinstaller_deu.exe
2015-02-04 15:41 - 2015-02-04 15:41 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Jannis\Downloads\tdsskiller.exe
2015-02-04 07:36 - 2015-02-04 07:36 - 00152664 _____ () C:\Windows\Minidump\020415-31184-01.dmp
2015-02-03 09:12 - 2015-02-03 09:12 - 00152664 _____ () C:\Windows\Minidump\020315-20514-01.dmp
2015-02-02 22:11 - 2015-02-03 17:52 - 00000000 ____D () C:\Users\Jannis\AppData\Local\avaxvavya
2015-02-01 18:51 - 2015-02-01 18:51 - 00016840 _____ () C:\Users\Jannis\AppData\Local\recently-used.xbel
2015-02-01 18:33 - 2015-02-01 18:33 - 02685176 _____ () C:\Users\Jannis\Desktop\hoodie3teiler.xcf
2015-01-31 10:11 - 2015-01-31 10:11 - 00152664 _____ () C:\Windows\Minidump\013115-24164-01.dmp
2015-01-30 17:43 - 2015-01-30 17:43 - 00001103 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-28 21:18 - 2015-01-28 21:18 - 01519986 _____ () C:\Users\Jannis\Documents\metall geschwungen 1.xcf
2015-01-27 21:15 - 2015-01-27 21:15 - 00326686 _____ () C:\Users\Jannis\Desktop\mdwldkurz3.wav
2015-01-27 21:15 - 2015-01-27 21:15 - 00326686 _____ () C:\Users\Jannis\Desktop\mdwldkurz2.wav
2015-01-27 21:14 - 2015-01-27 21:14 - 00652350 _____ () C:\Users\Jannis\Desktop\mdwldbass.wav
2015-01-27 21:14 - 2015-01-27 21:14 - 00326686 _____ () C:\Users\Jannis\Desktop\mdwldhoch.wav
2015-01-27 21:13 - 2015-01-27 21:13 - 00978010 _____ () C:\Users\Jannis\Desktop\mdwld5.wav
2015-01-27 21:13 - 2015-01-27 21:13 - 00408102 _____ () C:\Users\Jannis\Desktop\mdwldbass1.wav
2015-01-27 21:12 - 2015-01-27 21:12 - 01303674 _____ () C:\Users\Jannis\Desktop\trippy2.wav
2015-01-27 21:12 - 2015-01-27 21:12 - 01303674 _____ () C:\Users\Jannis\Desktop\mdwld2.wav
2015-01-27 21:11 - 2015-01-27 21:11 - 00652350 _____ () C:\Users\Jannis\Desktop\mdwld 1.wav
2015-01-27 17:55 - 2015-01-27 17:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 00:39 - 2015-01-26 00:39 - 00152664 _____ () C:\Windows\Minidump\012615-19078-01.dmp
2015-01-24 21:00 - 2015-01-24 21:00 - 09032439 _____ () C:\Users\Jannis\Downloads\deep_house_drum_samples.zip
2015-01-22 17:02 - 2015-01-22 17:02 - 00009712 _____ () C:\Users\Jannis\Desktop\hijackthis.log
2015-01-22 16:43 - 2015-01-22 16:43 - 00010321 _____ () C:\Users\Jannis\Downloads\rbaanmeldung.aup
2015-01-22 16:39 - 2015-01-22 16:39 - 01191200 _____ () C:\Users\Jannis\Downloads\HijackThis - CHIP-Installer.exe
2015-01-22 15:57 - 2015-01-22 15:57 - 00000000 ____D () C:\Program Files\FFmpeg for Audacity
2015-01-22 15:56 - 2015-01-22 15:56 - 09957947 _____ ( ) C:\Users\Jannis\Downloads\ffmpeg-win-2.2.2.exe
2015-01-22 15:53 - 2015-01-22 15:53 - 00000000 ____D () C:\Users\Jannis\Downloads\rbaanmeldung_data
2015-01-22 13:44 - 2015-01-22 13:45 - 33813736 _____ () C:\Users\Jannis\Downloads\Figub Brazlevič - Come Get Some(2).wav
2015-01-18 20:48 - 2015-01-20 00:15 - 00002125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-01-18 13:46 - 2015-01-18 13:46 - 00001998 _____ () C:\Users\Jannis\Desktop\FL Studio 11.lnk
2015-01-18 13:46 - 2015-01-18 13:46 - 00000000 ____D () C:\Program Files\VstPlugins
2015-01-18 13:32 - 2015-01-18 13:45 - 00000000 ____D () C:\Program Files\Image-Line
2015-01-18 13:08 - 2015-01-18 13:48 - 00000000 ____D () C:\Users\Jannis\Downloads\FL Studio Producer Edition 11.1.1 (32-64 bit) (Reg R2R) [ChingLiu]
2015-01-18 13:07 - 2015-01-18 13:07 - 00000822 _____ () C:\Users\Jannis\Desktop\µTorrent.lnk
2015-01-18 13:07 - 2015-01-18 13:07 - 00000802 _____ () C:\Users\Jannis\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-18 13:05 - 2015-01-18 13:06 - 01678928 _____ (BitTorrent Inc.) C:\Users\Jannis\Downloads\uTorrent.exe
2015-01-18 13:02 - 2015-01-18 20:15 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\uTorrent
2015-01-18 13:01 - 2015-01-18 13:01 - 00015078 _____ () C:\Users\Jannis\Downloads\[kickass.so]fl.studio.producer.edition.11.1.1.32.64.bit.reg.r2r.chingliu.torrent
2015-01-17 14:26 - 2015-01-22 11:57 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\Skype
2015-01-17 14:26 - 2015-01-17 14:26 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-17 14:26 - 2015-01-17 14:26 - 00000000 ____D () C:\Users\Jannis\AppData\Local\Skype
2015-01-17 14:26 - 2015-01-17 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-17 14:25 - 2015-01-17 14:26 - 00000000 ___RD () C:\Program Files\Skype
2015-01-17 14:25 - 2015-01-17 14:26 - 00000000 ____D () C:\ProgramData\Skype
2015-01-17 14:25 - 2015-01-17 14:25 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-01-17 13:27 - 2015-01-17 13:27 - 00000136 _____ () C:\Users\Jannis\Downloads\PASSWORD+for+F15tud1011crack.txt
2015-01-17 13:16 - 2015-01-17 13:16 - 00000000 ____D () C:\Users\Jannis\Documents\Patch-Fl studio 11.1.1
2015-01-16 22:23 - 2015-01-16 22:23 - 00002306 _____ () C:\Users\Jannis\Desktop\Installer.exe.lnk
2015-01-16 22:23 - 2015-01-16 22:23 - 00000000 ____D () C:\Users\Jannis\AppData\Local\Opera Software
2015-01-16 22:22 - 2015-01-16 22:22 - 00001105 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-01-16 22:22 - 2015-01-16 22:22 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-16 22:22 - 2015-01-16 22:22 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\Opera Software
2015-01-16 22:15 - 2015-02-03 17:50 - 00000000 ____D () C:\Program Files\Opera
2015-01-15 20:14 - 2015-01-15 20:39 - 00000000 ____D () C:\Users\Jannis\Documents\VirtualDJ
2015-01-15 20:14 - 2015-01-15 20:14 - 00000920 _____ () C:\Users\Jannis\Desktop\VirtualDJ 8.lnk
2015-01-15 20:14 - 2015-01-15 20:14 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-01-15 20:14 - 2015-01-15 20:14 - 00000000 ____D () C:\Program Files\VirtualDJ
2015-01-14 20:23 - 2015-01-14 20:23 - 01498844 _____ () C:\Users\Jannis\Desktop\Samuel Barber_ Adagio für Streicher_7.wav
2015-01-14 20:21 - 2015-01-14 20:21 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\Image-Line
2015-01-14 18:57 - 2015-02-07 13:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-14 18:57 - 2015-02-05 18:39 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-14 18:57 - 2015-02-05 18:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-14 18:20 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 18:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 18:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 18:20 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 18:19 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 18:19 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 20:07 - 2015-01-24 20:31 - 00000000 ____D () C:\Users\Jannis\Downloads\samples
2015-01-13 16:42 - 2015-01-13 16:41 - 01084440 _____ () C:\Users\Jannis\Desktop\zeugnisse.tif
2015-01-13 16:41 - 2015-01-13 16:41 - 01084440 _____ () C:\Users\Jannis\Downloads\001.tif
2015-01-12 21:19 - 2015-01-12 21:19 - 00001108 _____ () C:\Users\Jannis\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2015-01-12 21:19 - 2015-01-12 21:19 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-01-12 21:19 - 2015-01-12 21:19 - 00000000 ____D () C:\Program Files\ASIO4ALL v2
2015-01-12 21:01 - 2015-01-12 21:01 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\TuneUp Software
2015-01-12 21:01 - 2015-01-12 21:01 - 00000000 ____D () C:\Users\Jannis\AppData\Local\TuneUp Software
2015-01-12 20:59 - 2015-01-12 21:21 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-12 20:59 - 2015-01-12 20:59 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-01-12 20:58 - 2015-01-18 13:46 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-01-12 20:58 - 2015-01-12 20:58 - 00000000 ____D () C:\Users\Jannis\Documents\Image-Line
2015-01-12 20:58 - 2015-01-12 20:58 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2015-01-12 20:57 - 2015-01-12 20:57 - 00000000 ____D () C:\Program Files\DSPRobotics
2015-01-11 22:49 - 2015-01-11 22:49 - 00022852 _____ () C:\Users\Jannis\Downloads\Freddie Joachim - Call Out My Name (Instrumental).aup
2015-01-11 22:49 - 2015-01-11 22:49 - 00013705 _____ () C:\Users\Jannis\Downloads\Freddie Joachim - Better Days.aup
2015-01-11 22:49 - 2015-01-11 22:49 - 00000000 ____D () C:\Users\Jannis\Downloads\Freddie Joachim - Call Out My Name (Instrumental)_data
2015-01-11 22:49 - 2015-01-11 22:49 - 00000000 ____D () C:\Users\Jannis\Downloads\Freddie Joachim - Better Days_data
2015-01-11 19:53 - 2015-01-11 19:53 - 00015859 _____ () C:\Users\Jannis\Downloads\Freddie Joachim - Meditation.aup
2015-01-11 19:53 - 2015-01-11 19:53 - 00000000 ____D () C:\Users\Jannis\Downloads\Freddie Joachim - Meditation_data
2015-01-10 21:41 - 2015-01-10 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2015-01-10 21:41 - 2015-01-10 21:41 - 00000000 ____D () C:\Program Files\avmwlanstick
2015-01-10 21:31 - 2009-04-23 01:02 - 00480560 ____N (AVM Berlin) C:\Windows\instwcli.dex
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 13:56 - 2009-07-14 05:34 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-07 13:56 - 2009-07-14 05:34 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-07 13:52 - 2014-04-08 12:15 - 01443020 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 13:49 - 2014-08-19 14:46 - 00000000 ___RD () C:\Users\Jannis\Dropbox
2015-02-07 13:49 - 2014-08-19 14:42 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\Dropbox
2015-02-07 13:49 - 2014-04-15 23:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-07 13:47 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-07 13:47 - 2009-07-14 05:39 - 00092101 _____ () C:\Windows\setupact.log
2015-02-07 13:11 - 2014-04-15 23:19 - 00001072 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-07 13:11 - 2014-04-15 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-07 13:11 - 2014-04-15 23:18 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-07 12:59 - 2010-11-20 22:48 - 00063784 _____ () C:\Windows\PFRO.log
2015-02-07 12:48 - 2014-06-19 14:05 - 00000000 ____D () C:\Program Files\Java
2015-02-04 07:42 - 2014-05-12 11:12 - 00000000 ____D () C:\Users\Jannis\.gimp-2.8
2015-02-04 07:36 - 2014-04-15 20:04 - 216570342 _____ () C:\Windows\MEMORY.DMP
2015-02-04 07:36 - 2014-04-15 20:04 - 00000000 ____D () C:\Windows\Minidump
2015-02-01 18:34 - 2014-05-12 11:22 - 00000000 ____D () C:\Users\Jannis\AppData\Local\gtk-2.0
2015-01-30 17:43 - 2014-08-14 12:55 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-30 17:43 - 2014-04-15 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-30 17:42 - 2014-04-15 17:44 - 00000000 ____D () C:\Program Files\Avira
2015-01-28 17:21 - 2014-04-15 23:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-27 20:06 - 2015-01-05 15:34 - 00000000 ____D () C:\Users\Jannis\Desktop\Tor Browser
2015-01-24 11:47 - 2009-07-14 05:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-22 16:43 - 2014-05-07 11:33 - 00000000 ____D () C:\Users\Jannis\AppData\Roaming\Audacity
2015-01-20 00:15 - 2014-04-08 12:32 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-01-20 00:15 - 2014-04-08 12:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-01-18 20:28 - 2014-04-16 14:49 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-13 22:07 - 2014-04-11 18:07 - 00000000 ____D () C:\Users\Jannis\AppData\Local\VirtualStore
2015-01-10 21:41 - 2014-04-11 19:00 - 00015999 _____ () C:\Windows\AVMInstall.Log
==================== Files in the root of some directories =======
2015-02-01 18:51 - 2015-02-01 18:51 - 0016840 _____ () C:\Users\Jannis\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\Jannis\AppData\Local\Temp\avgnt.exe
C:\Users\Jannis\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4znwk4.dll
C:\Users\Jannis\AppData\Local\Temp\Quarantine.exe
C:\Users\Jannis\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-03 01:41
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-02-2015 01
Ran by Jannis at 2015-02-07 13:59:04
Running from C:\Users\Jannis\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\...\uTorrent) (Version: 3.4.2.37951 - BitTorrent Inc.)
1&1 Surf-Stick (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version: - AVM Berlin)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cinergy HTC Stick V5.09.1202.00 (HKLM\...\Cinergy HTC Stick) (Version: 5.09.1202.00 - )
Dropbox (HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Heimdal (HKLM\...\Heimdal) (Version: 1.10.3.686 - CSIS Security Group)
IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Lockbox 3.3 (HKLM\...\My Lockbox_is1) (Version: 3.3 - )
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 27.0.1689.66 (HKLM\...\Opera 27.0.1689.66) (Version: 27.0.1689.66 - Opera Software ASA)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TerraTec Home Cinema (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.17.2 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.64.00.00 - )
VirtualDJ 8 (HKLM\...\{13E44DA9-FE06-4298-9179-BEF27214B47B}) (Version: 8.0.2094.0 - Atomix Productions)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1237994443-3614625185-4166156757-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jannis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
01-02-2015 16:07:19 Windows Update
05-02-2015 18:43:51 Windows Update
05-02-2015 19:11:54 Revo Uninstaller's restore point - Genesis
05-02-2015 19:17:30 Revo Uninstaller's restore point - Genesis
07-02-2015 12:35:56 Revo Uninstaller's restore point - Search Protect
07-02-2015 12:40:53 Revo Uninstaller's restore point - Search Protect
07-02-2015 12:43:51 Revo Uninstaller's restore point - Supporter 1.80
07-02-2015 12:45:39 Revo Uninstaller's restore point - Java 7 Update 75
07-02-2015 12:46:11 Removed Java 7 Update 75
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {15A1A76F-126E-4F7C-9593-38BAC3ED0170} - System32\Tasks\{41625069-BE63-43E6-ADF6-46A8B4AE0443} => pcalua.exe -a C:\Users\Jannis\AVM_Driver\FWLAN\pushinst.exe -d C:\Users\Jannis\AVM_Driver\FWLAN
Task: {2AB446A7-0D5B-4BC3-9A7B-92174C970EC9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4E8B2627-F10B-41ED-9EB1-4329E945EB57} - System32\Tasks\Opera scheduled Autoupdate 1421443316 => C:\Program Files\Opera\launcher.exe [2015-02-02] (Opera Software)
Task: {5108D4FB-7850-4C1E-98F5-0B58EAE4C8E1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5622B6B4-EC9A-492B-B5A3-F1E7CAC5D1B2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {66E9E0AD-5B15-4403-AE03-D08E550A4B07} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7164971B-1ABE-4F24-AFD6-4FF34FA30DA1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A8487A7D-7F3C-40E7-A131-84C6C720600D} - System32\Tasks\{7B57AABF-19BF-4160-B14E-208B3CDB732C} => pcalua.exe -a C:\Users\Jannis\AVM_Driver\FWLAN\setup.exe -d C:\Users\Jannis\AVM_Driver\FWLAN
Task: {AAE476B3-F207-4FE0-BC53-0AF028014B74} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {B002AC5C-EC94-4EF8-9461-296C3AC2973E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B3220F84-09B2-421C-825D-765D150F9134} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {B76956CD-BCA0-401E-839C-9EECAEB951B7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {C9AE05D3-B996-47D0-B81D-0619F4333B9C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {F157EE8A-7C38-43CE-B9C8-41008FEB0FD4} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2014-04-16 14:49 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-04-16 14:49 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Jannis\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-07 13:48 - 2015-02-07 13:48 - 00043008 _____ () c:\users\jannis\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4znwk4.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Jannis\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Jannis\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Jannis\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-04-16 14:49 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-04-16 14:49 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-04-16 14:49 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-27 17:56 - 2015-01-27 17:56 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1237994443-3614625185-4166156757-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jannis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1237994443-3614625185-4166156757-500 - Administrator - Disabled)
Gast (S-1-5-21-1237994443-3614625185-4166156757-501 - Limited - Disabled)
Jannis (S-1-5-21-1237994443-3614625185-4166156757-1000 - Administrator - Enabled) => C:\Users\Jannis
==================== Faulty Device Manager Devices =============
Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/07/2015 01:48:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2015 01:01:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Name des fehlerhaften Moduls: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007d28a
ID des fehlerhaften Prozesses: 0xd74
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (02/07/2015 01:01:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2015 01:01:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 2.0.23.0, Zeitstempel: 0x52f2947e
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xbc0
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (02/07/2015 00:35:44 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {ab104cfe-bcc8-4e6e-805e-ffaefc2cd478}
Error: (02/07/2015 00:31:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Name des fehlerhaften Moduls: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007d28a
ID des fehlerhaften Prozesses: 0xd18
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (02/07/2015 00:30:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2015 00:30:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 2.0.23.0, Zeitstempel: 0x52f2947e
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xb14
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (02/07/2015 00:02:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Name des fehlerhaften Moduls: mbamservice.exe, Version: 2.1.9.0, Zeitstempel: 0x530619b7
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007d28a
ID des fehlerhaften Prozesses: 0x470
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (02/07/2015 00:02:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/07/2015 01:48:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Heimdal Secure DNS Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/07/2015 01:48:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Heimdal Secure DNS Service erreicht.
Error: (02/07/2015 01:02:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/07/2015 01:01:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/07/2015 01:01:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.
Error: (02/07/2015 01:01:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/07/2015 01:01:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
Error: (02/07/2015 01:00:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Heimdal Secure DNS Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/07/2015 01:00:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Heimdal Secure DNS Service erreicht.
Error: (02/07/2015 00:59:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Microsoft Office Sessions:
=========================
Error: (02/07/2015 01:48:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2015 01:01:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28ad7401d042cdc72489ceC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe0e4f98b7-aec1-11e4-86c1-001f3f0b26d8
Error: (02/07/2015 01:01:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2015 01:01:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdbc001d042cdb9a8fe81C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll044e28ff-aec1-11e4-86c1-001f3f0b26d8
Error: (02/07/2015 00:35:44 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {ab104cfe-bcc8-4e6e-805e-ffaefc2cd478}
Error: (02/07/2015 00:31:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28ad1801d042c980ced490C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes Anti-Malware\mbamservice.execffb3d34-aebc-11e4-9e55-001f3f0b26d8
Error: (02/07/2015 00:30:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/07/2015 00:30:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdb1401d042c97174ad9bC:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dllbd1b13c8-aebc-11e4-9e55-00237d49f174
Error: (02/07/2015 00:02:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28a47001d04260e6ba060aC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe2dd209f1-ae54-11e4-969d-001f3f0b26d8
Error: (02/07/2015 00:02:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-08-23 16:09:30.567
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-23 15:53:57.028
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-23 14:21:49.346
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-23 12:47:41.169
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 23:37:35.058
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 16:48:16.102
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 14:01:58.550
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 13:44:33.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 12:58:40.945
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 12:52:49.280
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 54%
Total physical RAM: 1977.32 MB
Available physical RAM: 892.67 MB
Total Pagefile: 3954.63 MB
Available Pagefile: 2342.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.05 MB
==================== Drives ================================
Drive c: (Windows7) (Fixed) (Total:141.24 GB) (Free:51.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 51664085)
Partition 1: (Active) - (Size=7.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=141.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
AdwCleaner auf deinen Desktop.