pfaumanfred | 04.08.2014 18:59 | Code:
https://www.virustotal.com/de/file/00b6f52f56a3486813dbda0bea459dad820e14d1f30be3d8fe4a880b3b4ddaf3/analysis/1407172619/ Code:
# AdwCleaner v1.606 - Logfile created 08/04/2014 at 19:21:27
# Updated 10/05/2012 by Xplode
# Operating system : Windows 8.1 Pro (32 bits)
# User : Manfred - MANFREDPC
# Running from : C:\Users\Manfred\Desktop\adwcleaner-1.606-en(1).exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\Manfred\AppData\Local\Temp\APN
***** [Registry] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
***** [Registre - GUID] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.11.9600.17207
[OK] Registry is clean.
-\\ Mozilla Firefox v31.0 (x86 de)
Profile name : default
File : C:\Users\Manfred\AppData\Roaming\Mozilla\Firefox\Profiles\p8z37soi.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1040 octets] - [01/08/2014 15:23:51]
AdwCleaner[S1].txt - [1207 octets] - [01/08/2014 15:24:45]
AdwCleaner[R2].txt - [1125 octets] - [03/08/2014 16:12:49]
AdwCleaner[S2].txt - [1190 octets] - [03/08/2014 16:13:12]
AdwCleaner[R3].txt - [1249 octets] - [04/08/2014 19:21:16]
AdwCleaner[S3].txt - [1184 octets] - [04/08/2014 19:21:27]
########## EOF - C:\AdwCleaner[S3].txt - [1312 octets] ########## Code:
https://www.virustotal.com/de/file/2d507301cace54122338d38256ef01a961a6d47a98a3d8df20ba7b3016a83eb2/analysis/1407173689/ Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 04.08.2014
Suchlauf-Zeit: 19:26:18
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.04.05
Rootkit Datenbank: v2014.08.01.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x86
Dateisystem: NTFS
Benutzer: Manfred
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 296233
Verstrichene Zeit: 13 Min, 23 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 4
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [ccc9ccf67b007cba78fc9f38639f2dd3],
PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-21-2440249-1944230807-1698688370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced System Protector, Löschen bei Neustart, [d0c50eb4a5d69f974b6c0612f4108b75],
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-2440249-1944230807-1698688370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, Löschen bei Neustart, [5c39536f3c3f082e8831c25628dc956b],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-2440249-1944230807-1698688370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, Löschen bei Neustart, [4c49bc06017a310585ee7d5afb0739c7],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 7
PUP.Optional.SystemSpeedup, C:\Users\Manfred\AppData\Roaming\Systweak\ssd, In Quarantäne, [97fe03bfb9c214227cf610b7a85ab848],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\2.1.1000.13665, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Manfred\AppData\Roaming\Systweak\Advanced-System-Protector, In Quarantäne, [2372b80aa1dabe788998daf3d13139c7],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Manfred\AppData\Roaming\Systweak\Advanced-System-Protector\2.1.1000.13665, In Quarantäne, [2372b80aa1dabe788998daf3d13139c7],
Dateien: 22
PUP.Optional.AppInstaller, C:\Users\Manfred\AppData\Local\Temp\n3795\FLVMPlayerSetup-c45490cb.exe, In Quarantäne, [781d6062691260d6a0a35d2de51c13ed],
PUP.Optional.SystemSpeedup, C:\Users\Manfred\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, In Quarantäne, [97fe03bfb9c214227cf610b7a85ab848],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\status.lic, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\completedatabase.db, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\Cookies.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\DigSign.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\FilePathFIX.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\FilePaths.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\FileSignature.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\Folders.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\Md5.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\Registry.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\SetupSign.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\StrSetupSign.bin, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\100oupdate.zip, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\1835completedatabase.zip, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\1905mupdate.zip, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\1906update.zip, In Quarantäne, [4e479d255a2153e329f814b913ef50b0],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Manfred\AppData\Roaming\Systweak\Advanced-System-Protector\QDetail.db, In Quarantäne, [2372b80aa1dabe788998daf3d13139c7],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Manfred\AppData\Roaming\Systweak\Advanced-System-Protector\Settings.db, In Quarantäne, [2372b80aa1dabe788998daf3d13139c7],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Manfred\AppData\Roaming\Systweak\Advanced-System-Protector\Update.ini, In Quarantäne, [2372b80aa1dabe788998daf3d13139c7],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Manfred\AppData\Roaming\Systweak\Advanced-System-Protector\2.1.1000.13665\ASPLog.txt, In Quarantäne, [2372b80aa1dabe788998daf3d13139c7],
Physische Sektoren: 0
(No malicious items detected)
(end)
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:2-08-2014
Ran by Manfred (administrator) on MANFREDPC on 04-08-2014 19:49:03
Running from C:\Users\Manfred\Downloads
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Systweak) C:\Program Files\Right Backup\RBClientService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Systweak) C:\Program Files\Right Backup\RightBackup.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Trioris LLC) C:\Users\Manfred\AppData\Local\IScreeny\IScreeny.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(IScreenyHelper) C:\Users\Manfred\AppData\Local\IScreeny\IScreenyHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-2440249-1944230807-1698688370-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2440249-1944230807-1698688370-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2440249-1944230807-1698688370-1001\...\Run: [IScreeny] => C:\Users\Manfred\AppData\Local\IScreeny\IScreeny.exe [1170888 2014-06-20] (Trioris LLC)
HKU\S-1-5-21-2440249-1944230807-1698688370-1001\...\Run: [IScreenyUpdater] => C:\Users\Manfred\AppData\Local\IScreeny\Updater.exe [163784 2014-06-20] (TRIORIS LLC)
HKU\S-1-5-21-2440249-1944230807-1698688370-1001\...\Run: [Optimizer Pro] => C:\Program Files\Optimizer Pro\OptProLauncher.exe [146888 2014-07-29] (PC Utilities Software Limited)
IFEO\effectextractor.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\omnipage.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\power2go.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\scannerwizard.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\youcam.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Manfred\AppData\Roaming\Mozilla\Firefox\Profiles\p8z37soi.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\Manfred\AppData\Roaming\Mozilla\Firefox\Profiles\p8z37soi.default\Extensions\toolbar@web.de [2014-07-12]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Manfred\AppData\Roaming\Mozilla\Firefox\Profiles\p8z37soi.default\Extensions\toolbar_AVIRA-V7C@apn.ask.com.xpi [2013-12-20]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1030224 2014-07-26] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)
R2 ca82e1a5; c:\Program Files\Optimizer Pro\OptProCrash.dll [3475912 2014-08-01] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RBClientService; C:\Program Files\Right Backup\RBClientService.exe [48240 2014-07-11] (Systweak)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-06-29] () [File not signed]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2014-07-16] (TuneUp Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-06-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-06-22] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2014-06-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [37352 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [35848 2014-07-26] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-03-18] (Microsoft Corporation)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R1 iscreenyfilter; C:\WINDOWS\iscreenyfilter.sys [41632 2014-06-25] (NetFilterSDK.com)
R3 L1C; C:\WINDOWS\system32\DRIVERS\L1C63x86.sys [110792 2013-06-18] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [92504 2014-06-22] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-06-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-04 19:45 - 2014-08-04 19:45 - 00006582 _____ () C:\Users\Manfred\Desktop\mbam.txt
2014-08-04 19:32 - 2014-08-04 19:32 - 01361309 _____ () C:\Users\Manfred\Downloads\adwcleaner_3.302.exe
2014-08-04 19:25 - 2014-08-04 19:25 - 00001880 _____ () C:\Program Files\Right Backupsmartbackuprules.xmluzvf2qat.d4r.xml_
2014-08-04 19:25 - 2014-08-04 19:25 - 00000000 ____D () C:\Program Files\Right Backup
2014-08-04 19:21 - 2014-08-04 19:21 - 00001313 _____ () C:\AdwCleaner[S3].txt
2014-08-04 19:21 - 2014-08-04 19:21 - 00001249 _____ () C:\AdwCleaner[R3].txt
2014-08-04 19:20 - 2014-08-04 19:25 - 00001020 _____ () C:\Users\Public\Desktop\Right Backup.lnk
2014-08-04 19:20 - 2014-08-04 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
2014-08-04 19:20 - 2014-08-04 19:20 - 00581957 _____ () C:\Users\Manfred\Desktop\adwcleaner-1.606-en(1).exe
2014-08-04 19:20 - 2014-08-04 19:20 - 00000000 ____D () C:\rbtemp
2014-08-03 16:13 - 2014-08-03 16:13 - 00001190 _____ () C:\AdwCleaner[S2].txt
2014-08-03 16:12 - 2014-08-03 16:12 - 00001125 _____ () C:\AdwCleaner[R2].txt
2014-08-02 15:58 - 2014-08-04 19:49 - 00011425 _____ () C:\Users\Manfred\Downloads\FRST.txt
2014-08-02 15:58 - 2014-08-04 10:59 - 00031427 _____ () C:\Users\Manfred\Downloads\Addition.txt
2014-08-02 15:57 - 2014-08-04 19:49 - 00000000 ____D () C:\FRST
2014-08-02 15:56 - 2014-08-02 15:56 - 01084928 _____ (Farbar) C:\Users\Manfred\Downloads\FRST.exe
2014-08-02 13:16 - 2014-08-02 16:17 - 00000000 ____D () C:\Users\Manfred\Documents\Male-Ware
2014-08-01 15:24 - 2014-08-01 15:24 - 00001207 _____ () C:\AdwCleaner[S1].txt
2014-08-01 15:23 - 2014-08-01 15:23 - 00001040 _____ () C:\AdwCleaner[R1].txt
2014-08-01 14:37 - 2014-08-01 14:37 - 00000000 ____D () C:\Users\Manfred\Documents\Optimizer Pro
2014-08-01 14:37 - 2014-08-01 14:37 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\Optimizer Pro
2014-08-01 14:31 - 2014-08-04 19:44 - 00000000 ____D () C:\Users\Manfred\AppData\Local\IScreeny
2014-08-01 14:31 - 2014-08-04 19:40 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\Systweak
2014-08-01 14:31 - 2014-08-04 19:40 - 00000000 ____D () C:\ProgramData\Systweak
2014-08-01 14:31 - 2014-08-04 19:20 - 00001034 _____ () C:\Users\Manfred\Desktop\FLVM Player.lnk
2014-08-01 14:31 - 2014-08-01 15:27 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-08-01 14:31 - 2014-08-01 14:31 - 00581957 _____ () C:\Users\Manfred\Desktop\adwcleaner-1.606-en.exe
2014-08-01 14:31 - 2014-08-01 14:31 - 00001032 _____ () C:\Users\Manfred\Desktop\Optimizer Pro.lnk
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\VOPackage
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IScreeny
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLVM Player
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\Program Files\FLVM Player
2014-08-01 14:31 - 2014-06-30 17:55 - 00018792 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot.exe
2014-08-01 14:28 - 2014-08-01 14:28 - 00648896 _____ (Bechiro-Installer · sl) C:\Users\Manfred\Downloads\AdwCleaner.exe
2014-08-01 14:27 - 2014-08-04 19:43 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 14:26 - 2014-08-01 14:26 - 00001072 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-01 14:26 - 2014-08-01 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-01 14:26 - 2014-08-01 14:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-01 14:26 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-01 14:26 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-01 14:26 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-01 14:20 - 2014-08-01 14:20 - 00700980 _____ () C:\Users\Manfred\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-08-01 14:19 - 2014-08-01 14:19 - 00538220 _____ () C:\Users\Manfred\Downloads\noscript-2.6.8.36.xpi.zip
2014-08-01 14:18 - 2014-08-01 14:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manfred\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-08-01 14:17 - 2014-08-01 14:17 - 05329480 _____ (Secunia) C:\Users\Manfred\Downloads\PSISetup_3.0.0.9016.exe
2014-08-01 14:11 - 2014-08-01 14:11 - 00001114 _____ () C:\DelFix.txt
2014-08-01 14:11 - 2014-08-01 14:11 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-31 21:28 - 2014-07-31 21:28 - 00009457 _____ () C:\Users\Manfred\Downloads\Eset.txt
2014-07-31 12:20 - 2014-07-31 12:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-31 12:19 - 2014-07-31 12:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manfred\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-31 12:14 - 2014-08-04 19:42 - 00030228 _____ () C:\WINDOWS\PFRO.log
2014-07-30 12:02 - 2014-07-30 12:02 - 00000187 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-29 14:14 - 2014-07-29 14:14 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-29 14:14 - 2014-07-29 14:14 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-29 14:14 - 2014-07-29 14:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-28 11:37 - 2014-07-28 11:38 - 32047680 _____ () C:\Users\Manfred\Downloads\Firefox_Setup_de31.0.exe
2014-07-15 10:12 - 2014-07-15 10:12 - 00000000 ____D () C:\Users\Manfred\AppData\Local\Adobe
2014-07-12 12:34 - 2014-07-12 12:34 - 00093529 _____ () C:\Users\Manfred\Desktop\HP Installationsfehler beheben – Netzwerk.hta
2014-07-12 11:48 - 2014-07-12 11:48 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-12 11:46 - 2014-04-14 04:37 - 00865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-12 11:45 - 2014-07-12 11:45 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-12 06:55 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-12 06:54 - 2014-07-01 00:46 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-12 06:54 - 2014-06-28 08:57 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-12 06:54 - 2014-06-28 08:27 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-12 06:54 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-12 06:54 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-12 06:54 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-12 06:54 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-12 06:54 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-12 06:54 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-12 06:54 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-12 06:54 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-12 06:54 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-12 06:54 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-12 06:54 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-12 06:54 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-12 06:54 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-12 06:54 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-12 06:54 - 2014-06-06 15:20 - 03497472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-12 06:54 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-12 06:54 - 2014-05-31 10:38 - 00049552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-12 06:54 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-12 06:54 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-12 06:54 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-12 06:54 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-12 06:54 - 2014-05-31 04:39 - 02818048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-12 06:54 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-12 06:54 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-12 06:54 - 2014-05-30 05:05 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-12 06:54 - 2014-05-29 11:30 - 00481400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-12 06:54 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-12 06:54 - 2014-05-29 06:38 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 10:59 - 2014-07-09 10:59 - 00000000 __SHD () C:\Users\Manfred\AppData\Local\EmieUserList
2014-07-09 10:59 - 2014-07-09 10:59 - 00000000 __SHD () C:\Users\Manfred\AppData\Local\EmieSiteList
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-04 19:49 - 2014-08-02 15:58 - 00011425 _____ () C:\Users\Manfred\Downloads\FRST.txt
2014-08-04 19:49 - 2014-08-02 15:57 - 00000000 ____D () C:\FRST
2014-08-04 19:45 - 2014-08-04 19:45 - 00006582 _____ () C:\Users\Manfred\Desktop\mbam.txt
2014-08-04 19:44 - 2014-08-01 14:31 - 00000000 ____D () C:\Users\Manfred\AppData\Local\IScreeny
2014-08-04 19:44 - 2014-06-23 09:03 - 00000000 __RDO () C:\Users\Manfred\OneDrive
2014-08-04 19:43 - 2014-08-01 14:27 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-04 19:42 - 2014-07-31 12:14 - 00030228 _____ () C:\WINDOWS\PFRO.log
2014-08-04 19:42 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-04 19:42 - 2013-08-22 09:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-04 19:40 - 2014-08-01 14:31 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\Systweak
2014-08-04 19:40 - 2014-08-01 14:31 - 00000000 ____D () C:\ProgramData\Systweak
2014-08-04 19:36 - 2014-06-22 15:30 - 01385383 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-04 19:36 - 2013-03-25 10:29 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-04 19:32 - 2014-08-04 19:32 - 01361309 _____ () C:\Users\Manfred\Downloads\adwcleaner_3.302.exe
2014-08-04 19:31 - 2014-05-06 12:29 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\HpUpdate
2014-08-04 19:25 - 2014-08-04 19:25 - 00001880 _____ () C:\Program Files\Right Backupsmartbackuprules.xmluzvf2qat.d4r.xml_
2014-08-04 19:25 - 2014-08-04 19:25 - 00000000 ____D () C:\Program Files\Right Backup
2014-08-04 19:25 - 2014-08-04 19:20 - 00001020 _____ () C:\Users\Public\Desktop\Right Backup.lnk
2014-08-04 19:25 - 2014-08-04 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
2014-08-04 19:21 - 2014-08-04 19:21 - 00001313 _____ () C:\AdwCleaner[S3].txt
2014-08-04 19:21 - 2014-08-04 19:21 - 00001249 _____ () C:\AdwCleaner[R3].txt
2014-08-04 19:20 - 2014-08-04 19:20 - 00581957 _____ () C:\Users\Manfred\Desktop\adwcleaner-1.606-en(1).exe
2014-08-04 19:20 - 2014-08-04 19:20 - 00000000 ____D () C:\rbtemp
2014-08-04 19:20 - 2014-08-01 14:31 - 00001034 _____ () C:\Users\Manfred\Desktop\FLVM Player.lnk
2014-08-04 19:13 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-04 11:07 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-08-04 10:59 - 2014-08-02 15:58 - 00031427 _____ () C:\Users\Manfred\Downloads\Addition.txt
2014-08-03 16:14 - 2014-06-22 16:05 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-03 16:13 - 2014-08-03 16:13 - 00001190 _____ () C:\AdwCleaner[S2].txt
2014-08-03 16:12 - 2014-08-03 16:12 - 00001125 _____ () C:\AdwCleaner[R2].txt
2014-08-02 16:17 - 2014-08-02 13:16 - 00000000 ____D () C:\Users\Manfred\Documents\Male-Ware
2014-08-02 15:56 - 2014-08-02 15:56 - 01084928 _____ (Farbar) C:\Users\Manfred\Downloads\FRST.exe
2014-08-01 15:27 - 2014-08-01 14:31 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-08-01 15:24 - 2014-08-01 15:24 - 00001207 _____ () C:\AdwCleaner[S1].txt
2014-08-01 15:23 - 2014-08-01 15:23 - 00001040 _____ () C:\AdwCleaner[R1].txt
2014-08-01 14:37 - 2014-08-01 14:37 - 00000000 ____D () C:\Users\Manfred\Documents\Optimizer Pro
2014-08-01 14:37 - 2014-08-01 14:37 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\Optimizer Pro
2014-08-01 14:31 - 2014-08-01 14:31 - 00581957 _____ () C:\Users\Manfred\Desktop\adwcleaner-1.606-en.exe
2014-08-01 14:31 - 2014-08-01 14:31 - 00001032 _____ () C:\Users\Manfred\Desktop\Optimizer Pro.lnk
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\VOPackage
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IScreeny
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\Users\Manfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLVM Player
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-08-01 14:31 - 2014-08-01 14:31 - 00000000 ____D () C:\Program Files\FLVM Player
2014-08-01 14:28 - 2014-08-01 14:28 - 00648896 _____ (Bechiro-Installer · sl) C:\Users\Manfred\Downloads\AdwCleaner.exe
2014-08-01 14:26 - 2014-08-01 14:26 - 00001072 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-01 14:26 - 2014-08-01 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-01 14:26 - 2014-08-01 14:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-01 14:20 - 2014-08-01 14:20 - 00700980 _____ () C:\Users\Manfred\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-08-01 14:19 - 2014-08-01 14:19 - 00538220 _____ () C:\Users\Manfred\Downloads\noscript-2.6.8.36.xpi.zip
2014-08-01 14:18 - 2014-08-01 14:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manfred\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-08-01 14:17 - 2014-08-01 14:17 - 05329480 _____ (Secunia) C:\Users\Manfred\Downloads\PSISetup_3.0.0.9016.exe
2014-08-01 14:13 - 2013-08-22 08:13 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-01 14:11 - 2014-08-01 14:11 - 00001114 _____ () C:\DelFix.txt
2014-08-01 14:11 - 2014-08-01 14:11 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-01 14:02 - 2013-11-15 12:12 - 00000000 ____D () C:\Users\Manfred\Downloads\bis November 2013
2014-07-31 21:28 - 2014-07-31 21:28 - 00009457 _____ () C:\Users\Manfred\Downloads\Eset.txt
2014-07-31 12:35 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\IME
2014-07-31 12:20 - 2014-07-31 12:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-31 12:19 - 2014-07-31 12:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manfred\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-31 12:14 - 2014-01-26 12:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-31 11:47 - 2012-07-26 06:17 - 00000269 _____ () C:\WINDOWS\win.ini
2014-07-31 10:52 - 2014-01-26 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-30 12:02 - 2014-07-30 12:02 - 00000187 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-29 14:14 - 2014-07-29 14:14 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-29 14:14 - 2014-07-29 14:14 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-29 14:14 - 2014-07-29 14:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-29 14:14 - 2014-06-19 10:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-28 11:38 - 2014-07-28 11:37 - 32047680 _____ () C:\Users\Manfred\Downloads\Firefox_Setup_de31.0.exe
2014-07-26 11:52 - 2013-09-07 12:41 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-07-26 11:21 - 2013-05-10 08:50 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-07-16 10:24 - 2013-09-10 17:30 - 00036152 _____ (TuneUp Software) C:\WINDOWS\system32\uxtuneup.dll
2014-07-16 10:24 - 2013-09-07 12:42 - 00036664 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2014-07-16 10:24 - 2013-09-07 12:42 - 00025400 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2014-07-15 10:12 - 2014-07-15 10:12 - 00000000 ____D () C:\Users\Manfred\AppData\Local\Adobe
2014-07-15 06:45 - 2013-03-25 18:15 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-13 09:01 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-13 08:59 - 2013-08-22 08:13 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-13 08:43 - 2014-03-18 10:04 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-13 08:37 - 2013-08-22 09:22 - 00485264 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-12 12:45 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-12 12:45 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 12:45 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 12:45 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-12 12:45 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-07-12 12:34 - 2014-07-12 12:34 - 00093529 _____ () C:\Users\Manfred\Desktop\HP Installationsfehler beheben – Netzwerk.hta
2014-07-12 12:34 - 2014-05-06 12:28 - 00000000 ____D () C:\Program Files\HP
2014-07-12 12:33 - 2013-01-22 09:36 - 00000000 ____D () C:\Users\Manfred\Documents\Beihilfe
2014-07-12 11:51 - 2012-07-26 08:43 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-12 11:50 - 2013-03-25 18:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-12 11:48 - 2014-07-12 11:48 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-12 11:48 - 2013-08-17 13:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-12 11:47 - 2013-03-27 17:25 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-12 11:46 - 2014-03-18 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 11:45 - 2014-07-12 11:45 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 10:59 - 2014-07-09 10:59 - 00000000 __SHD () C:\Users\Manfred\AppData\Local\EmieUserList
2014-07-09 10:59 - 2014-07-09 10:59 - 00000000 __SHD () C:\Users\Manfred\AppData\Local\EmieSiteList
Some content of TEMP:
====================
C:\Users\Manfred\AppData\Local\Temp\avgnt.exe
C:\Users\Manfred\AppData\Local\Temp\optprosetup.exe
C:\Users\Manfred\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-04 11:07
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:2-08-2014
Ran by Manfred at 2014-08-04 19:49:53
Running from C:\Users\Manfred\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
Ashampoo Burning Studio (HKLM\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-4300-A758B70C0F01}) (Version: 12.15.1.462 - APN, LLC)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Content Manager 2 (HKLM\...\Content Manager 2) (Version: 3.10.0.52790 - NNG Llc.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2602 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.2602 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1410a - CyberLink Corp.)
CyberLink MediaShow (Version: 5.0.1410a - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.5.1412_24021 - CyberLink Corp.)
CyberLink MediaShow Espresso (Version: 5.5.1412_24021 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2718 - CyberLink Corp.)
CyberLink PowerDirector (Version: 8.0.2718 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2925.52 - CyberLink Corp.)
CyberLink PowerDVD 9 (Version: 9.0.2925.52 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2326 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.2.2326 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2626 - CyberLink Corp.)
CyberLink YouCam (Version: 3.0.2626 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
FLV Player (remove only) (HKLM\...\FLVM Player) (Version: - )
Free Audio Converter version 5.0.23.320 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free M4a to MP3 Converter 7.2 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{8A7CB3D4-0C49-4A19-8504-CF250CE1F5E8}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Hilfe (HKLM\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
IScreeny (HKLM\...\IScreeny) (Version: - )
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.1505 - CyberLink Corp.)
Medion Home Cinema (Version: 8.0.1505 - CyberLink Corp.) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x86__8wekyb3d8bbwe (x86) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Naviextras Toolbox Prerequesities (HKLM\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Optimizer Pro v3.2 (HKLM\...\Optimizer Pro_is1) (Version: - ) <==== ATTENTION
Right Backup (HKLM\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4398 - Systweak Software)
ScanSoft OmniPage SE 4.0 (HKLM\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Steuer-Spar-Erklärung 2013 (HKLM\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.07.73 - Akademische Arbeitsgemeinschaft)
Studie zur Verbesserung von HP Deskjet 2540 series (HKLM\...\{FC16C025-71D3-430F-BE61-B7E713E5B582}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.340 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
WEB.DE Club SmartFax (HKLM\...\WEB.DE Club SmartFax) (Version: 2.00.235 - 1&1 Mail & Media GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2440249-1944230807-1698688370-1001_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-2440249-1944230807-1698688370-1001_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
==================== Restore Points =========================
01-08-2014 12:11:25 Ende der Bereinigung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:13 - 2013-08-22 08:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0064A4EB-6388-4C48-81C6-99746DEA4A8E} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {01BCC00A-C6A8-474C-BA2D-3076F3CE544D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {02B97B27-29F3-4F0D-B9D9-1A218C58AD6F} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {03DE1924-3FE1-4D64-9AFA-83BE2B67843E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {03F00483-DFF0-469F-88A0-E7C9E3D9F4A7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {2E5E8DAF-5F7B-4DD0-B6D9-6154B1A6CA1D} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {678555FD-A992-4622-BCCB-A89F836C2CAE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {6F1AFD8C-CB70-41E7-80F0-01A59B7CD6FE} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files\Optimizer Pro\OptProLauncher.exe [2014-07-29] (PC Utilities Software Limited) <==== ATTENTION
Task: {7276DEEA-6ED2-4091-AF19-079E9B8C56C7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {7CCE08F4-EC9E-4612-99CC-D857CD214A0A} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28] (Nuance Communications, Inc.)
Task: {878152FD-CF01-4496-B6A4-307C86FA8CE0} - System32\Tasks\Right Backup_startup => C:\Program Files\Right Backup\RightBackup.exe [2014-07-11] (Systweak)
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {B6DFC327-E4D4-468C-A071-D458EC30ADBF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {D0D89717-A835-4D84-B01D-033DAF3717CB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-12] (Microsoft Corporation)
Task: {D6A010E0-28C2-4360-B06D-6DB72C548BFD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {E6A82C08-8490-4083-9271-DEB458C010CF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {EF3CB7C8-BE78-4F7D-90D1-123882E38108} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-01 14:37 - 2014-08-01 14:37 - 03475912 _____ () c:\Program Files\Optimizer Pro\OptProCrash.dll
2014-08-04 19:25 - 2013-08-02 19:21 - 00886272 _____ () C:\Program Files\Right Backup\System.Data.SQLite.dll
2013-04-06 12:24 - 2010-06-29 23:14 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-07-16 10:24 - 2014-07-16 10:24 - 00585528 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2014-06-04 08:54 - 2014-06-04 08:54 - 00109000 _____ () C:\Users\Manfred\AppData\Local\IScreeny\nfapi.dll
2014-06-04 08:54 - 2014-06-04 08:54 - 00334280 _____ () C:\Users\Manfred\AppData\Local\IScreeny\ProtocolFilters.dll
2014-07-29 14:14 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Manfred\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "Adobe ARM"
HKLM\...\StartupApproved\Run: => "SSBkgdUpdate"
HKLM\...\StartupApproved\Run: => "OpwareSE4"
HKLM\...\StartupApproved\Run: => "CLMLServer"
HKLM\...\StartupApproved\Run: => "YouCam Mirror Tray icon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "HP Software Update"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/04/2014 07:20:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe, Version: 14.0.0.145, Zeitstempel: 0x53aa1aea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f4090df
ID des fehlerhaften Prozesses: 0x82c
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_14_0_0_145.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_14_0_0_145.exe2
Berichtskennung: FlashPlayerPlugin_14_0_0_145.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_14_0_0_145.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_14_0_0_145.exe5
Error: (08/04/2014 07:20:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe, Version: 14.0.0.145, Zeitstempel: 0x53aa1aea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x020f4fa0
ID des fehlerhaften Prozesses: 0x82c
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_14_0_0_145.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_14_0_0_145.exe2
Berichtskennung: FlashPlayerPlugin_14_0_0_145.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_14_0_0_145.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_14_0_0_145.exe5
Error: (08/04/2014 11:10:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/03/2014 04:15:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17039 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 8a0
Startzeit: 01cfaf2547606c8c
Endzeit: 0
Anwendungspfad: C:\WINDOWS\Explorer.EXE
Berichts-ID: 9a8476be-1b18-11e4-afca-00262dc0dc29
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/03/2014 01:25:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10806110
Error: (08/03/2014 01:25:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10806110
Error: (08/03/2014 01:25:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/03/2014 10:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 33167515
Error: (08/03/2014 10:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 33167515
Error: (08/03/2014 10:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (08/04/2014 07:25:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RBClientService" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 15000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/04/2014 07:24:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RBClientService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 15000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/04/2014 07:21:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RBClientService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 15000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/04/2014 07:21:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/04/2014 07:21:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/04/2014 07:21:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2014 07:21:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2014 07:21:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Cyberlink RichVideo Service(CRVS)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2014 07:21:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2014 07:21:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Optimizer Pro Crash Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (08/04/2014 07:20:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_14_0_0_145.exe14.0.0.14553aa1aeaunknown0.0.0.000000000c00000056f4090df82c01cfb0085aaca9d4C:\WINDOWS\system32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exeunknown9a3159b0-1bfb-11e4-afca-00262dc0dc29
Error: (08/04/2014 07:20:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_14_0_0_145.exe14.0.0.14553aa1aeaunknown0.0.0.000000000c00001a5020f4fa082c01cfb0085aaca9d4C:\WINDOWS\system32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exeunknown98d06ca3-1bfb-11e4-afca-00262dc0dc29
Error: (08/04/2014 11:10:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 2540 series\DriverStore\Yeti\V3\amd64\hpinkinsC211.exe
Error: (08/03/2014 04:15:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.170398a001cfaf2547606c8c0C:\WINDOWS\Explorer.EXE9a8476be-1b18-11e4-afca-00262dc0dc29
Error: (08/03/2014 01:25:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10806110
Error: (08/03/2014 01:25:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10806110
Error: (08/03/2014 01:25:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/03/2014 10:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 33167515
Error: (08/03/2014 10:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 33167515
Error: (08/03/2014 10:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 2934.6 MB
Available physical RAM: 1753.36 MB
Total Pagefile: 3446.6 MB
Available Pagefile: 2024.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.73 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:424.66 GB) (Free:391.32 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:21.5 GB) NTFS
Drive i: (Elements) (Fixed) (Total:931.28 GB) (Free:702.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 884D7A8E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=425 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
========================================================
Disk: 2 (Size: 932 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=932 GB) - (Type=0C)
==================== End Of Log ============================ Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 19:53 on 04/08/2014 by Manfred
Administrator - Elevation successful
========== filefind ==========
Searching for "*IScreeny*"
C:\Users\Manfred\AppData\Local\IScreeny\IScreeny.exe --a---- 1170888 bytes [11:56 20/06/2014] [11:56 20/06/2014] 8930CC4BCF47A5D0F86F89286523D2D0
C:\Users\Manfred\AppData\Local\IScreeny\IScreenyHelper.exe --a---- 173728 bytes [05:14 02/07/2014] [05:14 02/07/2014] AB5D62C478369E395AE558F147FE7ED2
C:\Users\Manfred\AppData\Local\Microsoft\Windows\INetCache\IE\1DFJ48FO\IScreenySetup[1].exe --a---- 2350080 bytes [12:31 01/08/2014] [12:31 01/08/2014] EA470999354126CE5835E4F62ED98F14
C:\Users\Manfred\AppData\Local\Temp\n8272\iScreenyInstall_0807-b7266691.exe --a---- 170632 bytes [12:31 01/08/2014] [12:31 01/08/2014] FF988AF505FDBF6031F76B3683B99CB3
C:\Users\Manfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IScreeny\IScreeny.lnk --a---- 1119 bytes [12:31 01/08/2014] [12:31 01/08/2014] A8CBD93A386B9FFA3E7F0EEC6B9B023C
C:\Windows\iscreenyfilter.sys --a---- 41632 bytes [05:40 25/06/2014] [05:40 25/06/2014] 373FD16D19F14EFB6B311490C389F2DA
C:\Windows\Prefetch\ISCREENY.EXE-3CC832B8.pf --a---- 16920 bytes [08:00 02/08/2014] [08:00 02/08/2014] 05402A37D5E5ADF04270DF97DCD7382A
C:\Windows\Prefetch\ISCREENYHELPER.EXE-9D48C010.pf --a---- 41268 bytes [08:00 02/08/2014] [17:44 04/08/2014] F70B8B6AB192E26924CBEEAFA69B25F8
========== folderfind ==========
Searching for "*IScreeny*"
C:\Users\Manfred\AppData\Local\IScreeny d------ [12:31 01/08/2014]
C:\Users\Manfred\AppData\Local\IScreeny\iscreenyfilterTemp d------ [12:31 01/08/2014]
C:\Users\Manfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IScreeny d------ [12:31 01/08/2014]
========== regfind ==========
Searching for "IScreeny"
[HKEY_CURRENT_USER\Software\IScreeny]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IScreeny"="C:\Users\Manfred\AppData\Local\IScreeny\IScreeny.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IScreenyUpdater"="C:\Users\Manfred\AppData\Local\IScreeny\Updater.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\IScreeny]
[HKEY_LOCAL_MACHINE\SOFTWARE\IScreeny]
@="C:\Users\Manfred\AppData\Local\IScreeny"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IScreeny]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IScreeny]
"DisplayName"="IScreeny"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IScreeny]
"UninstallString"="C:\Users\Manfred\AppData\Local\IScreeny\uninstall.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iscreenyfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iscreenyfilter]
"ImagePath"="iscreenyfilter.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iscreenyfilter]
"DisplayName"="iscreenyfilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iscreenyfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iscreenyfilter]
"ImagePath"="iscreenyfilter.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iscreenyfilter]
"DisplayName"="iscreenyfilter"
[HKEY_USERS\S-1-5-21-2440249-1944230807-1698688370-1001\Software\IScreeny]
[HKEY_USERS\S-1-5-21-2440249-1944230807-1698688370-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"IScreeny"="C:\Users\Manfred\AppData\Local\IScreeny\IScreeny.exe"
[HKEY_USERS\S-1-5-21-2440249-1944230807-1698688370-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"IScreenyUpdater"="C:\Users\Manfred\AppData\Local\IScreeny\Updater.exe"
-= EOF =- |