Simi1961 | 23.05.2015 10:15 | Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 23.05.2015
Suchlauf-Zeit: 07:42:28
Logdatei: mbamlog.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.05.22.06
Rootkit Datenbank: v2015.05.16.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Aktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: G72B20SG
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 387676
Verstrichene Zeit: 36 Min, 59 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)
Registrierungswerte: 0
(Keine schädliche Elemente gefunden)
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 5
PUP.Optional.MindSpark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\MapsGalaxy_39, , [515db5e1197137ffe62a0cd00cf7bd43],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\chrome, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\META-INF, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\plugins, , [edc195018efc6accebb32b39bc4a5ca4],
Dateien: 10
PUP.Optional.MindSpark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\MapsGalaxy_39\17F643A5-B8F4-44CC-88E8-18084E9C4CA2.sqlite, , [515db5e1197137ffe62a0cd00cf7bd43],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\install.rdf, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\bootstrap.js, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\chrome.manifest, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\install_old.rdf, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\chrome\39ffxtbr.jar, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\META-INF\manifest.mf, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\META-INF\zigbert.rsa, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\META-INF\zigbert.sf, , [edc195018efc6accebb32b39bc4a5ca4],
PUP.Optional.Mindspark.A, C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\39ffxtbr@www.mapsgalaxy.com\plugins\NativeMessagingDispatcher.dll, , [edc195018efc6accebb32b39bc4a5ca4],
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end) Code:
# AdwCleaner v4.205 - Bericht erstellt 23/05/2015 um 08:49:56
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : G72B20SG - G72B20SG-HP
# Gestarted von : C:\Users\G72B20SG\Desktop\AdwCleaner_4.205.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\Extensions\39ffxtbr@www.mapsgalaxy.com
Datei Gelöscht : C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v38.0.1 (x86 de)
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.BUTTON_STRUCTURE", "[{\"b\":224610910,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224610911,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.browser.version.last", "38.0");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.firstKnownVersion", "7.13.6.54581");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=17F643A5-B8F4-44CC-88E8-18084E9C4CA2&n=781b40ec&p2=^UX^xpt568^LADEDE^de&si=245051_DDM-DE-Main");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.initialized", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installKeysSource", "Cookies");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installType", "XPI");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.contextKey", "");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.installDate", "2015052012");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerId", "^UX^xpt568^LADEDE^de");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerSubId", "245051_DDM-DE-Main");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.pixelUrl", "hxxp://www.mapsgalaxy.com/install_pixels.jhtml?partner=^UX^xpt568^LADEDE^de&sub_id=245051_DDM-DE-Main&coId=b480b0d9ca954a25[...]
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.success", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.toolbarId", "17F643A5-B8F4-44CC-88E8-18084E9C4CA2");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.isCompliantUninstallImplementation", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.lastActivePing", "1432360154772");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.lastKnownVersion", "7.13.6.54581");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.options.defaultSearch", false);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.options.homePageEnabled", false);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.options.keywordEnabled", false);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.options.tabEnabled", false);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.partnerPixelFired", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.successUrl", "hxxp://www.mapsgalaxy.com/installComplete.jhtml");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.toolbarCollapsed", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com");
-\\ Google Chrome v43.0.2357.65
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [2438 Bytes] - [26/09/2014 14:37:17]
AdwCleaner[R10].txt - [2845 Bytes] - [25/11/2014 11:03:29]
AdwCleaner[R11].txt - [2194 Bytes] - [21/12/2014 14:50:43]
AdwCleaner[R12].txt - [2321 Bytes] - [04/04/2015 16:33:09]
AdwCleaner[R13].txt - [2488 Bytes] - [29/04/2015 13:26:24]
AdwCleaner[R14].txt - [2452 Bytes] - [05/05/2015 11:13:37]
AdwCleaner[R15].txt - [2572 Bytes] - [05/05/2015 17:52:22]
AdwCleaner[R16].txt - [2692 Bytes] - [08/05/2015 18:28:00]
AdwCleaner[R17].txt - [6826 Bytes] - [23/05/2015 08:48:07]
AdwCleaner[R1].txt - [1093 Bytes] - [29/09/2014 13:05:11]
AdwCleaner[R2].txt - [1153 Bytes] - [29/09/2014 13:29:55]
AdwCleaner[R3].txt - [1258 Bytes] - [01/10/2014 13:50:41]
AdwCleaner[R4].txt - [1379 Bytes] - [02/10/2014 12:31:14]
AdwCleaner[R5].txt - [1499 Bytes] - [07/10/2014 08:19:52]
AdwCleaner[R6].txt - [1619 Bytes] - [10/10/2014 13:03:47]
AdwCleaner[R7].txt - [1696 Bytes] - [14/10/2014 11:41:27]
AdwCleaner[R8].txt - [1696 Bytes] - [14/10/2014 12:50:54]
AdwCleaner[R9].txt - [1816 Bytes] - [16/10/2014 16:29:37]
AdwCleaner[S0].txt - [2382 Bytes] - [26/09/2014 14:49:39]
AdwCleaner[S10].txt - [2257 Bytes] - [21/12/2014 14:52:45]
AdwCleaner[S11].txt - [2381 Bytes] - [04/04/2015 16:34:31]
AdwCleaner[S12].txt - [2467 Bytes] - [29/04/2015 13:29:16]
AdwCleaner[S13].txt - [2512 Bytes] - [05/05/2015 11:15:56]
AdwCleaner[S14].txt - [2632 Bytes] - [05/05/2015 17:56:46]
AdwCleaner[S15].txt - [2752 Bytes] - [08/05/2015 18:29:22]
AdwCleaner[S16].txt - [6439 Bytes] - [23/05/2015 08:49:56]
AdwCleaner[S1].txt - [1215 Bytes] - [29/09/2014 13:31:45]
AdwCleaner[S2].txt - [1320 Bytes] - [01/10/2014 13:53:00]
AdwCleaner[S3].txt - [1440 Bytes] - [02/10/2014 12:34:23]
AdwCleaner[S4].txt - [1560 Bytes] - [07/10/2014 08:21:22]
AdwCleaner[S5].txt - [1680 Bytes] - [10/10/2014 13:05:37]
AdwCleaner[S6].txt - [1749 Bytes] - [14/10/2014 11:43:48]
AdwCleaner[S7].txt - [1749 Bytes] - [14/10/2014 12:53:05]
AdwCleaner[S8].txt - [1869 Bytes] - [16/10/2014 16:38:09]
AdwCleaner[S9].txt - [2737 Bytes] - [25/11/2014 11:06:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S16].txt - [7030 Bytes] ########## Code:
# AdwCleaner v4.205 - Bericht erstellt 23/05/2015 um 08:49:56
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : G72B20SG - G72B20SG-HP
# Gestarted von : C:\Users\G72B20SG\Desktop\AdwCleaner_4.205.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\Extensions\39ffxtbr@www.mapsgalaxy.com
Datei Gelöscht : C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v38.0.1 (x86 de)
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.BUTTON_STRUCTURE", "[{\"b\":224610910,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224610911,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.browser.version.last", "38.0");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.firstKnownVersion", "7.13.6.54581");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=17F643A5-B8F4-44CC-88E8-18084E9C4CA2&n=781b40ec&p2=^UX^xpt568^LADEDE^de&si=245051_DDM-DE-Main");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.initialized", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installKeysSource", "Cookies");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installType", "XPI");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.contextKey", "");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.installDate", "2015052012");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerId", "^UX^xpt568^LADEDE^de");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerSubId", "245051_DDM-DE-Main");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.pixelUrl", "hxxp://www.mapsgalaxy.com/install_pixels.jhtml?partner=^UX^xpt568^LADEDE^de&sub_id=245051_DDM-DE-Main&coId=b480b0d9ca954a25[...]
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.success", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.installation.toolbarId", "17F643A5-B8F4-44CC-88E8-18084E9C4CA2");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.isCompliantUninstallImplementation", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.lastActivePing", "1432360154772");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.lastKnownVersion", "7.13.6.54581");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.options.defaultSearch", false);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.options.homePageEnabled", false);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.options.keywordEnabled", false);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.options.tabEnabled", false);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.partnerPixelFired", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.successUrl", "hxxp://www.mapsgalaxy.com/installComplete.jhtml");
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._39Members_.toolbarCollapsed", true);
[5tw0gy5k.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com");
-\\ Google Chrome v43.0.2357.65
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [2438 Bytes] - [26/09/2014 14:37:17]
AdwCleaner[R10].txt - [2845 Bytes] - [25/11/2014 11:03:29]
AdwCleaner[R11].txt - [2194 Bytes] - [21/12/2014 14:50:43]
AdwCleaner[R12].txt - [2321 Bytes] - [04/04/2015 16:33:09]
AdwCleaner[R13].txt - [2488 Bytes] - [29/04/2015 13:26:24]
AdwCleaner[R14].txt - [2452 Bytes] - [05/05/2015 11:13:37]
AdwCleaner[R15].txt - [2572 Bytes] - [05/05/2015 17:52:22]
AdwCleaner[R16].txt - [2692 Bytes] - [08/05/2015 18:28:00]
AdwCleaner[R17].txt - [6826 Bytes] - [23/05/2015 08:48:07]
AdwCleaner[R1].txt - [1093 Bytes] - [29/09/2014 13:05:11]
AdwCleaner[R2].txt - [1153 Bytes] - [29/09/2014 13:29:55]
AdwCleaner[R3].txt - [1258 Bytes] - [01/10/2014 13:50:41]
AdwCleaner[R4].txt - [1379 Bytes] - [02/10/2014 12:31:14]
AdwCleaner[R5].txt - [1499 Bytes] - [07/10/2014 08:19:52]
AdwCleaner[R6].txt - [1619 Bytes] - [10/10/2014 13:03:47]
AdwCleaner[R7].txt - [1696 Bytes] - [14/10/2014 11:41:27]
AdwCleaner[R8].txt - [1696 Bytes] - [14/10/2014 12:50:54]
AdwCleaner[R9].txt - [1816 Bytes] - [16/10/2014 16:29:37]
AdwCleaner[S0].txt - [2382 Bytes] - [26/09/2014 14:49:39]
AdwCleaner[S10].txt - [2257 Bytes] - [21/12/2014 14:52:45]
AdwCleaner[S11].txt - [2381 Bytes] - [04/04/2015 16:34:31]
AdwCleaner[S12].txt - [2467 Bytes] - [29/04/2015 13:29:16]
AdwCleaner[S13].txt - [2512 Bytes] - [05/05/2015 11:15:56]
AdwCleaner[S14].txt - [2632 Bytes] - [05/05/2015 17:56:46]
AdwCleaner[S15].txt - [2752 Bytes] - [08/05/2015 18:29:22]
AdwCleaner[S16].txt - [6439 Bytes] - [23/05/2015 08:49:56]
AdwCleaner[S1].txt - [1215 Bytes] - [29/09/2014 13:31:45]
AdwCleaner[S2].txt - [1320 Bytes] - [01/10/2014 13:53:00]
AdwCleaner[S3].txt - [1440 Bytes] - [02/10/2014 12:34:23]
AdwCleaner[S4].txt - [1560 Bytes] - [07/10/2014 08:21:22]
AdwCleaner[S5].txt - [1680 Bytes] - [10/10/2014 13:05:37]
AdwCleaner[S6].txt - [1749 Bytes] - [14/10/2014 11:43:48]
AdwCleaner[S7].txt - [1749 Bytes] - [14/10/2014 12:53:05]
AdwCleaner[S8].txt - [1869 Bytes] - [16/10/2014 16:38:09]
AdwCleaner[S9].txt - [2737 Bytes] - [25/11/2014 11:06:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S16].txt - [7030 Bytes] ########## Entschuldigung für den Doppelpost,aber irgendwie spinnt der Antwortenbutton bei mir. Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.7 (05.23.2015:1)
OS: Windows 7 Home Premium x64
Ran by G72B20SG on 23.05.2015 at 9:02:13,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster SkipUAC (G72B20SG)
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Update
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho112E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho232D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2F2B.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4867.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4F02.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho56B1.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5CB.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6869.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6D47.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho91BA.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9493.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho95DB.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho96C4.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA436.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA5AD.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCFFF.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD587.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEBA4.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoECB.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF36B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF54C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF6A.tmp
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\G72B20SG\AppData\Roaming\mozilla\firefox\profiles\5tw0gy5k.default\prefs.js
user_pref(extensions.iobitascsurfingprotection@iobit.com.install-event-fired, true);
user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\G72B20SG\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\5tw0gy5k.defa
Emptied folder: C:\Users\G72B20SG\AppData\Roaming\mozilla\firefox\profiles\5tw0gy5k.default\minidumps [4 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\G72B20SG\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.05.2015 at 9:11:49,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by G72B20SG (administrator) on G72B20SG-HP on 23-05-2015 09:19:26
Running from C:\Users\G72B20SG\Desktop
Loaded Profiles: G72B20SG (Available Profiles: G72B20SG)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [161304 2010-06-22] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [386584 2010-06-22] (Intel Corporation)
HKLM-x32\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [414744 2010-06-22] (Intel Corporation)
HKLM-x32\...\Run: [autoclk] => C:\Windows\autoclk.exe [176128 2006-02-15] ()
HKLM-x32\...\Run: [adiras] => C:\Windows\adiras.exe [143360 2006-02-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-19] (Avast Software s.r.o.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\Run: [REVAService] => C:\Program Files (x86)\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe [23040 2008-10-12] (LG Electronics)
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\Policies\system: [DisableLockWorkstation] 1
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\Policies\system: [DisableChangePassword] 1
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-19] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {6518AD9C-83FA-4B03-9C60-37177ED1BDCA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {71B1211B-9353-4059-A415-93E2AEC42415} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {6518AD9C-83FA-4B03-9C60-37177ED1BDCA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {71B1211B-9353-4059-A415-93E2AEC42415} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000 -> {6518AD9C-83FA-4B03-9C60-37177ED1BDCA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000 -> {71B1211B-9353-4059-A415-93E2AEC42415} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-05-20] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-19] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-19] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-19] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-17] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.189.1
FireFox:
========
FF ProfilePath: C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-09-19] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\searchplugins\google-images.xml [2014-06-28]
FF SearchPlugin: C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\searchplugins\google-maps.xml [2014-06-28]
FF SearchPlugin: C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\searchplugins\search_engine.xml [2014-09-16]
FF Extension: Avira Browser Safety - C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\Extensions\abs@avira.com [2015-04-27]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\Extensions\iobitascsurfingprotection@iobit.com [2015-05-20]
FF Extension: HP Detect - C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-09-18]
FF Extension: Cliqz Beta - C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\Extensions\cliqz@cliqz.com.xpi [2014-06-30]
FF Extension: Adblock Plus - C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-31]
FF HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\G72B20SG\AppData\Roaming\Mozilla\Firefox\Profiles\5tw0gy5k.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR Profile: C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-19]
CHR Extension: (Google Docs) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17]
CHR Extension: (Google Drive) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17]
CHR Extension: (YouTube) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-17]
CHR Extension: (Google Search) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-17]
CHR Extension: (Google Sheets) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-19]
CHR Extension: (Avira Browser Safety) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-19]
CHR Extension: (Bookmark Manager) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-19]
CHR Extension: (Avast Online Security) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-19]
CHR Extension: (Gmail) - C:\Users\G72B20SG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-17]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-19] (Avast Software s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-10-25] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-10-25] (BlueStack Systems, Inc.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) []
S2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-07-02] ()
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) []
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [295128 2015-05-20] (Realtek Semiconductor)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-17] (Realtek Semiconductor Corp.) []
S2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [296400 2009-03-03] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-19] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-19] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-19] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-19] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-19] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-19] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-19] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-19] ()
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-05-06] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-10-25] (BlueStack Systems)
S1 DeskLock; C:\Windows\System32\drivers\DeskLock.sys [17920 2009-03-28] (TopLang Software) []
S3 esgiguard; No ImagePath
S3 ewsercd; C:\Windows\System32\DRIVERS\ewsercd.sys [112896 2010-03-18] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Huawei Technologies Co., Ltd.) []
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-20] (REALiX(tm))
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-05-20] (Synaptics Incorporated)
S3 StMp3Recx64; C:\Windows\System32\Drivers\StMp3Recx64.sys [26112 2007-01-12] (Generic)
S3 UsbEvdomAtc; C:\Windows\System32\DRIVERS\lgevdom64atc.sys [27136 2008-08-26] (LG Electronics Inc.)
S3 usbevdombus; C:\Windows\System32\DRIVERS\lgevdom64bus.sys [18432 2008-08-26] (LG Electronics Inc.)
S3 UsbEvdomDiag; C:\Windows\System32\DRIVERS\lgevdom64diag.sys [27136 2008-08-26] (LG Electronics Inc.)
S3 USBEVDOmModem; C:\Windows\System32\DRIVERS\lgevdom64modem.sys [29696 2008-08-26] (LG Electronics Inc.)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-23 09:19 - 2015-05-23 09:19 - 00000000 ____D () C:\Users\G72B20SG\Desktop\FRST-OlderVersion
2015-05-23 09:11 - 2015-05-23 09:11 - 00002887 _____ () C:\Users\G72B20SG\Desktop\JRT.txt
2015-05-23 09:01 - 2015-05-23 09:02 - 00001481 _____ () C:\Users\G72B20SG\Desktop\JRT(1) - Verknüpfung.lnk
2015-05-23 09:01 - 2015-05-23 09:01 - 02721010 _____ (Thisisu) C:\Users\G72B20SG\Downloads\JRT(1).exe
2015-05-23 08:47 - 2015-05-23 08:47 - 02222592 _____ () C:\Users\G72B20SG\Desktop\AdwCleaner_4.205.exe
2015-05-22 17:56 - 2015-05-22 17:56 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-05-22 17:56 - 2015-05-22 17:56 - 00000000 ____D () C:\Program Files (x86)\GPU-Z
2015-05-22 17:54 - 2015-03-16 16:38 - 01713824 _____ (techPowerUp (www.techpowerup.com)) C:\Users\G72B20SG\Desktop\GPU-Z.0.8.2.exe
2015-05-22 10:15 - 2015-05-22 10:15 - 00032339 _____ () C:\ComboFix.txt
2015-05-22 10:04 - 2015-05-23 07:34 - 00001048 _____ () C:\Windows\PFRO.log
2015-05-22 09:44 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-22 09:44 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-22 09:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-22 09:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-22 09:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-22 09:44 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-22 09:44 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-22 09:44 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-22 09:40 - 2015-05-22 10:16 - 00000000 ____D () C:\Qoobox
2015-05-22 09:39 - 2015-05-22 10:12 - 00000000 ____D () C:\Windows\erdnt
2015-05-22 09:38 - 2015-05-22 09:38 - 00001501 _____ () C:\Users\G72B20SG\Desktop\ComboFix - Verknüpfung.lnk
2015-05-22 09:37 - 2015-05-22 09:37 - 05627500 ____R (Swearware) C:\Users\G72B20SG\Downloads\ComboFix.exe
2015-05-21 07:48 - 2015-05-21 07:49 - 00045348 _____ () C:\Users\G72B20SG\Desktop\Addition.txt
2015-05-21 07:47 - 2015-05-23 09:19 - 00022768 _____ () C:\Users\G72B20SG\Desktop\FRST.txt
2015-05-21 07:46 - 2015-05-23 09:19 - 00000000 ____D () C:\FRST
2015-05-21 07:41 - 2015-05-23 09:19 - 02108416 _____ (Farbar) C:\Users\G72B20SG\Desktop\FRST64.exe
2015-05-21 07:38 - 2015-05-21 07:38 - 00000478 _____ () C:\Users\G72B20SG\Desktop\defogger_disable.log
2015-05-21 07:35 - 2015-05-21 07:35 - 00050477 _____ () C:\Users\G72B20SG\Desktop\Defogger.exe
2015-05-21 05:54 - 2015-05-23 08:52 - 00000448 _____ () C:\Windows\setupact.log
2015-05-21 05:54 - 2015-05-21 05:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-21 04:59 - 2015-05-21 04:59 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-21 04:59 - 2015-05-21 04:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-20 16:27 - 2015-05-20 16:27 - 00001260 _____ () C:\Users\G72B20SG\Desktop\Startup Manager.lnk
2015-05-20 16:10 - 2015-05-20 16:10 - 00110080 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-05-20 16:10 - 2015-05-20 16:10 - 00094720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2015-05-20 16:02 - 2015-05-20 16:03 - 11750864 _____ (IObit ) C:\Users\G72B20SG\Downloads\driver_booster_setup.exe
2015-05-20 15:42 - 2015-05-20 15:42 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-05-20 15:42 - 2015-05-20 15:42 - 04467928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-20 15:42 - 2015-05-20 15:42 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 02907864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 02846424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-20 15:42 - 2015-05-20 15:42 - 02014958 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-05-20 15:42 - 2015-05-20 15:42 - 01739992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 01559744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-05-20 15:42 - 2015-05-20 15:42 - 00168816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-20 15:41 - 2015-05-20 15:41 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-05-20 15:41 - 2015-05-20 15:41 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-05-20 15:26 - 2015-05-20 15:26 - 77824000 _____ () C:\Windows\system32\config\software.iobit
2015-05-20 15:26 - 2015-05-20 15:26 - 55185408 _____ () C:\Windows\system32\config\components.iobit
2015-05-20 15:26 - 2015-05-20 15:26 - 00884736 _____ () C:\Windows\system32\config\default.iobit
2015-05-20 15:26 - 2015-05-20 15:26 - 00061440 _____ () C:\Windows\system32\config\sam.iobit
2015-05-20 15:26 - 2015-05-20 15:26 - 00032768 _____ () C:\Windows\system32\config\security.iobit
2015-05-20 15:19 - 2015-05-21 07:25 - 00002039 _____ () C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2015-05-20 15:17 - 2015-05-19 19:41 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-20 15:12 - 2015-05-20 15:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-05-20 15:11 - 2015-05-20 15:11 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-20 15:11 - 2015-05-20 15:11 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-20 15:09 - 2015-05-20 15:09 - 04749008 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2015-05-20 15:09 - 2015-05-20 15:09 - 03952640 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-05-20 15:09 - 2015-05-20 15:09 - 03617792 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-05-20 15:09 - 2015-05-20 15:09 - 00096560 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-05-20 15:03 - 2015-05-20 15:03 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\ProductData
2015-05-20 15:02 - 2015-05-20 17:24 - 00002916 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_G72B20SG
2015-05-20 15:02 - 2015-05-20 16:28 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-20 15:02 - 2015-05-20 16:12 - 00002110 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-05-20 15:02 - 2015-05-20 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-05-20 15:02 - 2015-05-20 15:02 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-05-20 15:02 - 2015-05-20 15:02 - 00003196 _____ () C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
2015-05-20 15:02 - 2015-05-20 15:02 - 00001192 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-05-20 15:02 - 2015-05-20 15:02 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2015-05-20 15:01 - 2015-05-23 07:35 - 00002145 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-05-20 15:01 - 2015-05-20 16:28 - 00000000 ____D () C:\ProgramData\IObit
2015-05-20 15:01 - 2015-05-20 15:02 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\IObit
2015-05-20 15:01 - 2015-05-20 15:02 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-05-20 15:01 - 2015-05-20 15:01 - 00002884 _____ () C:\Windows\System32\Tasks\ASC8_SkipUac_G72B20SG
2015-05-20 15:01 - 2015-05-20 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-05-20 15:01 - 2015-05-20 15:01 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-05-20 14:39 - 2015-05-21 07:54 - 00000000 ____D () C:\Users\G72B20SG\Desktop\Verknüpfungen
2015-05-20 14:21 - 2015-05-20 14:21 - 00000000 ____D () C:\Users\G72B20SG\AppData\Local\TeamViewer
2015-05-20 14:20 - 2015-05-20 14:20 - 00001007 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-20 14:20 - 2015-05-20 14:20 - 00000995 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-05-20 14:17 - 2015-05-20 14:18 - 08047992 _____ (TeamViewer GmbH) C:\Users\G72B20SG\Downloads\TeamViewer_Setup_de.exe
2015-05-19 19:59 - 2015-05-19 19:58 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-05-19 19:56 - 2015-05-19 19:56 - 00561248 _____ (Oracle Corporation) C:\Users\G72B20SG\Downloads\jxpiinstall.exe
2015-05-19 19:45 - 2015-05-20 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-19 19:41 - 2015-05-19 19:41 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-19 19:33 - 2015-05-19 19:41 - 00000000 ____D () C:\Program Files (x86)\FarmVille Trainer
2015-05-19 19:31 - 2015-05-19 19:31 - 00356272 _____ (Dropbox, Inc.) C:\Users\G72B20SG\Downloads\DropboxInstaller.exe
2015-05-19 11:49 - 2015-05-19 11:49 - 00000000 ____D () C:\Intel
2015-05-19 06:47 - 2015-05-22 19:11 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-19 06:47 - 2015-05-19 06:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-19 06:46 - 2015-05-23 08:57 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-19 06:46 - 2015-05-23 08:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-19 06:46 - 2015-05-19 06:52 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 06:46 - 2015-05-19 06:52 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 06:45 - 2015-05-19 06:45 - 00880208 _____ (Google Inc.) C:\Users\G72B20SG\Downloads\ChromeSetup.exe
2015-05-16 06:29 - 2015-05-16 06:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-13 20:28 - 2015-05-13 20:28 - 00002802 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-13 20:28 - 2015-05-13 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-13 20:28 - 2015-05-13 20:28 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-13 20:25 - 2015-05-13 20:25 - 06480808 _____ (Piriform Ltd) C:\Users\G72B20SG\Downloads\ccsetup505.exe
2015-05-13 19:42 - 2015-05-23 08:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-13 19:42 - 2015-05-13 19:42 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-13 19:42 - 2015-05-13 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-13 19:41 - 2015-05-13 19:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-13 19:41 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-13 19:41 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-13 19:41 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-13 19:40 - 2015-05-13 19:41 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\G72B20SG\Downloads\mbam-setup-2.1.6.1022(1).exe
2015-05-06 08:32 - 2015-05-06 08:32 - 00000000 ____D () C:\Users\G72B20SG\Documents\FV2.3.7.2
2015-05-06 08:23 - 2014-11-16 03:21 - 06629376 _____ () C:\Users\G72B20SG\Desktop\FV2.3.7.2.EXE
2015-05-05 11:35 - 2015-05-05 11:35 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\G72B20SG\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-05 11:25 - 2015-05-05 11:25 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-G72B20SG-HP-Windows-7-Home-Premium-(64-bit).dat
2015-05-05 11:25 - 2015-05-05 11:25 - 00000000 ____D () C:\RegBackup
2015-05-05 11:24 - 2015-05-05 11:24 - 02716306 _____ (Thisisu) C:\Users\G72B20SG\Downloads\JRT.exe
2015-05-05 11:13 - 2015-05-05 11:13 - 02204160 _____ () C:\Users\G72B20SG\Downloads\adwcleaner_4.203.exe
2015-04-29 13:46 - 2015-04-29 13:47 - 00000000 ____D () C:\Users\G72B20SG\Desktop\Bewerbungskram Mona
2015-04-27 17:27 - 2015-04-27 17:27 - 00000000 ____D () C:\Users\G72B20SG\Tracing
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-23 09:08 - 2011-09-24 20:37 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\Skype
2015-05-23 09:07 - 2010-12-24 17:09 - 01200241 _____ () C:\Windows\WindowsUpdate.log
2015-05-23 09:02 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-23 09:02 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-23 08:56 - 2014-08-31 22:22 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-23 08:54 - 2012-05-08 00:20 - 00000439 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-23 08:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-23 08:50 - 2014-09-26 14:37 - 00000000 ____D () C:\AdwCleaner
2015-05-23 08:37 - 2012-05-08 14:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-23 08:28 - 2012-05-06 12:59 - 00000000 ____D () C:\Users\G72B20SG\AppData\Local\Apps\2.0
2015-05-22 10:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-22 10:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-21 04:54 - 2012-05-06 12:16 - 01610256 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-21 04:54 - 2010-07-17 20:47 - 00704972 _____ () C:\Windows\system32\perfh007.dat
2015-05-21 04:54 - 2010-07-17 20:47 - 00152520 _____ () C:\Windows\system32\perfc007.dat
2015-05-21 04:54 - 2009-07-14 07:13 - 01610256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-20 16:55 - 2014-12-20 14:23 - 00000000 ____D () C:\Program Files (x86)\MyRealGames.com
2015-05-20 16:52 - 2014-03-02 10:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-20 16:30 - 2010-12-24 17:30 - 00000000 ____D () C:\ProgramData\WildTangent
2015-05-20 16:30 - 2010-12-24 17:30 - 00000000 ____D () C:\Program Files (x86)\HP Games
2015-05-20 16:30 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-20 16:11 - 2012-05-08 14:54 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-20 16:11 - 2012-05-08 14:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-20 16:11 - 2011-09-25 20:54 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-20 16:00 - 2012-04-11 20:12 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\TeamViewer
2015-05-20 15:50 - 2009-07-14 06:45 - 00293096 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-20 15:48 - 2011-09-25 21:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-20 15:43 - 2014-09-01 01:33 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-05-20 15:41 - 2010-12-24 17:12 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-05-20 15:39 - 2009-09-07 03:57 - 00000000 ____D () C:\Windows\Panther
2015-05-20 15:02 - 2012-11-17 01:52 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\Apple Computer
2015-05-20 14:29 - 2011-03-26 15:42 - 00070136 _____ () C:\Users\G72B20SG\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-20 08:13 - 2012-06-19 23:41 - 00000000 ____D () C:\Users\G72B20SG\AppData\Local\CrashDumps
2015-05-20 06:09 - 2014-01-03 00:03 - 00000000 ___RD () C:\Users\G72B20SG\Dropbox
2015-05-20 06:09 - 2014-01-02 12:15 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\Dropbox
2015-05-19 20:00 - 2014-03-24 15:35 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-19 19:58 - 2014-03-24 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-19 19:58 - 2013-07-12 18:17 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-19 19:54 - 2013-11-16 17:12 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2015-05-19 19:41 - 2014-09-03 06:04 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-19 19:41 - 2014-09-03 06:04 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-19 19:41 - 2014-08-31 22:22 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-19 19:41 - 2014-08-31 22:22 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-19 19:41 - 2014-08-31 22:22 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-19 19:41 - 2014-08-31 22:22 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-19 19:41 - 2014-08-31 22:22 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-19 19:40 - 2014-08-31 22:22 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-19 19:40 - 2014-08-31 22:22 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-05-19 19:34 - 2014-01-03 00:03 - 00001029 _____ () C:\Users\G72B20SG\Desktop\Dropbox.lnk
2015-05-19 19:34 - 2014-01-02 22:15 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-19 11:59 - 2012-04-09 09:31 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-19 06:46 - 2011-09-25 20:15 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-18 08:27 - 2014-08-31 14:33 - 00000000 ____D () C:\Users\G72B20SG\AppData\Local\Adobe
2015-05-18 05:03 - 2014-07-26 22:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-13 20:33 - 2012-12-24 22:55 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-07 15:04 - 2014-05-23 18:37 - 00000000 ____D () C:\Users\G72B20SG\Desktop\Bami Goreng
2015-05-05 17:50 - 2014-08-31 22:04 - 00000000 ____D () C:\Users\G72B20SG\Desktop\Neuer Ordner (3)
2015-05-05 17:50 - 2013-04-27 14:08 - 00000000 ____D () C:\Users\G72B20SG\Desktop\Goldschrift HP
2015-05-03 21:37 - 2011-04-16 15:01 - 00000000 ____D () C:\ProgramData\Skype
2015-04-29 20:11 - 2012-05-06 12:17 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\SoftGrid Client
2015-04-29 13:44 - 2014-07-26 20:16 - 00000000 ____D () C:\Users\G72B20SG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-29 13:44 - 2014-07-26 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-29 13:44 - 2014-07-26 20:16 - 00000000 ____D () C:\Program Files\WinRAR
2015-04-27 17:27 - 2011-03-26 15:31 - 00000000 ____D () C:\Users\G72B20SG
==================== Files in the root of some directories =======
2014-04-01 22:10 - 2014-09-03 07:45 - 0007597 _____ () C:\Users\G72B20SG\AppData\Local\Resmon.ResmonCfg
2010-12-24 17:24 - 2010-12-24 17:24 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-07-17 13:16 - 2010-07-17 13:17 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-12-24 17:23 - 2010-12-24 17:23 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-07-17 13:12 - 2010-07-17 13:12 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-12-24 17:23 - 2010-12-24 17:23 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-12-24 17:24 - 2010-12-24 17:24 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-07-17 13:11 - 2010-07-17 13:11 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-07-17 13:13 - 2010-07-17 13:16 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-12-24 17:24 - 2010-12-24 17:24 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Some files in TEMP:
====================
C:\Users\G72B20SG\AppData\Local\Temp\Quarantine.exe
C:\Users\G72B20SG\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-26 19:44
==================== End of log ============================ Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
Ran by G72B20SG at 2015-05-23 09:21:12
Running from C:\Users\G72B20SG\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2196551083-3368854960-1698058853-500 - Administrator - Disabled)
G72B20SG (S-1-5-21-2196551083-3368854960-1698058853-1000 - Administrator - Enabled) => C:\Users\G72B20SG
Gast (S-1-5-21-2196551083-3368854960-1698058853-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2196551083-3368854960-1698058853-1004 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aqua Real 2 (HKLM-x32\...\{8DB9EA6D-2D56-4392-85D6-5272CD95610A}) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{1795BAA8-65EC-66D0-9DA4-D4B1FBE7700E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVM FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\f018cf21c0452c64) (Version: 2.2.1.0 - AVM Berlin)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.7.813 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (x32 Version: 2010.0621.2137.36973 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
Desktop Lock 7.2 (HKLM-x32\...\Desktop Lock) (Version: 7.2 - TopLang Software)
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
Dropbox (HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX210 Series (HKLM\...\EPSON SX210 Series) (Version: - SEIKO EPSON Corporation)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Free Audio Converter version 5.0.30.1029 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Earth (HKLM-x32\...\{C1940CF0-E2DD-11E0-BB25-B8AC6F97B88E}) (Version: 6.1.0.4738 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{E342EC6B-5F25-47FE-B92C-DE616149B430}) (Version: 4.0.9.0 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.2.50.1050 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Internet Mobile (HKLM-x32\...\Internet Mobile) (Version: 11.302.09.01.162 - Huawei Technologies Co.,Ltd)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LG EV-DOM USB MODEM (HKLM-x32\...\{3314870F-4DEB-4E38-A9D8-B978945CEF01}) (Version: - )
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.03.02.705 - Huawei Technologies Co.,Ltd)
MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.09.02.00 - Huawei Technologies Co.,Ltd)
Modem LG LDU-1900D (HKLM-x32\...\{43DB077F-C85F-42CC-8302-17CBEE4A6BC6}) (Version: 1.00.0000 - LG Electronics)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Notification Center (HKLM-x32\...\{384FA0C0-BB19-4CA0-8DB4-5FD4E938277F}) (Version: 0.7.7.813 - BlueStack Systems, Inc.)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
RtVOsd (HKLM\...\{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}) (Version: 1.0.3 - Realtek Semiconductor Corp.)
SAGEM F@st 800-840 (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version: - )
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
StarMoney (x32 Version: 3.0.5.8 - StarFinanz) Hidden
StarMoney 8.0 Commerzbank-Edition (HKLM-x32\...\{B7E7F5E6-1E8C-49B6-97C0-78B97393354C}) (Version: 8.0 - Star Finanz GmbH)
Steinberg My MP3 Player 3.0 (HKLM-x32\...\Install Steinberg My MP3 Player 3.0) (Version: - )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.4 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42650 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinRAR Archivierer (HKLM-x32\...\WinRAR archiver) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.2 - Abelssoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-05-22 10:07 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0521AFA3-C84C-46C6-8429-97B54D3D3365} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {081ABBF5-4939-4A21-99F5-E5FD7F790C1E} - \Driver Booster Scan No Task File <==== ATTENTION
Task: {0CA41649-B214-4948-8A98-346F9A489CE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-19] (Google Inc.)
Task: {178D960A-DB9F-480C-A953-943C8F66EC1B} - System32\Tasks\{5EA07D89-2AF2-4A59-A011-21F4F5BFFBF0} => Iexplore.exe hxxp://ui.skype.com/ui/0/4.2.0.166.321/de/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {17D83456-00E5-46C3-B86C-4C181F8AC2B8} - \Driver Booster SkipUAC (G72B20SG) No Task File <==== ATTENTION
Task: {1801C26B-4F6A-4B87-855A-120933D97533} - \Driver Booster Update No Task File <==== ATTENTION
Task: {18CD99E0-3F5C-4AF6-BC9B-39088E6E6BD4} - System32\Tasks\{BE6E5F12-9217-452C-B412-0A9F566B6B1D} => C:\Program Files (x86)\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\IEUM.exe [2008-10-12] (LG Electronics)
Task: {2625AB9A-C548-4FFB-B51B-CB4D0E515EF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {27FF9C15-22CB-4F85-AED5-8AE61AB80111} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {2D915D22-6721-4AAF-87B8-564B51B7865E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {357809EC-AF4F-46B9-9D0E-8E1302F7B0A1} - System32\Tasks\{13E02847-B25C-4C42-905C-BD2A34013731} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {3A3667EC-8D17-4D55-92A0-914A0C79AD5F} - System32\Tasks\Uninstaller_SkipUac_G72B20SG => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {48D91DD2-D8BC-4BB1-AC74-0BA701723C1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-19] (Google Inc.)
Task: {69D74337-34E7-4375-936D-955B260A61D6} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
Task: {6A426F70-0C95-4584-96E4-494770E70CBB} - \AdvancedDriverUpdaterRunAtStartup No Task File <==== ATTENTION
Task: {7E55CC6F-2879-416E-8B3D-81C2263643D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {8050E22F-F2E4-437F-8328-0B8DD886B1F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {8469BB48-9881-4FDF-BD1F-0C62396AB9B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-09-17] (Microsoft)
Task: {A19FDB59-1816-46A8-A3EA-14E29AEA3A22} - System32\Tasks\ASC8_SkipUac_G72B20SG => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-01-26] (IObit)
Task: {A26DBBAF-A69B-482F-A049-0BB23D5DED81} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-19] (Avast Software s.r.o.)
Task: {A9AC69D3-F3A9-4511-96B9-B1827583F871} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20] (Adobe Systems Incorporated)
Task: {B007DE4E-5438-4A93-A8BA-35A9EA2AF4E3} - System32\Tasks\{F8EAEDB7-1F49-4E2E-8350-73080FF1591E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158.321/en/abandoninstall?page=tsMain
Task: {B33DF8F2-E159-42F4-899E-1EA0986025D4} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {D38C3174-DD82-4D54-A9C0-D1B7E38019A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd)
Task: {D644C257-BB29-46E9-900C-D8F0348B95FE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2008-09-08 10:19 - 2008-09-08 10:19 - 00022016 _____ () C:\Windows\System32\cl31cl6.dll
2015-05-19 19:41 - 2015-05-19 19:41 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-19 19:41 - 2015-05-19 19:41 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-22 19:02 - 2015-05-22 19:02 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052201\algo.dll
2015-05-23 08:57 - 2015-05-23 08:57 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052300\algo.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-19 19:41 - 2015-05-19 19:41 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2196551083-3368854960-1698058853-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\G72B20SG\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.189.1
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EPSON SX210 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Windows\TEMP\E_SB6B3.tmp" /EF "HKCU"
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: iFunBox Price Watch =>
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: REVAService => C:\Program Files (x86)\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1A3632C1-1AC5-4E3C-A754-3476162052E6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{1369409E-5BF5-47EE-BEE8-29B987AF2395}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{45EB6F37-1DB7-47F0-9AC3-EED0214AB618}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{17038D82-A4E3-4DA4-9907-E437D6658B87}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{DBD37166-9217-4738-A533-C658F131CA67}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{DCC5B6EF-E747-4B40-831B-851441356D0D}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{858FF62A-179E-49DF-98B6-1361A5F9D1E3}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{7DD107D4-5FAB-41EA-8BB2-FF019E6900CA}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 Commerzbank-Edition\app\StarMoney.exe
FirewallRules: [{3DC17A88-EBD0-47FE-9B00-8CBD043AC640}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 Commerzbank-Edition\app\StarMoney.exe
FirewallRules: [{E24D3E62-5E84-450E-A085-E5C2FFC16417}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{36CB00D7-72BF-4296-BE66-8B36CA26DA0F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52BD848F-683D-4DB5-B0B0-F87EE1D94B47}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E36B4FB2-A886-4356-A386-9C61483CF845}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{819E600E-4179-49EA-9F82-22B0B60F7974}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{08175EF4-4F89-479F-BDD0-09E4E853C50B}C:\program files (x86)\hp\common\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hp\common\hpdevicedetection3.exe
FirewallRules: [UDP Query User{0D329690-F237-458C-8621-3C08C7CF489D}C:\program files (x86)\hp\common\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hp\common\hpdevicedetection3.exe
FirewallRules: [{582F0F8E-0887-42D7-A9B0-A4309B2EFC22}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{52B1DB90-2ED0-4D45-8BC3-8B15409FF3B2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EBF67C25-11B5-474A-AAA6-7814B010860F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{89C1FF87-9B8B-4EBC-AF79-726052494313}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{52D77911-6414-42CB-A46D-49120093757E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7663AA1A-4FFF-4B64-9078-88BF9575605D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7C1F2322-3413-4F10-819F-65F03DED23F6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{A7CCBA2B-609B-4D25-BD54-FDC11D67138A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{C06C98AA-2D83-4747-9A4F-893653E6103E}] => (Allow) C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E21DAA93-189D-4DDB-8637-36E596AEE88C}] => (Allow) C:\Users\G72B20SG\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BB2D75E6-A846-4F10-B1F3-D0009EB21860}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7A17E091-BBB7-4E08-BEB7-87FD642C8C32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E030550E-D56A-4537-BCE4-6511194DCFF3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0544245A-3153-45DA-9256-766C4A5947E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{984A8F73-DB77-48D8-B886-CF09FBE1DAD2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/23/2015 09:04:40 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}
Error: (05/23/2015 09:04:40 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: Product {90140011-0066-0407-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...
Error: (05/23/2015 08:54:25 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (05/23/2015 07:36:48 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (05/22/2015 10:11:04 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Error: (05/22/2015 10:11:04 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Error: (05/22/2015 09:49:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11232
Error: (05/22/2015 09:49:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11232
Error: (05/22/2015 09:49:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/22/2015 09:49:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6786
System errors:
=============
Error: (05/23/2015 09:04:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/23/2015 09:04:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RtVOsdService Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/23/2015 09:04:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/23/2015 09:04:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/23/2015 09:04:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Wireless Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/23/2015 09:04:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/23/2015 09:04:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management & Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/23/2015 09:04:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WTGService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/23/2015 09:04:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "StarMoney 8.0 OnlineUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/23/2015 09:04:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Service Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (05/23/2015 09:04:40 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}
Error: (05/23/2015 09:04:40 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Product {90140011-0066-0407-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...
Error: (05/23/2015 08:54:25 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (05/23/2015 07:36:48 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (05/22/2015 10:11:04 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Error: (05/22/2015 10:11:04 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Error: (05/22/2015 09:49:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11232
Error: (05/22/2015 09:49:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11232
Error: (05/22/2015 09:49:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/22/2015 09:49:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6786
CodeIntegrity Errors:
===================================
Date: 2015-05-23 08:51:54.856
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-23 08:51:54.544
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-23 07:34:05.802
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-23 07:34:05.459
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-22 13:40:19.197
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-22 13:40:18.885
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-22 10:04:07.949
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-22 10:04:07.637
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-22 07:29:50.196
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-22 07:29:49.884
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\DeskLock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Percentage of memory in use: 45%
Total physical RAM: 3893.86 MB
Available physical RAM: 2103.76 MB
Total Pagefile: 7785.91 MB
Available Pagefile: 5741.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:448.61 GB) (Free:327.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.86 GB) (Free:2.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 91CA769B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of log ============================ Kann sein das ich Pfingsten arbeiten muss. Morgen weiss ich noch nicht, Montag arbeite ich. Also nicht rausschmeissen, ja? |