Kampffisch | 20.02.2015 22:06 | ier einer vom 15.2 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 15.02.2015
Suchlauf-Zeit: 10:53:32
Logdatei: junkjnk.txt
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2015.02.13.08
Rootkit Datenbank: v2015.02.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Andi
Suchlauf-Art: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 536890
Verstrichene Zeit: 1 Std, 18 Min, 23 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, 3224, Löschen bei Neustart, [23efa8724842e0568e624f6427da4ab6]
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 6
PUP.Optional.SearchProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, In Quarantäne, [23efa8724842e0568e624f6427da4ab6],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, In Quarantäne, [ae64a674b6d43501747c545f14ed2dd3],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [b06258c2711970c69949888827deb34d],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [0f03b763f59590a67e637c94b64f916f],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, In Quarantäne, [ce4441d998f21e188dec13a16d96f10f],
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, In Quarantäne, [ed25f723e4a69e988492971710f31de3],
Registrierungswerte: 2
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, In Quarantäne, [ce4441d998f21e188dec13a16d96f10f]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, In Quarantäne, [ed25f723e4a69e988492971710f31de3]
Registrierungsdaten: 2
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll, Gut: (), Schlecht: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll),Ersetzt,[8c867f9b3d4d2d09f1ff288b4fb2f20e]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL , Gut: (), Schlecht: (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL),Ersetzt,[c0525bbfee9cfe38b43cf7bcfd04d42c]
Ordner: 25
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, In Quarantäne, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, In Quarantäne, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect, Löschen bei Neustart, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect\SearchProtect, Löschen bei Neustart, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect\SearchProtect\rep, Löschen bei Neustart, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect\UI, Löschen bei Neustart, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect\UI\rep, Löschen bei Neustart, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
Dateien: 121
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, Löschen bei Neustart, [23efa8724842e0568e624f6427da4ab6],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, Löschen bei Neustart, [cc469783d0ba2e0821cfddd67e83738d],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, Löschen bei Neustart, [46cc34e67e0c0135d51b5a59c93815eb],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll, Löschen bei Neustart, [8c867f9b3d4d2d09f1ff288b4fb2f20e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll, Löschen bei Neustart, [c0525bbfee9cfe38b43cf7bcfd04d42c],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll, Löschen bei Neustart, [0e04c753c6c468ce856b0fa402ffb947],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, Löschen bei Neustart, [ae64a674b6d43501747c545f14ed2dd3],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.pun, Löschen bei Neustart, [070b8c8edab07abc67fe8192f70bf30d],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll, Löschen bei Neustart, [749e1dfd137759ddc62acde60100f808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe, Löschen bei Neustart, [e2308b8f97f344f2549c644f6998bf41],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll, Löschen bei Neustart, [2ae8ac6ebecc3afcb63a278cb948d12f],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll, Löschen bei Neustart, [f31fde3c55352d09a34d565d010060a0],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir, In Quarantäne, [3cd603175b2fb680f6fafdb6b64b4eb2],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll.vir, In Quarantäne, [55bd8b8fbbcfd363658b288bcf322bd5],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir, In Quarantäne, [c84a6fab03870e2850a0c0f30ef33dc3],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.pun.vir, In Quarantäne, [898921f9acde3204b4b12be814eee61a],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir, In Quarantäne, [e929f723dbaf0333ca26466dfa07fc04],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir, In Quarantäne, [070b5fbb078338fe03ed5261758cad53],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir, In Quarantäne, [eb27041686045fd79759cee5a45d27d9],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll.vir, In Quarantäne, [8f835ebcd8b2003610e0a70cbc4554ac],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir, In Quarantäne, [20f24ecc701a2115d11fd0e3936e629e],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll.vir, In Quarantäne, [5fb394863f4bea4c1ad6f0c3b150bf41],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir, In Quarantäne, [3bd75dbd7c0e0333f9f7d1e229d80af6],
PUP.Optional.SearchProtect.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir, In Quarantäne, [030fbd5d2466e1555f91edc6cb3641bf],
PUP.Optional.SearchProtect, C:\Users\Andi\AppData\Local\avaxvyyvyf\avaxvyyvyf.exe, In Quarantäne, [789ae13993f70c2a4025d2419171a957],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\pbqrmvbub, In Quarantäne, [39d99882eb9f9b9b767ae9cac73ad62a],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\Microsoft\Windows\INetCache\IE\3L0UTDF0\Stub[1].exe, In Quarantäne, [e131b9613951a4928d31189042bf7090],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\Microsoft\Windows\INetCache\IE\MXZRN0CL\Setup[1].exe, In Quarantäne, [31e124f66a204fe79a5662513ac7946c],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\Temp\utt6E36.tmp.exe, In Quarantäne, [7d9556c40585979f3c82dbcdd32e0000],
PUP.Optional.SoftPulse.gen, C:\Users\Andi\AppData\Local\Temp\eFU5kk9g.exe.part, In Quarantäne, [24eed743484257dff96325f3a161b947],
PUP.Adware.Agent, C:\Users\Andi\AppData\Local\Temp\PositiveFinds\Setup.exe, In Quarantäne, [8b8789915337df57ab1fa363de22a65a],
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll, Löschen bei Neustart, [18fa60ba414921153db35d569869cd33],
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\nbin\VC32Loader.dll, Löschen bei Neustart, [8c8618028efc80b636ba7340837e3cc4],
PUP.Optional.Trovi.A, C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\searchplugins\trovi.xml, In Quarantäne, [e32f14060486d6603b255638030040c0],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\cfi.bin, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\edk.bin, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\pni.bin, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\trn.bin, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.html, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, Löschen bei Neustart, [3fd3d7435d2dd26470bd9c5b28dc4eb2],
PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Löschen bei Neustart, [46ccb06a92f8ab8b74714dc310f55fa1],
PUP.Optional.Avaxvavya.A, C:\Windows\System32\Tasks\avaxvyyvyf, In Quarantäne, [878b59c1503aa096f54fa3762dd8916f],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, Löschen bei Neustart, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, Löschen bei Neustart, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, Löschen bei Neustart, [937f4bcfa6e4082e695c3038e41f8b75],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\bahvxfk, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\mkfvxfk, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\pvpqbjobmlpfqlovvawq, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\qokvxfk, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\rfobmlpfqlovvawq, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\rpboobmlpfqlovvawq, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\stb.dat, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
PUP.Optional.SearchProtect.A, C:\Users\Andi\AppData\Local\avaxvyyvyf\ycfvxfk, In Quarantäne, [fe14a9710882082e630b256663a05ea2],
PUP.Optional.Trovi.A, C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=MF4791797-2CB9-4962-B1EC-E7743A74D1CD&SearchSource=55&CUI=&UM=8&UP=SP83C8C27E-46A1-4506-ABC6-6333AB03F494&SSPV=");), Ersetzt,[b55d7f9b0b7f1026e145d9220203966a]
PUP.Optional.Trovi.A, C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=MF4791797-2CB9-4962-B1EC-E7743A74D1CD&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP83C8C27E-46A1-4506-ABC6-6333AB03F494");), Ersetzt,[54be9f7b66240a2cdf4817e408fdfa06]
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end)
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Andi (administrator) on DEISTER on 20-02-2015 22:10:11
Running from C:\Users\Andi\Desktop
Loaded Profiles: Andi (Available profiles: Andi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Time Lapse Solutions) C:\ProgramData\rJDRDPLhi\lhOYKYn.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
() C:\Program Files (x86)\PHotkey\Dolbyosd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Farbar) C:\Users\Andi\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3278088 2014-07-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-08-15] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393520 2014-08-15] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: buyyandbirrowaSe -> {d251ad2b-1095-4530-9785-a87e719e24ac} -> C:\Program Files (x86)\buyyandbirrowaSe\covq6NwOrKB6UE.dll ()
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\searchplugins\webssearches.xml
FF Extension: MedPlayV3.1 - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\b6e4f54065ff48dd97db30ca@c9b45f807bf54a45a4669e51c.com [2015-02-15]
FF Extension: Xmarks - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\foxmarks@kei.com [2015-01-14]
FF Extension: PlusBrowSRAps2.5 - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\NAUPP49116685@MVOEOKE10798312.com [2015-02-15]
FF Extension: Search Enginer - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\searchengine@gmail.com [2015-02-15]
FF Extension: thefoxonlybetterquicksaver - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\thefoxonlybetter@quicksaver [2015-02-19]
FF Extension: youtubeunblockerunblockeryt - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\youtubeunblocker@unblocker.yt [2015-02-19]
FF Extension: buuYandbrowwSSE - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\yuR@D.net [2015-02-02]
FF Extension: c151d79ee61b4a90a8875a46d38fba99 - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99} [2015-02-19]
FF Extension: NoScript - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-02]
FF Extension: Adblock Plus - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-13]
FF Extension: Positive Finds - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\Extensions\{f47391f8-d25a-4213-814d-d386acf92dcf}.xpi [2015-02-12]
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\y8szgoz2.default\extensions\searchengine@gmail.com
Chrome:
=======
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hppp&ts=1424032548&from=tugs&uid=HGSTXHTS725050A7E630_RC250ACB0D8S9J0D8S9JX
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hppp&ts=1424032548&from=tugs&uid=HGSTXHTS725050A7E630_RC250ACB0D8S9J0D8S9JX"
CHR DefaultSearchKeyword: Default -> istartsurf
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-15]
CHR Extension: (YouTube) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-15]
CHR Extension: (Google Sheets) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (gmimocjjppdelmhpcmpkhekmpoddgima) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmimocjjppdelmhpcmpkhekmpoddgima [2015-02-20]
CHR Extension: (lafgkmgbfkfpbhepoolagpahghdhmaop) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lafgkmgbfkfpbhepoolagpahghdhmaop [2015-02-19]
CHR Extension: (Google Wallet) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15]
CHR Extension: (paegkacdgdffjjiepbbdcgkfgnjcdonl) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\paegkacdgdffjjiepbbdcgkfgnjcdonl [2015-02-19]
CHR Extension: (Gmail) - C:\Users\Andi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324568 2014-07-25] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-06-24] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
R2 lhOYKYn; C:\ProgramData\rJDRDPLhi\lhOYKYn.exe [2733544 2015-02-15] (Time Lapse Solutions)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [136192 2014-03-04] () [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
S2 cae99edb; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll",ENT
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-02-13] ()
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [23816 2014-07-01] (ELAN Microelectronic Corp.)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-10] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-20] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-06-24] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-01-15] (Realtek Semiconductor Corporation )
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-20 22:10 - 2015-02-20 22:10 - 00018129 _____ () C:\Users\Andi\Desktop\FRST.txt
2015-02-20 22:09 - 2015-02-20 22:10 - 00000000 ____D () C:\FRST
2015-02-20 22:08 - 2015-02-20 22:08 - 02086912 _____ (Farbar) C:\Users\Andi\Desktop\FRST64(1).exe
2015-02-20 21:56 - 2015-02-20 21:56 - 00026027 _____ () C:\Users\Andi\Desktop\junkjnk.txt
2015-02-20 21:54 - 2015-02-20 21:54 - 00004065 _____ () C:\Users\Andi\Desktop\ghgj.txt
2015-02-20 21:54 - 2015-02-20 21:54 - 00000336 _____ () C:\Users\Andi\Desktop\jj.txt
2015-02-17 21:02 - 2015-02-20 21:12 - 00000000 ____D () C:\Users\Andi\AppData\Local\ZombieInvasion
2015-02-17 20:11 - 2015-02-17 20:11 - 00243664 _____ () C:\Users\Andi\Downloads\Firefox Setup Stub 35.0.1.exe
2015-02-17 14:03 - 2015-02-17 17:04 - 00001957 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-15 21:48 - 2015-02-15 21:48 - 00001284 _____ () C:\Users\Andi\Desktop\Revo Uninstaller.lnk
2015-02-15 21:44 - 2015-02-15 21:48 - 00000000 ____D () C:\ProgramData\rJDRDPLhi
2015-02-15 21:43 - 2015-02-15 21:45 - 00000000 ____D () C:\Program Files (x86)\Cinemax Plus 1.9cV15.02
2015-02-15 21:43 - 2015-02-15 21:43 - 00000000 ____D () C:\Program Files (x86)\4bf237b8-803c-4cad-8ece-2db7514c4a71
2015-02-15 21:42 - 2015-02-15 21:42 - 00000000 ____D () C:\ProgramData\{8841397d-393c-30ac-8841-1397d393e5f4}
2015-02-15 21:36 - 2015-02-15 21:49 - 00000000 ___HD () C:\Users\Public\Temp
2015-02-15 21:35 - 2015-02-17 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-15 21:34 - 2015-02-15 21:58 - 00000000 ____D () C:\Program Files (x86)\PlusBrowSRAps2.5
2015-02-15 21:34 - 2015-02-15 21:35 - 00000000 ____D () C:\Program Files (x86)\MedPlayV3.1
2015-02-15 21:34 - 2015-02-15 21:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinst_01009.Wdf
2015-02-15 21:33 - 2015-02-20 21:38 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 21:33 - 2015-02-20 21:38 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 21:33 - 2015-02-15 21:36 - 00000000 ____D () C:\Users\Andi\AppData\Local\Google
2015-02-15 21:33 - 2015-02-15 21:35 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-15 21:33 - 2015-02-15 21:33 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-15 21:33 - 2015-02-15 21:33 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-15 21:32 - 2015-02-15 21:32 - 00695760 _____ () C:\Users\Andi\Downloads\ChromeSetup.exe
2015-02-15 21:18 - 2015-02-15 21:18 - 00001520 _____ () C:\Users\Andi\Desktop\JRT.txt
2015-02-15 21:18 - 2015-02-15 21:18 - 00000000 ____D () C:\Program Files\McAfee
2015-02-15 21:10 - 2015-02-15 21:11 - 01388274 _____ (Thisisu) C:\Users\Andi\Downloads\JRT.exe
2015-02-15 21:05 - 2015-02-15 21:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-15 21:05 - 2015-02-15 21:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Andi\Desktop\revosetup95.exe
2015-02-15 20:52 - 2015-02-15 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-02-15 16:50 - 2015-02-15 16:50 - 00022512 _____ () C:\Windows\system32\Drivers\SPPD.sys
2015-02-15 10:46 - 2015-02-15 10:46 - 02134528 _____ (Farbar) C:\Users\Andi\Downloads\FRST64.exe
2015-02-14 20:40 - 2015-02-14 20:40 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\WinRAR
2015-02-14 20:40 - 2008-05-11 00:01 - 701775872 _____ () C:\Users\Andi\Desktop\lidl-winxp7in1.iso
2015-02-14 20:39 - 2015-02-15 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-14 20:39 - 2015-02-14 20:39 - 02059896 _____ () C:\Users\Andi\Downloads\winrar-x64-520d.exe
2015-02-14 20:39 - 2015-02-14 20:39 - 00000000 ____D () C:\Program Files\WinRAR
2015-02-13 23:57 - 2015-02-17 20:52 - 00000000 ____D () C:\AdwCleaner
2015-02-13 23:56 - 2015-02-13 23:57 - 02112512 _____ () C:\Users\Andi\Desktop\AdwCleaner_4.110.exe
2015-02-13 23:31 - 2015-02-13 23:31 - 00000000 ____D () C:\Users\Andi\Downloads\David Cross_ HITS_
2015-02-13 23:25 - 2015-02-13 23:25 - 00000000 _____ () C:\autoexec.bat
2015-02-13 23:24 - 2015-02-13 23:24 - 00003320 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-02-13 23:24 - 2015-02-13 23:24 - 00000000 ____D () C:\sh4ldr
2015-02-13 23:23 - 2015-02-15 21:20 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-02-13 23:23 - 2015-02-13 23:23 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-02-13 23:22 - 2015-02-13 23:22 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Andi\Downloads\SpyHunter-Installer.exe
2015-02-12 14:12 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 14:12 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 00:15 - 2015-02-15 10:48 - 00000000 ____D () C:\Users\Andi\Downloads\backups
2015-02-12 00:14 - 2015-02-15 10:41 - 00012415 _____ () C:\Users\Andi\Downloads\hijackthis.log
2015-02-12 00:13 - 2015-02-12 00:13 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andi\Downloads\HijackThis.exe
2015-02-12 00:07 - 2015-02-14 13:52 - 00000000 ____D () C:\Users\Andi\Downloads\Microsoft.Windows.XP.7in1.German.inkl.SP3-Lidl
2015-02-12 00:06 - 2015-02-12 00:06 - 00000000 ____D () C:\Users\Andi\Downloads\Sour Soul Bundle
2015-02-12 00:05 - 2015-02-12 00:05 - 00000899 _____ () C:\Users\Andi\Desktop\µTorrent.lnk
2015-02-12 00:05 - 2015-02-12 00:05 - 00000879 _____ () C:\Users\Andi\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-02-12 00:04 - 2015-02-15 10:46 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\uTorrent
2015-02-12 00:04 - 2015-02-12 00:04 - 01740880 _____ (BitTorrent Inc.) C:\Users\Andi\Downloads\uTorrent.exe
2015-02-11 23:59 - 2015-02-11 23:59 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\DesktopIconGoodgame
2015-02-11 23:27 - 2015-02-11 23:47 - 32358400 _____ () C:\Users\Andi\Downloads\XP.Home.Edition.OEM.SP3.GER-RHB.rar.part
2015-02-11 19:57 - 2015-02-11 19:57 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-02-11 19:56 - 2015-02-11 19:56 - 00001171 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-02-11 19:56 - 2015-02-11 19:56 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-02-11 19:56 - 2015-02-11 19:56 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\Canneverbe Limited
2015-02-11 19:56 - 2015-02-11 19:56 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-02-11 19:55 - 2015-02-11 19:55 - 05409016 _____ (Canneverbe Limited ) C:\Users\Andi\Downloads\cdbxp_setup_4.5.4.5306_minimal(1).exe
2015-02-11 19:54 - 2015-02-11 19:55 - 05409016 _____ (Canneverbe Limited ) C:\Users\Andi\Downloads\cdbxp_setup_4.5.4.5306_minimal.exe
2015-02-11 19:43 - 2015-02-11 20:13 - 666894336 _____ () C:\Users\Andi\Downloads\xp_deutsch_32.iso
2015-02-11 01:05 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 01:05 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 01:05 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 01:05 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 01:05 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 01:05 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 01:05 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 01:05 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 01:05 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 01:05 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:05 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 01:05 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 01:05 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 01:05 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 01:05 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 01:05 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 01:05 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 01:04 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 01:04 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 01:04 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 01:04 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 01:04 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 01:04 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 01:04 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 01:04 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 01:04 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 01:04 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 01:04 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 01:04 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 01:04 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 01:04 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 01:04 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 01:04 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 01:04 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 01:04 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 01:04 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 01:04 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 01:04 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 01:04 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 01:04 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 01:04 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 01:04 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 01:04 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 01:04 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 01:04 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 01:04 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 01:04 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 01:04 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 01:04 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 01:04 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 01:04 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 01:04 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 01:04 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 01:04 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 01:04 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 01:04 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 01:04 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 01:04 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 01:04 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 01:04 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 01:04 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 01:04 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 01:04 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 01:04 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 01:04 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 01:04 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 01:04 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 01:04 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 01:04 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 01:04 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 01:04 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-06 12:04 - 2015-02-01 15:46 - 00030720 ____H () C:\Users\Andi\Desktop\~WRL0001.tmp
2015-02-03 14:50 - 2015-02-03 14:50 - 00000000 ____D () C:\ProgramData\coupcoup
2015-02-02 09:00 - 2015-02-15 21:43 - 00000000 ____D () C:\Program Files (x86)\buyyandbirrowaSe
2015-02-02 09:00 - 2015-02-02 21:34 - 00000000 ____D () C:\Program Files (x86)\Proofread Bot Grammar and Style Checker
2015-02-02 09:00 - 2015-02-02 21:34 - 00000000 ____D () C:\Program Files (x86)\Free2youe
2015-02-02 09:00 - 2015-02-02 21:34 - 00000000 ____D () C:\Program Files (x86)\buuYandbrowwSSE
2015-02-01 16:42 - 2015-02-01 16:42 - 00000000 __SHD () C:\Users\Andi\AppData\Local\EmieBrowserModeList
2015-02-01 11:36 - 2015-02-01 11:36 - 00000000 ____D () C:\Users\Andi\Documents\Benutzerdefinierte Office-Vorlagen
2015-02-01 11:15 - 2015-02-01 11:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1040584371-3716677195-284654461-1001
2015-02-01 11:15 - 2015-02-01 11:15 - 00000000 ___RD () C:\Users\Andi\OneDrive
2015-02-01 11:14 - 2015-02-01 11:14 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-02-01 11:07 - 2015-02-01 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-01 11:06 - 2015-02-08 11:20 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-01 11:05 - 2015-02-01 11:05 - 01064632 _____ (Microsoft Corporation) C:\Users\Andi\Downloads\Setup.X86.de-DE_O365HomePremRetail_475a790f-447c-40a6-b22a-bd08a3094428_TX_DB_.exe
2015-02-01 11:05 - 2015-02-01 11:05 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-02-01 11:05 - 2008-04-21 20:00 - 00279040 _____ (CANON INC.) C:\Windows\system32\CNMLM9C.DLL
2015-01-27 03:33 - 2015-02-17 20:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 21:34 - 2015-01-25 21:34 - 00000000 ____D () C:\Users\Andi\Documents\CyberLink
2015-01-25 21:34 - 2015-01-25 21:34 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\CyberLink
2015-01-23 20:58 - 2015-02-20 21:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 20:58 - 2015-01-23 20:58 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-23 20:58 - 2015-01-23 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-23 20:58 - 2015-01-23 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 20:58 - 2015-01-23 20:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-23 20:58 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-23 20:58 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-23 20:58 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-23 20:57 - 2015-01-23 20:58 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Andi\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-23 20:44 - 2015-02-03 20:31 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 20:44 - 2015-02-03 20:31 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 18:25 - 2015-01-23 18:25 - 00001013 _____ () C:\Users\Andi\Downloads\6aHWXAJf
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-20 22:09 - 2015-01-14 14:26 - 01747897 _____ () C:\Windows\WindowsUpdate.log
2015-02-20 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-20 20:58 - 2015-01-13 22:15 - 00000000 ____D () C:\Users\Andi\Documents\Youcam
2015-02-20 20:58 - 2014-08-20 10:06 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2015-02-20 17:31 - 2014-07-09 12:34 - 00766620 _____ () C:\Windows\system32\perfh007.dat
2015-02-20 17:31 - 2014-07-09 12:34 - 00159902 _____ () C:\Windows\system32\perfc007.dat
2015-02-20 17:31 - 2014-03-18 16:26 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 16:51 - 2015-01-13 22:22 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{96030ECB-8FB8-445B-80F5-496E1C075584}
2015-02-20 12:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-18 09:20 - 2015-01-13 22:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1040584371-3716677195-284654461-1001
2015-02-17 20:55 - 2014-08-20 05:56 - 00101058 _____ () C:\Windows\SysWOW64\Gms.log
2015-02-17 20:52 - 2015-01-17 15:41 - 00086072 _____ () C:\Windows\PFRO.log
2015-02-17 20:52 - 2015-01-16 14:01 - 00004623 _____ () C:\Windows\setupact.log
2015-02-17 20:52 - 2015-01-13 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-17 20:52 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 20:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-17 20:13 - 2015-01-13 22:28 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-17 20:13 - 2015-01-13 22:28 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-17 20:09 - 2015-01-13 22:13 - 00002329 _____ () C:\Users\Andi\Desktop\ALDI Süd Blumen Service.lnk
2015-02-17 20:09 - 2015-01-13 22:13 - 00002281 _____ () C:\Users\Andi\Desktop\ALDI Süd Reisen.lnk
2015-02-17 20:09 - 2015-01-13 22:13 - 00002193 _____ () C:\Users\Andi\Desktop\ALDI Talk.lnk
2015-02-17 20:09 - 2015-01-13 22:13 - 00002153 _____ () C:\Users\Andi\Desktop\ALDI Süd Startseite.lnk
2015-02-17 17:04 - 2015-01-13 22:13 - 00002081 _____ () C:\Users\Default\Desktop\ALDI Süd Blumen Service.lnk
2015-02-17 17:04 - 2015-01-13 22:13 - 00002081 _____ () C:\Users\Default User\Desktop\ALDI Süd Blumen Service.lnk
2015-02-17 17:04 - 2015-01-13 22:13 - 00002057 _____ () C:\Users\Default\Desktop\ALDI Süd Reisen.lnk
2015-02-17 17:04 - 2015-01-13 22:13 - 00002057 _____ () C:\Users\Default User\Desktop\ALDI Süd Reisen.lnk
2015-02-17 17:04 - 2015-01-13 22:13 - 00002013 _____ () C:\Users\Default\Desktop\ALDI Talk.lnk
2015-02-17 17:04 - 2015-01-13 22:13 - 00002013 _____ () C:\Users\Default User\Desktop\ALDI Talk.lnk
2015-02-17 17:04 - 2015-01-13 22:13 - 00001993 _____ () C:\Users\Default\Desktop\ALDI Süd Startseite.lnk
2015-02-17 17:04 - 2015-01-13 22:13 - 00001993 _____ () C:\Users\Default User\Desktop\ALDI Süd Startseite.lnk
2015-02-17 17:04 - 2014-08-20 07:53 - 00001961 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk
2015-02-17 17:04 - 2014-08-20 07:52 - 00001967 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk
2015-02-15 21:20 - 2014-04-25 09:12 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-15 21:20 - 2013-08-22 15:44 - 00491720 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-15 21:16 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-02-15 21:13 - 2014-07-09 12:36 - 00000000 ____D () C:\Program Files\CyberLink
2015-02-15 16:53 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-14 18:51 - 2015-01-15 23:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-14 14:12 - 2014-04-24 17:12 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 23:24 - 2015-01-13 22:13 - 00000000 ____D () C:\Users\Andi
2015-02-12 19:27 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-12 19:14 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-12 00:24 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-12 00:20 - 2015-01-17 15:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 00:20 - 2015-01-17 15:42 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 00:13 - 2015-01-13 22:13 - 00000000 ____D () C:\Users\Andi\AppData\Local\VirtualStore
2015-02-02 16:14 - 2015-01-18 17:55 - 00000000 ____D () C:\Users\Andi\AppData\Local\Adobe
2015-01-25 21:35 - 2015-01-13 22:15 - 00000000 ____D () C:\Users\Andi\AppData\Local\CyberLink
2015-01-23 21:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech
2015-01-23 21:16 - 2015-01-19 10:38 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\BRT
2015-01-23 21:16 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-23 20:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-23 20:41 - 2014-03-18 16:10 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\system32\WCN
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-23 20:41 - 2014-03-18 15:58 - 00000000 ____D () C:\Windows\en-GB
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-23 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-23 20:41 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-23 20:41 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
==================== Files in the root of some directories =======
2015-01-13 23:24 - 2015-01-14 13:24 - 0000064 _____ () C:\Users\Andi\AppData\Roaming\WB.CFG
2014-08-20 07:39 - 2014-08-20 07:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-09 12:41 - 2014-07-09 12:42 - 0000104 _____ () C:\ProgramData\{01FB4998-33C4-4431-85ED-079E3EEFE75D}.log
2014-07-09 12:42 - 2014-07-09 12:42 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-07-09 12:38 - 2014-07-09 12:39 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-07-09 12:41 - 2014-07-09 12:41 - 0000111 _____ () C:\ProgramData\{44510C84-AE2A-4079-A75B-D44E68D73B9A}.log
2014-07-09 12:40 - 2014-07-09 12:40 - 0000032 _____ () C:\ProgramData\{551F492A-01B0-4DC4-866F-875EC4EDC0A8}.log
2014-07-09 12:37 - 2014-07-09 12:37 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-07-09 12:40 - 2014-07-09 12:41 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2014-07-09 12:37 - 2014-07-09 12:38 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2014-07-09 12:39 - 2014-07-09 12:39 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log
Some content of TEMP:
====================
C:\Users\Andi\AppData\Local\Temp\1C35A9D4-C736-5B1C-AD23-E3A07B57F7EF.dll
C:\Users\Andi\AppData\Local\Temp\1C35A9D4-C736-5B1C-AD23-E3A07B57F7EF.exe
C:\Users\Andi\AppData\Local\Temp\93B8ADA9-4755-E096-0175-EC1BBC79044E.exe
C:\Users\Andi\AppData\Local\Temp\AppLauncher.exe
C:\Users\Andi\AppData\Local\Temp\optprosetup.exe
C:\Users\Andi\AppData\Local\Temp\Quarantine.exe
C:\Users\Andi\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-18 16:02
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Andi at 2015-02-20 22:11:28
Running from C:\Users\Andi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1040584371-3716677195-284654461-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.3714 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.10.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 11.10.26.3 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3871 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MedPlayV3.1 (HKLM-x32\...\MedPlayV3.1) (Version: 1.36.01.22 - PlayersMComp)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1040584371-3716677195-284654461-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0105 - Pegatron Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7318 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1040584371-3716677195-284654461-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andi\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
29-01-2015 02:47:19 Windows Update
08-02-2015 13:21:16 Geplanter Prüfpunkt
12-02-2015 19:13:37 Windows Update
15-02-2015 21:06:44 Revo Uninstaller's restore point - CHIP Best Deal
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1154D2C2-E364-4C37-BBAB-026E67DFB79D} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1040584371-3716677195-284654461-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {3CFA2605-3644-4A52-A8B4-0D82A76417A0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {4E205356-4008-4EFE-8857-DDEFF3202725} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {5C9944EA-E447-4204-918D-27A756562761} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {652E6E3A-2BC8-417D-9C8A-4F50D409188E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-14] (Microsoft Corporation)
Task: {6DE1B0F0-4A78-4BAD-8E35-0291BF5300D3} - \avaxvyyvyf No Task File <==== ATTENTION
Task: {6E5449D3-7E1E-4C56-9183-D81B2330AD80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {949B7E89-3B24-47FD-95B1-FB45CFA03C82} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {AFF5A446-7B90-45EA-AB31-1CB6A9B0969E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {C46EBA3E-4D7C-4A8D-8617-1026E718B277} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {D96A0A33-467A-463B-852F-EE1D38E67226} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-01] (Microsoft Corporation)
Task: {F23CFA49-C485-4565-B000-F85A7E5797C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-08-20 10:05 - 2014-03-04 16:58 - 00136192 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
2015-02-01 11:06 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-09 12:40 - 2013-03-06 14:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-20 10:05 - 2014-07-11 17:15 - 02222592 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-08-20 10:05 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2014-08-20 10:05 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2014-08-20 10:05 - 2010-12-17 14:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2014-08-20 10:05 - 2014-02-21 17:19 - 08857088 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2014-08-20 10:05 - 2014-07-08 14:39 - 03006464 _____ () C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
2014-08-20 10:05 - 2014-03-18 21:54 - 05644800 _____ () C:\Program Files (x86)\PHotkey\Dolbyosd.exe
2014-06-24 16:08 - 2014-06-24 16:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-20 10:05 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2014-08-20 10:05 - 2013-09-17 23:23 - 00108032 _____ () C:\Program Files (x86)\PHotkey\PGFNEX.dll
2014-07-09 12:39 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-27 03:33 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1040584371-3716677195-284654461-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\MEDION\wallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "mcpltui_exe"
HKU\S-1-5-21-1040584371-3716677195-284654461-1001\...\StartupApproved\Run: => "Super Optimizer"
==================== Accounts: =============================
Administrator (S-1-5-21-1040584371-3716677195-284654461-500 - Administrator - Disabled)
Andi (S-1-5-21-1040584371-3716677195-284654461-1001 - Administrator - Enabled) => C:\Users\Andi
Gast (S-1-5-21-1040584371-3716677195-284654461-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1040584371-3716677195-284654461-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/19/2015 10:32:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1f20
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (02/19/2015 10:31:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 35.0.1.5500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2f8
Startzeit: 01d04c7119f5df5e
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: b7e5d0db-b87e-11e4-829b-303a64c67d6f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/19/2015 07:51:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (02/19/2015 03:08:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (02/19/2015 03:05:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (02/19/2015 01:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x8f0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (02/19/2015 11:14:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xe30
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (02/19/2015 11:09:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (02/19/2015 09:13:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (02/19/2015 09:09:02 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
System errors:
=============
Error: (02/19/2015 10:15:43 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.30
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (02/19/2015 09:35:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.30
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (02/19/2015 08:58:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.30
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (02/19/2015 07:58:02 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.30
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (02/19/2015 07:02:28 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.30
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (02/19/2015 03:05:29 PM) (Source: DCOM) (EventID: 10010) (User: Deister)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/19/2015 03:04:59 PM) (Source: DCOM) (EventID: 10010) (User: Deister)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/19/2015 11:09:53 AM) (Source: DCOM) (EventID: 10010) (User: Deister)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/19/2015 11:09:23 AM) (Source: DCOM) (EventID: 10010) (User: Deister)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/19/2015 10:46:53 AM) (Source: DCOM) (EventID: 10010) (User: Deister)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (02/19/2015 10:32:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f22480000003000014251f2001d04c7b63c80c14C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllbcb2e842-b87e-11e4-829b-303a64c67d6f
Error: (02/19/2015 10:31:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe35.0.1.55002f801d04c7119f5df5e4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exeb7e5d0db-b87e-11e4-829b-303a64c67d6f
Error: (02/19/2015 07:51:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (02/19/2015 03:08:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/19/2015 03:05:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/19/2015 01:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f22480000003000014258f001d04c2d2a61455bC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll13d358cb-b837-11e4-829b-303a64c67d6f
Error: (02/19/2015 11:14:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425e3001d04bab93ced952C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll0885572a-b820-11e4-829b-303a64c67d6f
Error: (02/19/2015 11:09:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/19/2015 09:13:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/19/2015 09:09:02 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files\CCleaner\CCleaner.exe
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 3558U @ 1.70GHz
Percentage of memory in use: 59%
Total physical RAM: 4013 MB
Available physical RAM: 1619.83 MB
Total Pagefile: 5037 MB
Available Pagefile: 2214.21 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:404.05 GB) (Free:366.55 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:45.13 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 488DA0F9)
Partition: GPT Partition Type.
==================== End Of Log ============================ |