| eckofresh | 22.06.2015 17:39 |
WIN 7: Malewarebytes lässt sich nicht mehr deinstallieren bzw updaten
Hallo!
Ich habe ein Problem mit Malewarebytes. Kann das Programm nicht mehr öffnen. Beim Versuch es zu deinstallieren kommt folgene Fehlermeldung: The setup files are corrupted. Please obtain a new copy of the program.
Habe Systemscan mit FRST gemacht.
Hier die LOG Datein
FRST Code:
^Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by Florian (administrator) on FLORIAN-PC on 22-06-2015 18:12:39
Running from C:\Users\Florian\Downloads
Loaded Profiles: Florian (Available Profiles: Florian)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Search Protect) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [10551008 2015-06-17] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [188224 2014-11-10] (Search Protect)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-804058063-1230525938-920028975-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-804058063-1230525938-920028975-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-804058063-1230525938-920028975-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-804058063-1230525938-920028975-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=M591C04CE-C07F-48AB-AC85-940F648A0AB1&SearchSource=58&CUI=&UM=5&UP=&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-804058063-1230525938-920028975-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=M591C04CE-C07F-48AB-AC85-940F648A0AB1&SearchSource=58&CUI=&UM=5&UP=&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-804058063-1230525938-920028975-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-01] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-05] (Oracle Corporation)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\go5z5hzc.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=M591C04CE-C07F-48AB-AC85-940F648A0AB1&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-25] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-10-01] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-01-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-01-05] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-804058063-1230525938-920028975-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Florian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-11-23] (Apple Inc.)
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\go5z5hzc.default\searchplugins\avira-safesearch.xml [2014-04-24]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\go5z5hzc.default\searchplugins\trovi-search.xml [2014-11-15]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\go5z5hzc.default\Extensions\2020Player_IKEA@2020Technologies.com [2011-10-08]
FF Extension: Avira Browser Safety - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\go5z5hzc.default\Extensions\abs@avira.com [2015-05-28]
FF Extension: GreenWebPlayer - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\go5z5hzc.default\Extensions\greenwebplayer@greentube.com [2013-12-12]
FF HKU\S-1-5-21-804058063-1230525938-920028975-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-06]
CHR Extension: (Google Wallet) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-20]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-11] (Avira Operations GmbH & Co. KG)
S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [551896 2013-04-10] (Protection Technology)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3056960 2014-11-10] (Search Protect)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432 2012-09-07] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [676936 2012-09-07] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3852976 2013-04-10] (Protection Technology)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-11] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-11] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-18] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2012-09-07] (Malwarebytes Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [70400 2004-04-08] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-22 18:12 - 2015-06-22 18:12 - 02109952 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2015-06-22 18:11 - 2015-06-22 18:11 - 00000476 _____ C:\Users\Florian\Downloads\defogger_disable.log
2015-06-22 18:10 - 2015-06-22 18:10 - 00050477 _____ C:\Users\Florian\Downloads\Defogger(2).exe
2015-06-22 17:55 - 2015-06-22 17:55 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Florian\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-19 18:40 - 2015-06-19 18:41 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-19 18:37 - 2015-06-19 18:37 - 00001205 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2015-06-19 18:36 - 2015-06-21 20:41 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000UA.job
2015-06-19 18:36 - 2015-06-19 18:41 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000Core.job
2015-06-19 18:36 - 2015-06-19 18:36 - 00004206 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000UA
2015-06-19 18:36 - 2015-06-19 18:36 - 00003810 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000Core
2015-06-19 18:36 - 2015-06-19 18:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Dropbox
2015-06-19 18:36 - 2015-06-19 18:36 - 00000000 ____D C:\ProgramData\Dropbox
2015-05-25 18:30 - 2015-06-22 17:52 - 00000000 ___RD C:\Users\Florian\Dropbox
2015-05-25 18:30 - 2015-05-25 18:30 - 00001137 _____ C:\Users\Florian\Desktop\Dropbox.lnk
2015-05-25 18:27 - 2015-06-22 17:52 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Dropbox
2015-05-25 18:26 - 2015-05-25 18:26 - 00356272 _____ (Dropbox, Inc.) C:\Users\Florian\Downloads\DropboxInstaller.exe
2015-05-23 13:21 - 2015-05-23 13:21 - 00000000 ____D C:\Users\Florian\Downloads\colgerman
2015-05-23 13:20 - 2015-05-23 13:20 - 00069051 _____ C:\Users\Florian\Downloads\colgerman.zip
2015-05-23 13:13 - 2015-05-23 13:13 - 00000000 ____D C:\Users\Florian\Documents\freecol
2015-05-23 13:09 - 2015-05-23 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCol
2015-05-23 13:07 - 2015-05-23 13:07 - 00000000 ____D C:\Program Files (x86)\freecol
2015-05-23 13:03 - 2015-05-23 13:03 - 01196832 _____ C:\Users\Florian\Downloads\FreeCol - CHIP-Installer.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-22 18:13 - 2014-04-26 21:01 - 00014933 _____ C:\Users\Florian\Downloads\FRST.txt
2015-06-22 18:12 - 2014-04-26 21:01 - 00000000 ____D C:\FRST
2015-06-22 18:12 - 2011-02-25 16:35 - 02022356 _____ C:\Windows\WindowsUpdate.log
2015-06-22 18:00 - 2011-02-25 18:14 - 00000000 ____D C:\Users\Florian\AppData\Roaming\DAEMON Tools Lite
2015-06-22 17:57 - 2012-04-10 22:02 - 00000000 ____D C:\Windows\pss
2015-06-22 17:56 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-22 17:56 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-22 17:51 - 2013-02-21 21:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-22 17:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-21 20:28 - 2013-02-21 21:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-21 19:48 - 2015-05-06 20:27 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-19 18:37 - 2014-04-26 08:29 - 00000000 ____D C:\Users\Florian\AppData\Local\AviraSpeedup
2015-06-19 18:37 - 2014-04-24 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-06-19 18:35 - 2014-04-24 19:56 - 00003320 _____ C:\Windows\System32\Tasks\AviraSpeedup
2015-06-12 21:44 - 2014-04-24 19:55 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-12 21:44 - 2012-08-12 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-12 21:44 - 2012-04-06 14:17 - 00000000 ____D C:\ProgramData\Avira
2015-06-12 21:44 - 2012-04-06 14:17 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-06 17:52 - 2015-05-20 18:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-06 17:52 - 2012-06-01 15:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-05 21:19 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-02 19:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-02 19:14 - 2015-05-01 10:26 - 00033280 _____ C:\Users\Florian\Desktop\Verbrauch.xls
2015-05-25 18:30 - 2011-02-25 16:51 - 00000000 ____D C:\Users\Florian
2015-05-23 13:29 - 2015-05-20 20:30 - 00000000 ____D C:\Users\Florian\Downloads\Colonization
2015-05-23 09:38 - 2014-11-05 22:05 - 00339060 _____ C:\Windows\SysWOW64\~.tmp
==================== Files in the root of some directories =======
2011-11-11 17:48 - 2011-12-10 13:44 - 0000188 _____ () C:\Users\Florian\AppData\Roaming\MSTEK.INI
2011-07-27 20:47 - 2011-07-27 20:47 - 0000058 _____ () C:\Users\Florian\AppData\Roaming\you.bmp
2012-03-26 20:02 - 2012-03-26 20:02 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyqm7hp.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-17 19:53
==================== End of log ============================
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Florian at 2015-06-22 18:13:43
Running from C:\Users\Florian\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-804058063-1230525938-920028975-500 - Administrator - Disabled)
Florian (S-1-5-21-804058063-1230525938-920028975-1000 - Administrator - Enabled) => C:\Users\Florian
Gast (S-1-5-21-804058063-1230525938-920028975-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-804058063-1230525938-920028975-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.1.9.2500 - Avira)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.10.1246 - Avira Operations GmbH & Co. KG)
BlackBerry Device Manager 7.0 (HKLM-x32\...\BlackBerry_HandheldManager) (Version: 7.0.0.40 - Research in Motion Ltd.)
BlackBerry Device Manager 7.0 (x32 Version: 7.0.0.40 - Research in Motion Ltd.) Hidden
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series Benutzerregistrierung (HKLM-x32\...\Canon MP280 series Benutzerregistrierung) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Cycling Manager (HKLM-x32\...\{D794BD18-511C-404A-8985-FDAB23AF4587}) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DDPB (HKLM-x32\...\{748590DB-44CD-48D2-8585-2496BBFE919F}) (Version: 1.0.9 - DauDen.vn)
Driver Mender (HKLM-x32\...\{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}) (Version: 8.0.1 - Driver Mender)
Dropbox (HKU\S-1-5-21-804058063-1230525938-920028975-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FIFA 11 (HKLM-x32\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
Free YouTube to Mp3 Converter version 3.1 (HKLM-x32\...\Free YouTube to Mp3 Converter_is1) (Version: - DVDVideoSoft Limited.)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.0 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
GTAIII (HKLM-x32\...\{92B94569-6683-4617-8C54-EB27A1B51B30}) (Version: - )
HappyFoto-Designer 5.1 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
HOFER Bestellsoftware 4.13.0 (HKLM-x32\...\HOFER Bestellsoftware) (Version: 4.13.0 - ORWO Net)
Icy Tower v1.5 (HKLM-x32\...\Icy Tower v1.5_is1) (Version: - Free Lunch Design)
INTERSPAR FOTOWELT (HKLM-x32\...\INTERSPAR FOTOWELT) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010FF}) (Version: 7.0.100 - Oracle)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java(TM) 6 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416025FF}) (Version: 6.0.250 - Oracle)
Malwarebytes Anti-Malware Version 1.65.0.1400 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.65.0.1400 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Grafiktreiber 266.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 266.58 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OVplan 3.9.3 (HKLM-x32\...\OVplan) (Version: 3.9.3 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Polar FlowSync Version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.10 - ProtectDisc Software GmbH)
PSTViewer Pro (HKLM\...\{67449D62-533A-4923-BB95-1182AF093F20}) (Version: 4.8.0.2666 - Encryptomatic, LLC)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.18.20.209 - Search Protect)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skigebiet Simulator 2012 (HKLM-x32\...\Skiworld Simulator 2012) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Star Wars(TM): Knights of the Old Republic (TM) (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Summer Athletics (HKLM-x32\...\Summer Athletics_is1) (Version: - dtp)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tour de France 2011 - Der offizielle Radsport-Manager Version 1 (HKLM-x32\...\Pro Cycling Manager 2011_is1) (Version: 1.0.4.4 - Cyanide)
VideoLAN VLC media player 0.8.5 (HKLM-x32\...\VLC media player) (Version: 0.8.5 - VideoLAN Team)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-804058063-1230525938-920028975-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-804058063-1230525938-920028975-1000_Classes\CLSID\{9C89EC5D-5EB9-4979-B8D8-65246DD24287}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
==================== Restore Points =========================
01-10-2014 08:18:28 Geplanter Prüfpunkt
02-10-2014 19:39:59 Avira System Speedup(1.3.1.9970)
16-10-2014 19:41:59 Geplanter Prüfpunkt
06-12-2014 20:34:55 Geplanter Prüfpunkt
15-12-2014 18:46:44 Avira System Speedup 1.5
31-12-2014 19:31:31 Geplanter Prüfpunkt
11-01-2015 21:35:45 Geplanter Prüfpunkt
30-01-2015 17:42:06 Avira System Speedup 1.6
10-02-2015 22:58:42 Avira System Speedup 1.6
23-02-2015 17:41:37 Geplanter Prüfpunkt
11-03-2015 20:21:29 Geplanter Prüfpunkt
15-04-2015 20:51:12 Geplanter Prüfpunkt
25-04-2015 10:13:15 Avira System Speedup 1.6.3
25-04-2015 21:29:12 Installiert Grand Theft Auto Vice City
17-05-2015 18:16:27 Avira System Speedup 1.6.5
05-06-2015 21:21:11 Avira System Speedup 1.6.7
19-06-2015 18:36:19 Avira System Speedup 1.6.10
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-04-27 09:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1F7B6D8B-8973-4DA1-8ADC-5BF2AF05BA86} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000Core => C:\Users\Florian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {2871A8A0-1108-40B8-9217-FB4ADFABEFA0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000Core => C:\Users\Florian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {2C48E022-C49A-4372-AAA2-4C1B8D376119} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000UA => C:\Users\Florian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {489AF374-4326-4320-AA27-C10F10454175} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {692583F2-167F-4B67-8814-CE4797397C51} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000UA => C:\Users\Florian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {71300E42-878C-4660-B4C5-C2078ACDFF18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {B56045D2-467C-4AD2-8BCE-2C650DEB3328} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-06-17] (Avira Operations GmbH & Co. KG)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000Core.job => C:\Users\Florian\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-804058063-1230525938-920028975-1000UA.job => C:\Users\Florian\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2011-03-21 21:14 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-08-29 19:09 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-03-26 17:57 - 2012-03-26 17:57 - 00034816 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-06-22 17:52 - 2015-06-22 17:52 - 00043008 _____ () c:\users\florian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyqm7hp.dll
2015-05-25 18:28 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-05-25 18:28 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-05-25 18:28 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-05-25 18:28 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-25 18:28 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-05-25 18:28 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-05-25 18:28 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:BB24555F
AlternateDataStreams: C:\ProgramData\TEMP:D4A168E0
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-804058063-1230525938-920028975-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Florian\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AviraSpeedup => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Florian\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Facebook Update => "C:\Users\Florian\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Speedup_umh => C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A0D75E73-D670-4D30-ABF6-D3651CD55520}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [UDP Query User{D051B869-0C9D-45BA-A108-162327240C17}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [TCP Query User{7C487AC3-4A05-42B2-8AC4-2540571655DE}C:\cyanide\cyclingmanager\cyclingmanager.exe] => (Block) C:\cyanide\cyclingmanager\cyclingmanager.exe
FirewallRules: [UDP Query User{F75A66F6-0615-4B05-982B-6C70851DD21E}C:\cyanide\cyclingmanager\cyclingmanager.exe] => (Block) C:\cyanide\cyclingmanager\cyclingmanager.exe
FirewallRules: [TCP Query User{B1F66233-BCD3-4C81-9FA8-6427CEB434A4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{68308071-27C4-4D98-8177-3DB2A4444029}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{58C8B7B0-B7F3-4A9F-94E4-5825398DA02D}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{83F85FD2-88E1-468A-85B7-C71AB170A6D6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{7A785022-A222-40DE-B28D-BEE2E48A0688}] => (Allow) C:\Program Files (x86)\Skiworld Simulator 2012\iupdate.dll
FirewallRules: [{EF6BF74A-B6B6-4E24-A058-3BC6B068E1E6}] => (Allow) C:\Program Files (x86)\Skiworld Simulator 2012\iupdate.dll
FirewallRules: [{C5C5DEE0-7C08-43B9-8A0B-3837F5856CA3}] => (Allow) C:\Program Files (x86)\Skiworld Simulator 2012\skiresort2012.dll
FirewallRules: [{83113A6E-7A5F-47B3-9C02-EC80610394AB}] => (Allow) C:\Program Files (x86)\Skiworld Simulator 2012\skiresort2012.dll
FirewallRules: [{42AC2FC1-3819-4FD8-B7B2-35E21767C5B8}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{07AD435B-52D8-40DB-A897-B08BABA98F1D}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{41A678B1-8D52-49B3-9C84-8902A995214A}C:\program files (x86)\oldgames\jazz jackrabbit\c\jazz\openjazz.exe] => (Block) C:\program files (x86)\oldgames\jazz jackrabbit\c\jazz\openjazz.exe
FirewallRules: [UDP Query User{7A90ECE6-5132-433C-9FCD-0F934B30C036}C:\program files (x86)\oldgames\jazz jackrabbit\c\jazz\openjazz.exe] => (Block) C:\program files (x86)\oldgames\jazz jackrabbit\c\jazz\openjazz.exe
FirewallRules: [{35D0C55A-36CD-4CEB-A86B-D8615F8E5976}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3947F608-24D2-48F4-A692-6EFFF27EA230}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C1318705-98F4-43D4-94FF-85F36A918DF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{62844D21-980F-4502-89B5-C2A69F68C3A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F309B89E-0632-4A4E-A39F-690EA6D3A5F4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{43AB04AF-002A-45D8-8974-B8252F92E9C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AB0EA5FA-52AB-4815-89B0-9230F59A8EA7}] => (Allow) C:\Users\Florian\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{69CC65D5-7E55-42F4-B0FB-18C4193981DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C789E960-9692-49C8-A0E6-6417275F2874}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4C20733A-54F4-4BFD-8397-6778A4A93178}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9089DEA8-DD92-4B84-B0F3-B22F8DEE4BCF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FED8EB3F-9D20-432F-BA39-64309087F37F}] => (Allow) LPort=5354
FirewallRules: [{DACEFA73-95FC-4A88-8B46-FF9187BE0F1A}] => (Allow) LPort=5354
FirewallRules: [{DF59F0EB-12BA-4DD0-93D4-BE26187C8373}] => (Allow) LPort=5354
FirewallRules: [{8878BABA-AEC0-4557-AB95-C0F94D6D2779}] => (Allow) LPort=5354
FirewallRules: [{69A4B59C-C8A7-4718-A3FE-81D5D6C2B1C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19EDFE17-1280-44B8-8187-62F4CA7F8247}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{63E59A93-2174-46C3-9FB3-67611BC017A1}] => (Allow) C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DAD00BF7-D3FA-4959-A73F-026C66DB1FBB}] => (Allow) C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1ADD3599-311A-45CA-B1A2-641E2346A80D}C:\users\florian\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\florian\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{70CFE463-CF39-48A2-BCE8-5E1ED4C3C6A4}C:\users\florian\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\florian\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{9EF0D0EC-9E95-4839-B8CF-1E2D44EEEC7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: A309
Description: A309
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: FingerPrinter Reader
Description: FingerPrinter Reader
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/18/2015 06:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 332797
Error: (06/18/2015 06:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 332797
Error: (06/18/2015 06:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 06:09:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23493
Error: (06/18/2015 06:09:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23493
Error: (06/18/2015 06:09:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 06:09:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22355
Error: (06/18/2015 06:09:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22355
Error: (06/18/2015 06:09:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 06:09:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21294
System errors:
=============
Error: (06/22/2015 05:51:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (06/22/2015 05:51:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/22/2015 05:51:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit Scanner erreicht.
Error: (06/22/2015 05:51:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/22/2015 05:51:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.
Error: (06/22/2015 05:50:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/21/2015 07:24:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (06/21/2015 07:24:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/21/2015 07:24:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit Scanner erreicht.
Error: (06/21/2015 07:24:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office:
=========================
Error: (06/18/2015 06:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 332797
Error: (06/18/2015 06:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 332797
Error: (06/18/2015 06:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 06:09:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23493
Error: (06/18/2015 06:09:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23493
Error: (06/18/2015 06:09:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 06:09:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22355
Error: (06/18/2015 06:09:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22355
Error: (06/18/2015 06:09:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 06:09:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21294
CodeIntegrity Errors:
===================================
Date: 2014-04-27 09:43:30.452
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-27 09:43:30.444
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-24 18:49:04.500
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-24 18:49:04.484
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-24 18:49:04.469
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-24 18:49:00.616
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-24 18:49:00.600
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-24 18:49:00.600
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-24 18:48:58.900
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-24 18:48:58.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 37%
Total physical RAM: 4090.93 MB
Available physical RAM: 2546.94 MB
Total Pagefile: 8180.01 MB
Available Pagefile: 6319.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:285.32 GB) (Free:5.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:298.09 GB) (Free:268.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 61476EFC)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=285.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 GB) - (Type=12)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 00D44732)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of log ============================
Bei GMER und Defogger habe ich keine LOGS rausbekommen.
Ich hoffe Ihr könnt mir da helfen!
Lg, flo |
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
dann auf 
und dann auf 
.