Hannibal_2 | 06.02.2015 20:20 | Liste der Anhänge anzeigen (Anzahl: 1) Hallo Sandra,
das Bild der Quarantäne hänge ich an.
Ich habe Deine Schritt für Schritt Anleitung durchgeführt.
hier die Logs:
Fixlog.txt Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-02-2015
Ran by Andreas at 2015-02-06 17:14:47 Run:1
Running from C:\Users\Andreas\Desktop
Loaded Profiles: Andreas (Available profiles: Andreas)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\S-1-5-21-695030953-4224019398-3706738656-1000\...\Run: [cmd] => C:\Users\Andreas\AppData\Local\Temp\Shuka\PackerV2.exe [5165056 2014-12-14] (Packer Framework) <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PackerV2.exe.lnk
ShortcutTarget: PackerV2.exe.lnk -> C:\Users\Andreas\AppData\Local\Temp\Shuka\PackerV2.exe (Packer Framework)
C:\Users\Andreas\AppData\Local\Temp\Shuka
Update Manager for SweetPacks 1.1 (Version: 1.1.0008 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:375A40C3
AlternateDataStreams: C:\ProgramData\TEMP:5F64C164
*****************
HKU\S-1-5-21-695030953-4224019398-3706738656-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cmd => value deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PackerV2.exe.lnk => Moved successfully.
C:\Users\Andreas\AppData\Local\Temp\Shuka\PackerV2.exe => Moved successfully.
C:\Users\Andreas\AppData\Local\Temp\Shuka => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}\\SystemComponent => value deleted successfully.
C:\ProgramData\TEMP => ":375A40C3" ADS removed successfully.
C:\ProgramData\TEMP => ":5F64C164" ADS removed successfully.
==== End of Fixlog 17:14:50 ====
AdwCleaner(S0).txt Code:
# AdwCleaner v4.110 - Bericht erstellt 06/02/2015 um 17:59:27
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : Andreas - ANDREAS-PC
# Gestarted von : C:\Users\Andreas\Downloads\AdwCleaner_4.110.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Yahoo! Companion
Ordner Gelöscht : C:\ProgramData\Packer
Ordner Gelöscht : C:\Program Files\DVDVideoSoftTB
Ordner Gelöscht : C:\Program Files\SweetIM
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\Common Files\Tobit
Ordner Gelöscht : C:\Users\Andreas\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Andreas\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\Tobit
Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
[!] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\1jao9sxz.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[!] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\1jao9sxz.default\Extensions\torntv@torntv.com.xpi
Datei Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\1jao9sxz.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gelöscht : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
Datei Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\1jao9sxz.default\searchplugins\Web Search.xml
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\and
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\SOFTWARE\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F04C4F83-D9C7-408C-9DEB-D5526E72108C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Internetbrowser ] *****
-\\ Internet Explorer v9.0.8112.16584
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [SEARCH PAGE]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v35.0.1 (x86 de)
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8da37f89-8891-4f3d-9a2b-7bf5ef8cf41f&affid=111583&searchtype=hp&babsrc=lnkry&installDate=01/01/1970"[...]
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.enabledItems", "{8da37f89-8891-4f3d-9a2b-7bf5ef8cf41f}:1.0,helperbar@helperbar.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,[...]
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.Country", "Germany");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 23131394);
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.UserID", "8da37f89-8891-4f3d-9a2b-7bf5ef8cf41f");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.Visibility", true);
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.affid", "111583");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.countryiso", "de");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.downloadprovider", "oc");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.installationid", "8da37f89-8891-4f3d-9a2b-7bf5ef8cf41f");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.publisher", "oc");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8da37f89-8891-4f3d-9a2b-7bf5ef8cf41f&affid=111583&searchtype=ds&babsrc=lnkry&installDate=01/01/1970&q=");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.Visibility.enable", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.cargo", "3.1010000.10011");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.cda.returnValue", "none");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.0.height", "335");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.0.width", "761");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.1.height", "300");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.1.width", "500");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.2.height", "150");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dialogs.2.width", "530");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*.*.facebook.com/.*.*.google.com/.*.*.google.co.in/.*.*.google.com.br/.*.*.google.es/.*.*.youtube.com/.*.*.yahoo.com/.*.[...]
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.mode.debug", "false");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.newtab.created", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.newtab.enable", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.apps.)?facebook\\.com.*");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.0.enable", "false");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.apps.)?facebook\\.com.*");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.1.enable", "false");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.2.callback", "");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*.*.bing..*.*.live..*.*.msn..*.*.yahoo..*.*.youtube.com.*.*ask.com.*.*.sweetim.com.*");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.2.enable", "false");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.search.history.capacity", "10");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.simapp_id", "{45BD610B-5421-4D88-B479-8A1A17FF0E4B}");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={45BD610B-5421-4D88-B479-8A1A17FF0E4B}");
[1jao9sxz.default\prefs.js] - Zeile Gelöscht : user_pref("sweetim.toolbar.version", "1.9.0.0");
-\\ Google Chrome v40.0.2214.94
*************************
AdwCleaner[R0].txt - [20688 Bytes] - [06/02/2015 17:54:12]
AdwCleaner[S0].txt - [20308 Bytes] - [06/02/2015 17:59:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20368 Bytes] ########## In dem Ordner von AdwCleaner war noch eine Datei AdwCleaner(R0).txt
brauchst Du die auch?
mbam.txt Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 06.02.2015 18:18:56, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Starting,
Protection, 06.02.2015 18:18:56, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Started,
Protection, 06.02.2015 18:18:56, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Update, 06.02.2015 18:19:04, SYSTEM, ANDREAS-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 06.02.2015 18:19:04, SYSTEM, ANDREAS-PC, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1,
Update, 06.02.2015 18:19:21, SYSTEM, ANDREAS-PC, Manual, Malware Database, 2014.11.20.6, 2015.2.6.6,
Protection, 06.02.2015 18:20:26, SYSTEM, ANDREAS-PC, Protection, Refresh, Starting,
Protection, 06.02.2015 18:20:26, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Protection, 06.02.2015 18:20:26, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopping,
Protection, 06.02.2015 18:20:27, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopped,
Protection, 06.02.2015 18:20:38, SYSTEM, ANDREAS-PC, Protection, Refresh, Success,
Protection, 06.02.2015 18:20:38, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 18:20:38, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Protection, 06.02.2015 18:21:26, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopping,
Protection, 06.02.2015 18:21:26, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopped,
Protection, 06.02.2015 18:21:26, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Stopping,
Protection, 06.02.2015 18:21:27, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Stopped,
Update, 06.02.2015 18:22:08, SYSTEM, ANDREAS-PC, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1,
Update, 06.02.2015 18:22:08, SYSTEM, ANDREAS-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Protection, 06.02.2015 18:22:08, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Starting,
Protection, 06.02.2015 18:22:08, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Started,
Protection, 06.02.2015 18:22:09, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 18:22:11, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Update, 06.02.2015 18:22:25, SYSTEM, ANDREAS-PC, Manual, Malware Database, 2014.11.20.6, 2015.2.6.6,
Protection, 06.02.2015 18:22:25, SYSTEM, ANDREAS-PC, Protection, Refresh, Starting,
Protection, 06.02.2015 18:22:25, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopping,
Protection, 06.02.2015 18:22:25, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopped,
Protection, 06.02.2015 18:22:36, SYSTEM, ANDREAS-PC, Protection, Refresh, Success,
Protection, 06.02.2015 18:22:36, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 18:22:36, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Update, 06.02.2015 18:55:52, SYSTEM, ANDREAS-PC, Scheduler, Malware Database, 2015.2.6.6, 2015.2.6.7,
Protection, 06.02.2015 18:55:52, SYSTEM, ANDREAS-PC, Protection, Refresh, Starting,
Protection, 06.02.2015 18:55:52, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopping,
Protection, 06.02.2015 18:55:53, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopped,
Protection, 06.02.2015 18:56:27, SYSTEM, ANDREAS-PC, Protection, Refresh, Success,
Protection, 06.02.2015 18:56:27, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 18:56:30, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Protection, 06.02.2015 19:02:51, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Starting,
Protection, 06.02.2015 19:02:53, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Started,
Protection, 06.02.2015 19:02:53, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 19:05:40, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
(end) frst.txt Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 06.02.2015 18:18:56, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Starting,
Protection, 06.02.2015 18:18:56, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Started,
Protection, 06.02.2015 18:18:56, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Update, 06.02.2015 18:19:04, SYSTEM, ANDREAS-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 06.02.2015 18:19:04, SYSTEM, ANDREAS-PC, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1,
Update, 06.02.2015 18:19:21, SYSTEM, ANDREAS-PC, Manual, Malware Database, 2014.11.20.6, 2015.2.6.6,
Protection, 06.02.2015 18:20:26, SYSTEM, ANDREAS-PC, Protection, Refresh, Starting,
Protection, 06.02.2015 18:20:26, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Protection, 06.02.2015 18:20:26, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopping,
Protection, 06.02.2015 18:20:27, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopped,
Protection, 06.02.2015 18:20:38, SYSTEM, ANDREAS-PC, Protection, Refresh, Success,
Protection, 06.02.2015 18:20:38, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 18:20:38, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Protection, 06.02.2015 18:21:26, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopping,
Protection, 06.02.2015 18:21:26, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopped,
Protection, 06.02.2015 18:21:26, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Stopping,
Protection, 06.02.2015 18:21:27, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Stopped,
Update, 06.02.2015 18:22:08, SYSTEM, ANDREAS-PC, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1,
Update, 06.02.2015 18:22:08, SYSTEM, ANDREAS-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Protection, 06.02.2015 18:22:08, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Starting,
Protection, 06.02.2015 18:22:08, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Started,
Protection, 06.02.2015 18:22:09, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 18:22:11, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Update, 06.02.2015 18:22:25, SYSTEM, ANDREAS-PC, Manual, Malware Database, 2014.11.20.6, 2015.2.6.6,
Protection, 06.02.2015 18:22:25, SYSTEM, ANDREAS-PC, Protection, Refresh, Starting,
Protection, 06.02.2015 18:22:25, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopping,
Protection, 06.02.2015 18:22:25, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopped,
Protection, 06.02.2015 18:22:36, SYSTEM, ANDREAS-PC, Protection, Refresh, Success,
Protection, 06.02.2015 18:22:36, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 18:22:36, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Update, 06.02.2015 18:55:52, SYSTEM, ANDREAS-PC, Scheduler, Malware Database, 2015.2.6.6, 2015.2.6.7,
Protection, 06.02.2015 18:55:52, SYSTEM, ANDREAS-PC, Protection, Refresh, Starting,
Protection, 06.02.2015 18:55:52, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopping,
Protection, 06.02.2015 18:55:53, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Stopped,
Protection, 06.02.2015 18:56:27, SYSTEM, ANDREAS-PC, Protection, Refresh, Success,
Protection, 06.02.2015 18:56:27, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 18:56:30, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
Protection, 06.02.2015 19:02:51, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Starting,
Protection, 06.02.2015 19:02:53, SYSTEM, ANDREAS-PC, Protection, Malware Protection, Started,
Protection, 06.02.2015 19:02:53, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Starting,
Protection, 06.02.2015 19:05:40, SYSTEM, ANDREAS-PC, Protection, Malicious Website Protection, Started,
(end) addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2015
Ran by Andreas at 2015-02-06 19:18:32
Running from C:\Users\Andreas\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D-Garten 8.0 (HKLM\...\{554A4E80-0002-2006-0407-11FF59A27A18}) (Version: 8.0 - DiComp)
Acer Arcade Deluxe (HKLM\...\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}) (Version: 1.12.4213 - CyberLink Corporation)
Acer Crystal Eye webcam (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 7.96.701.07a - Acer Crystal Eye webcam)
Acer Crystal Eye webcam (HKLM\...\{DD1DED37-2486-4F56-8F89-56AA814003F5}) (Version: 2.0.0.8 - Acer Crystal Eye webcam)
Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 2.5.4012 - )
Acer eDataSecurity Management (HKLM\...\{AEEAE013-92F1-4515-B278-139F1A692A36}) (Version: 2.5.4241 - HiTRUST Inc.)
Acer eLock Management (HKLM\...\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}) (Version: 2.5.4008 - Acer Inc.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4008 - Acer Inc.)
Acer eNet Management (HKLM\...\{C06554A1-2C1E-4D20-B613-EE62C79927CC}) (Version: 2.6.4008 - Acer Inc.)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.5.4017 - Acer Inc.)
Acer ePresentation Management (HKLM\...\{BF839132-BD43-4056-ACBF-4377F4A88E2A}) (Version: 2.5.4002 - Acer Inc.)
Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4011 - Acer Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.68.622 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 1.0.3003 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.12.20070515 - Acer Inc.)
Acer Tour (HKLM\...\{94389919-B0AA-4882-9BE8-9F0B004ECA35}) (Version: 2.0.1003 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader 8.1.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.1 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM\...\AFPL Ghostscript Fonts) (Version: - )
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - Alps Electric)
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
Avira (HKLM\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Big Kahuna Reef 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111310630}) (Version: - Oberon Media)
Cake Mania (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Crystal Reports Modules (HKLM\...\{957344B3-FD27-45B5-8026-44FEAB0F340A}) (Version: 1.0.0 - ideYAPI LTD.)
DATA BECKER 3D Garten Designer 9 (HKLM\...\3D Garten Designer 9_is1) (Version: 9.0 - DATA BECKER GmbH & Co. KG)
Denken und Rechnen 2 (HKLM\...\Denken und Rechnen 2) (Version: - )
DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: - )
Dynasty (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}) (Version: - Oberon Media)
Free Video Dub version 2.0.22.925 (HKLM\...\Free Video Dub_is1) (Version: 2.0.22.925 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.1.42.1212 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.42.1212 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
Galapago (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Garmin Communicator Plugin (HKLM\...\{86B879A5-927E-4536-B5FC-17CA96B60078}) (Version: 2.6.4 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{B1102A25-3AA3-446B-AA0F-A699B07A02FD}) (Version: 1.0.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Earth (HKLM\...\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}) (Version: 4.3.7284.3916 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
ideCAD Architektur 5 Demo (HKLM\...\{8CE203AB-DD76-4340-A4BA-DBCCA19027B4}) (Version: 5.49.000 - )
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Luxor 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}) (Version: - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
meinHausplaner (HKLM\...\meinHausplaner) (Version: - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files - Prime Suspects (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}) (Version: - Oberon Media)
Mystery Case Files Ravenhearst (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}) (Version: - Oberon Media)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
NTI Backup NOW! 4.7 (HKLM\...\{67ADE9AF-5CD9-4089-8825-55DE4B366799}) (Version: 4 - NewTech Infosystems)
NTI CD & DVD-Maker (HKLM\...\InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}) (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM\...\{2217B0B4-35CB-48C6-B640-864DF2F30F99}) (Version: 3.2.9483 - OpenOffice.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.4.7 - Nikon)
Poker Mania (HKLM\...\Poker Mania) (Version: - )
PowerProducer 3.72 (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 074117(3.7)_Vista_Acer - CyberLink Corporation)
Protect Disc License Helper 1.0.118 (HKLM\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5413 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Samsung Master (HKLM\...\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}) (Version: 1.1.14 - Samsung)
Sandlot Games Client Services (HKLM\...\Sandlot Games Client Services_is1) (Version: - Sandlot Games)
Star Defender 3 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111730193}) (Version: - Oberon Media)
Texas Hold'em Poker 3D - Deluxe Edition 1.0 (HKLM\...\{E8889865-31D8-4BE9-8CE4-20AEF81AD85E}_is1) (Version: Texas Hold'em Poker 3D - Deluxe Edition - S.A.D. GmbH)
Treasures of the Deep (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}) (Version: - Oberon Media)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for Office 2007 (KB934528) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{2B939677-2FFD-48F6-9075-7BF48CB87C80}) (Version: - )
Update for Office System 2007 Setup (KB929722) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}) (Version: - )
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.6.0 - Nikon)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) (HKLM\...\45A7283175C62FAC673F913C1F532C5361F97841) (Version: 03/08/2007 2.2.1.0 - Garmin)
Zuma Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version: - Oberon Media)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{015C652B-6D65-49E9-9A0F-F9A2E1C4678E}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{05F12417-022F-4164-8D3E-5F04C787DE31}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{07B2FFC7-FFF6-471C-AEC2-A93478209B06}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{08C5B872-ECA4-11D4-A7B9-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{23C3C2C4-FA91-11D3-A6DC-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{2CC7C7B2-9B2D-11d3-9099-00A0C9E71419}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{343D9CAF-DA8E-11D3-9C9A-00A0C9C84608}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{343D9CB1-DA8E-11D3-9C9A-00A0C9C84608}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{343D9CB3-DA8E-11D3-9C9A-00A0C9C84608}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{343D9CB9-DA8E-11D3-9C9A-00A0C9C84608}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{377EBDC3-D059-11D4-A7A3-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{38F91081-BA6D-4659-BF13-1712E85C953E}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{3D4F2CB5-268C-4C2D-A055-6D66D527E44D}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{3E5BBAF2-F63A-4EB7-A356-9C4BBD494CA9}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{3ECFE218-336F-44C8-8911-BB501477F201}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{401643B8-C6EB-11D4-A79B-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{4126E7DD-2705-458D-9459-9AB8C18CDEA1}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\datadefmodel.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{454CC187-E49D-11D3-9CA2-00A0C9C84608}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{479DDB54-7CD7-11D3-A657-00902771E565}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\tslv.dll ()
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{660ADE75-F449-11D3-A6D2-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{660ADE77-F449-11D3-A6D2-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{771C41D0-CCB4-456B-AE1E-7CBAE6298B40}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{7DE5C439-9CF2-4761-AFFD-C1A053782B30}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\datadefmodel.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{84663529-9F6C-4C15-9F36-5E3F5FFFD1DA}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{86C49566-24FD-487F-8D3A-CFBB1CB240E6}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\datadefmodel.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{8D7D6A02-D121-11D4-A7A4-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{8D7D6A04-D121-11D4-A7A4-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{8E205F3C-52CE-4578-AC81-A7089CDD6073}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\keycodeV2.dll (Crystal Decisions)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{948D9136-1C5A-4C1A-B59D-EBAA269B45E0}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{985E4039-F6AE-11D3-9CB4-00A0C9C84608}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{999BCD90-23D9-4890-948B-D0AE7078CF0A}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\saxmlserialize.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{9CD5A7CF-1E0F-48CB-A70A-7B188951D04B}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{9DFDA656-6083-4330-A8FA-D538ACBBB172}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{9FB0B350-2265-11D2-BF06-00A0C9B82ABA}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\s2sqlprs.dll (Seagate Software, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{9FB0B352-2265-11D2-BF06-00A0C9B82ABA}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\s2sqlprs.dll (Seagate Software, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{9FB0B357-2265-11D2-BF06-00A0C9B82ABA}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\s2sqlprs.dll (Seagate Software, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{9FB0B359-2265-11D2-BF06-00A0C9B82ABA}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\s2sqlprs.dll (Seagate Software, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{A1F5F582-001B-11D4-A6E1-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{A57AA692-F5E2-11D3-A6D4-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{A57AA69A-F5E2-11D3-A6D4-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{A57AA69C-F5E2-11D3-A6D4-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{A6584661-F925-11D3-A6D8-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{A798775F-0C79-4AFD-A972-B5E8AD6C1ADE}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{B7E8605E-329E-11D4-AAA2-00902741F1FC}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\crqe.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{C113DA70-E957-11D3-A6C7-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{C978FD27-F390-11D3-A6D1-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{C978FD29-F390-11D3-A6D1-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{CFA1F8B3-46F9-444B-AA19-7A284D008A74}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D330E092-F158-11D4-A7BE-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D330E09B-F158-11D4-A7BE-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D330E09F-F158-11D4-A7BE-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D330E0A1-F158-11D4-A7BE-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D330E0A3-F158-11D4-A7BE-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D330E0A5-F158-11D4-A7BE-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D330E0A7-F158-11D4-A7BE-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D330E0A9-F158-11D4-A7BE-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{D97C7D7D-FF5B-4802-BE3F-D8748E986F7B}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\keycodeV2.dll (Crystal Decisions)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{DBA36674-FB63-11D3-9CB6-00A0C9C84608}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{DBA36678-FB63-11D3-9CB6-00A0C9C84608}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{E04F5EF0-FF09-4C86-B0EC-A4EC377C4DCF}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\saxmlserialize.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{E69D927A-9686-4CE1-800C-FF739EEC7EB3}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{E86BB58D-0A87-4DE2-92F7-E74DA7FEBB3F}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\SACommonControls.dll (Crystal Decisions Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{F986A051-D154-11d4-A7A4-00902771FF87}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\ExportModeller.dll (Crystal Decisions, Inc.)
CustomCLSID: HKU\S-1-5-21-695030953-4224019398-3706738656-1000_Classes\CLSID\{FA189F65-BFB2-4cb7-BC35-0E97F508011E}\InprocServer32 -> C:\Program Files\Common Files\Crystal Decisions\1.0\Bin\keycodeV2.dll (Crystal Decisions)
==================== Restore Points =========================
15-01-2015 20:35:54 Windows Update
15-01-2015 20:56:42 Windows Update
31-01-2015 10:18:40 Windows Update
05-02-2015 19:27:44 Windows Update
06-02-2015 17:21:19 Removed Java(TM) 6 Update 26
06-02-2015 17:25:17 Removed Linkury Smartbar
06-02-2015 17:27:10 Removed Linkury Smartbar
06-02-2015 17:32:57 Removed Java(TM) 6 Update 26
06-02-2015 17:34:34 Removed Linkury Smartbar
06-02-2015 17:41:32 Revo Uninstaller's restore point - Linkury Smartbar
06-02-2015 17:41:51 Removed Linkury Smartbar
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {166C06E1-F91D-4CB8-B3A3-91DD8FC124DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1DBC7DE7-C3B3-42CD-A466-FDA8D0999B43} - System32\Tasks\Microsoft\Windows\RestartManager\{2357A169-3205-4d6d-A548-F79A8EB9ECED} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {6825395E-9EE3-4726-BB58-61CF6B2FABB9} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Andreas => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {B2DA1320-4CAA-4C9F-BE59-03B990FD3591} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.)
Task: {D1F3D537-21BC-4FC1-A892-FF6446892A45} - System32\Tasks\{F4D13830-066A-4B6E-81E6-7BE644EDCC8D} => pcalua.exe -a C:\Users\Andreas\AppData\Local\Temp\Temp2_mein_hpl_2008.zip\MEIN_HPL_2008.exe
Task: {E2D74F6A-F7CC-4CB4-A6C3-24F63F25301D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {EF1FDE15-725D-45E7-975B-0A8C0192EE0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.)
Task: {F6FA62FD-07E0-4660-8737-36157ED84369} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-30] (Google)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2009-08-02 21:43 - 2005-01-06 17:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2007-07-28 11:16 - 2007-01-26 13:24 - 00050688 _____ () C:\Acer\ALaunch\ALaunchSvc.exe
2007-07-28 10:55 - 2006-11-24 11:57 - 00107008 _____ () C:\Acer\Mobility Center\MobilityService.exe
2007-07-28 10:55 - 2006-10-24 09:54 - 00033280 _____ () C:\Acer\Mobility Center\MobilityInterface.dll
2007-07-28 10:53 - 2007-01-23 14:48 - 00266343 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2007-09-07 21:24 - 2007-02-13 05:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
2007-09-07 21:24 - 2007-02-13 05:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\IERYETF.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
2007-07-28 10:38 - 2007-06-28 17:50 - 00114688 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Library.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00006656 _____ () C:\Acer\Empowering Technology\eSettings\Service\CPUID.dll
2007-04-25 15:30 - 2007-04-25 15:30 - 00063488 _____ () C:\Windows\system32\ShowErrMsg.dll
2007-04-25 15:31 - 2007-04-25 15:31 - 00028672 _____ () C:\Windows\system32\BatchCrypto.dll
2007-07-28 10:33 - 2007-02-07 08:25 - 00208896 _____ () C:\Acer\Empowering Technology\EPOWER\SysHook.dll
2007-07-28 10:24 - 2007-06-15 15:15 - 00057344 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
2007-07-28 10:24 - 2007-06-15 15:47 - 00024576 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
2007-07-28 10:39 - 2007-06-11 13:54 - 00106496 _____ () C:\Acer\Empowering Technology\eAudio\eAudioUI.dll
2007-07-28 10:39 - 2007-03-22 10:51 - 00003584 _____ () C:\Acer\Empowering Technology\eAudio\de\eAudioUI.resources.dll
2007-07-28 10:35 - 2007-04-11 15:42 - 00307200 _____ () C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
2007-07-28 10:35 - 2007-04-11 14:07 - 00077824 _____ () C:\Acer\Empowering Technology\ePresentation\de\ePresentationCTL.resources.dll
2007-07-28 10:37 - 2007-05-24 08:53 - 00679936 _____ () C:\Acer\Empowering Technology\eLock\eLockCTL.dll
2007-07-28 10:37 - 2007-05-24 08:53 - 00106496 _____ () C:\Acer\Empowering Technology\eLock\de\eLockCTL.resources.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00028672 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 03420160 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00155648 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
2007-07-28 20:21 - 2007-06-13 15:56 - 00249856 ____R () C:\Acer\Empowering Technology\eNet\eNetPlugin.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00003584 _____ () C:\Acer\Empowering Technology\eSettings\de\eSettings.Plugin.resources.dll
2007-07-28 10:38 - 2007-06-28 17:50 - 00010752 _____ () C:\Acer\Empowering Technology\eSettings\de\eSettings.Presenter.resources.dll
2009-10-20 20:02 - 2010-05-06 20:50 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-695030953-4224019398-3706738656-1000\Control Panel\Desktop\\Wallpaper -> c:\Windows\Web\wallpaper\Acer01.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-695030953-4224019398-3706738656-500 - Administrator - Disabled)
Andreas (S-1-5-21-695030953-4224019398-3706738656-1000 - Administrator - Enabled) => C:\Users\Andreas
ASPNET (S-1-5-21-695030953-4224019398-3706738656-1002 - Limited - Enabled)
Gast (S-1-5-21-695030953-4224019398-3706738656-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2015 07:02:34 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
Error: (02/06/2015 05:41:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {76884a30-9290-4e7b-84cd-d09503961cd0}
Error: (02/06/2015 04:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung avira_de.exe, Version 1.1.29.22350, Zeitstempel 0x52974fc4, fehlerhaftes Modul WixStdBA.dll, Version 3.8.2431.0, Zeitstempel 0x54a3de01, Ausnahmecode 0xc0000005, Fehleroffset 0x00005689,
Prozess-ID 0x1508, Anwendungsstartzeit avira_de.exe0.
Error: (01/31/2015 04:23:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
bei System.Windows.Media.Composition.DUCE+Channel.SyncFlush()
bei System.Windows.Media.MediaContext.CompleteRender()
bei System.Windows.Interop.HwndTarget.OnResize()
bei System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
bei System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei System.Windows.Forms.UnsafeNativeMethods.GetMessageW(MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Forms.Application+ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr, Int32, Int32)
bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
bei System.Windows.Forms.Application.Run(System.Windows.Forms.Form)
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/31/2015 04:22:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: e34
Anfangszeit: 01d03d67f4e0bef0
Zeitpunkt der Beendigung: 513
Error: (01/31/2015 10:38:14 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Andreas-PC)
Description: 0Avira.OE.ServiceHost.exeAvira Service Host03026216123682343003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E00530070006500650064007500700043006F006E006E006500630074006F0072002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E00530065007200760069006300650048006F00730074002E00650078006500000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E004100760043006F006E006E006500630074006F0072004E00610074006900760065002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E00440072006F00700062006F00780043006F006E006E006500630074006F0072002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C0057006500620053006F0063006B006500740034004E00650074002E0064006C006C00000043003A005C00570069006E0064006F00770073005C00730079007300740065006D00330032005C006D0073007600630070003100320030002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E004100760043006F006E006E006500630074006F0072002E0049006E0074006500720066006100630065002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E0043006F006D006D0075006E0069006300610074006F0072002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00640065002D00440045005C00410076006900720061002E004F0045002E00530065007200760069006300650048006F00730074002E007200650073006F00750072006300650073002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C004E004C006F0067002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E004E006100740069007600650043006F00720065002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E00530070006500650064007500700043006F006E006E006500630074006F0072002E0049006E0074006500720066006100630065002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C004D0069007800700061006E0065006C002E004E00450054002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E00420072006F00770073006500720045007800740065006E00730069006F006E0043006F006E006E006500630074006F0072002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E00570069006E0043006F00720065002E0049006E0074006500720066006100630065002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C0049006F006E00690063002E005A00690070002E0052006500640075006300650064002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E004100760043006F006E006E006500630074006F0072002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00530065007200760069006300650053007400610063006B002E0054006500780074002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E00440072006F00700062006F00780043006F006E006E006500630074006F0072002E0049006E0074006500720066006100630065002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E00570069006E0043006F00720065002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00410076006900720061002E004F0045002E0043006F006D006D0075006E0069006300610074006F0072002E0049006E0074006500720066006100630065002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C00410076006900720061005C004D0079002000410076006900720061005C00530079007300740065006D002E0044006100740061002E00530051004C006900740065002E0064006C006C00000043003A005C00570069006E0064006F00770073005C00730079007300740065006D00330032005C006D0073007600630072003100320030002E0064006C006C000000
Error: (01/31/2015 10:21:33 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
bei System.Windows.Media.Composition.DUCE+Channel.SyncFlush()
bei System.Windows.Media.MediaContext.CompleteRender()
bei System.Windows.Interop.HwndTarget.OnResize()
bei System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
bei System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei System.Windows.Forms.UnsafeNativeMethods.GetMessageW(MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Forms.Application+ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr, Int32, Int32)
bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
bei System.Windows.Forms.Application.Run(System.Windows.Forms.Form)
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/31/2015 10:08:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung PackerV2.exe, Version 2.1.1615.1214, Zeitstempel 0x548d9b76, fehlerhaftes Modul PackerV2.exe, Version 2.1.1615.1214, Zeitstempel 0x548d9b76, Ausnahmecode 0xc0000005, Fehleroffset 0x00033793,
Prozess-ID 0xd2c, Anwendungsstartzeit PackerV2.exe0.
Error: (01/31/2015 10:06:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Avira.OE.Setup.Bundle.exe, Version 1.1.27.25527, Zeitstempel 0x52974fc4, fehlerhaftes Modul WixStdBA.dll, Version 3.8.2028.0, Zeitstempel 0x5458d5e9, Ausnahmecode 0xc0000005, Fehleroffset 0x00005600,
Prozess-ID 0xa9c, Anwendungsstartzeit Avira.OE.Setup.Bundle.exe0.
Error: (01/15/2015 09:13:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
System errors:
=============
Error: (02/06/2015 07:06:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86
Error: (02/06/2015 07:02:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (02/06/2015 06:02:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (02/06/2015 05:59:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Softwarelizenzierung11200001Neustart des Diensts
Error: (02/06/2015 05:59:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Avira Service Host1100001Neustart des Diensts
Error: (02/06/2015 05:59:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Presentation Foundation Font Cache 4.0.0.0101Neustart des Diensts
Error: (02/06/2015 05:59:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Neustart des Diensts
Error: (02/06/2015 05:59:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ALaunch Service1
Error: (02/06/2015 05:59:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ePower Service1
Error: (02/06/2015 05:59:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: eSettings Service1600001Neustart des Diensts
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-02-06 19:18:19.479
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:18:18.559
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:18:17.623
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:18:16.671
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:18:15.501
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:18:14.565
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:18:13.629
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:18:12.662
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:17:28.763
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-06 19:17:27.890
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-52
Percentage of memory in use: 61%
Total physical RAM: 1790.19 MB
Available physical RAM: 692.31 MB
Total Pagefile: 3828.9 MB
Available Pagefile: 2128.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1906.94 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:69.77 GB) (Free:18.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:69.52 GB) (Free:21.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: B5BBB0F3)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=69.8 GB) - (Type=06)
Partition 3: (Not Active) - (Size=69.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Das sind ne Menge Daten. Ich hoffe ich habe nichts vergessen.
Sollte man evtl. mit den Programmen AdwCleaner und Malwarebytes Anti-Malware regelmäßig einen Scan vom dem System machen lassen?
Ich habe noch eine externe Festplatte. Die hängt aber nur sporadisch am Rechner. Sollte man da auch mal suchen lassen?
Viele Grüße
Andreas |