Chrischi83 | 02.03.2015 23:44 | Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 02.03.2015 22:47:30, SYSTEM, CHRISTIAN-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 02.03.2015 22:47:31, SYSTEM, CHRISTIAN-PC, Manual, Rootkit Database, 2014.11.18.1, 2015.2.25.1,
Update, 02.03.2015 22:48:01, SYSTEM, CHRISTIAN-PC, Manual, Malware Database, 2014.11.20.6, 2015.3.2.6,
Update, 02.03.2015 22:48:36, SYSTEM, CHRISTIAN-PC, Manual, Malware Database, 2015.3.2.6, 2015.3.2.7,
(end) Code:
# AdwCleaner v4.111 - Bericht erstellt 02/03/2015 um 23:20:35
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-03-02.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (x86)
# Benutzername : Christian Rietz - CHRISTIAN-PC
# Gestarted von : C:\Users\Christian Rietz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8UQQG8I\AdwCleaner_4.111[1].exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : vToolbarUpdater3.2.0
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\Program Files\Dll-Files.com Fixer
Ordner Gelöscht : C:\Program Files\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Users\Christian Rietz\AppData\Roaming\RHEng
Ordner Gelöscht : C:\Users\Christian Rietz\AppData\Roaming\dll-files.com
Datei Gelöscht : C:\Users\Public\Desktop\Dll-Files Fixer.lnk
Datei Gelöscht : C:\Windows\system32\roboot.exe
Datei Gelöscht : C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\invalidprefs.js
Datei Gelöscht : C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\user.js
Datei Gelöscht : C:\Users\Christian Rietz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovigo.com_0.localstorage-journal
***** [ Geplante Tasks ] *****
Task Gelöscht : RDReminder
Task Gelöscht : DLL-Files.Com Fixer_Updates
Task Gelöscht : DLL-Files.Com Fixer_MONTHLY
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\dll-files.com
Schlüssel Gelöscht : HKLM\SOFTWARE\dll-files.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dll-Files Fixer_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v7.0.6001.18639
-\\ Mozilla Firefox v35.0.1 (x86 de)
[ltp2kpr9.default\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
[ltp2kpr9.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.xpiState", "{\"app-profile\":{\"2020Player_IKEA@2020Technologies.com\":{\"d\":\"C:\\\\Users\\\\Christian Rietz\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ltp2kpr9[...]
-\\ Google Chrome v40.0.2214.115
[C:\Users\Christian Rietz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
[C:\Users\Christian Rietz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5450002220030F1A&affID=121565&tsp=4993
[C:\Users\Christian Rietz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP50113B4A-887F-4A93-9ECD-B4026E0E8DE1&q={searchTerms}&SSPV=
*************************
AdwCleaner[R0].txt - [12112 Bytes] - [24/09/2013 22:44:24]
AdwCleaner[R1].txt - [4212 Bytes] - [26/03/2014 19:38:13]
AdwCleaner[R2].txt - [8957 Bytes] - [26/03/2014 19:59:08]
AdwCleaner[R3].txt - [8066 Bytes] - [02/03/2015 23:17:10]
AdwCleaner[S0].txt - [12093 Bytes] - [24/09/2013 22:45:52]
AdwCleaner[S1].txt - [7762 Bytes] - [26/03/2014 19:48:33]
AdwCleaner[S2].txt - [9068 Bytes] - [26/03/2014 20:02:09]
AdwCleaner[S3].txt - [7976 Bytes] - [02/03/2015 23:20:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [8035 Bytes] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Christian Rietz on 02.03.2015 at 23:28:05,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\Christian Rietz\AppData\Roaming\mozilla\firefox\profiles\ltp2kpr9.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted: [Folder] C:\Users\Christian Rietz\AppData\Roaming\mozilla\firefox\profiles\ltp2kpr9.default\extensions\toolbar@gmx.net
Emptied folder: C:\Users\Christian Rietz\AppData\Roaming\mozilla\firefox\profiles\ltp2kpr9.default\minidumps [144 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.03.2015 at 23:36:20,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-03-2015
Ran by Christian Rietz (administrator) on CHRISTIAN-PC on 02-03-2015 23:40:08
Running from C:\Users\Christian Rietz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8T9JQTC
Loaded Profiles: Christian Rietz (Available profiles: Christian Rietz)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(ACD Systems, Ltd.) C:\Program Files\Common Files\ACD Systems\DE\DevDetect.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ieuser.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Farbar) C:\Users\Christian Rietz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8T9JQTC\FRST[1].exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-04] (Synaptics, Inc.)
HKLM\...\Run: [UpdatePDRShortCut] => C:\Program Files\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe [71216 2007-02-09] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-02-21] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6294048 2008-09-18] (Realtek Semiconductor)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2008-10-26] (Google)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [Device Detector] => DevDetect.exe -autorun
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [2729800 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-07-11] (RealNetworks, Inc.)
HKU\S-1-5-21-209139463-1928718786-3223491114-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-209139463-1928718786-3223491114-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-11] (Google Inc.)
HKU\S-1-5-21-209139463-1928718786-3223491114-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-209139463-1928718786-3223491114-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
AppInit_DLLs: c:\docume~1\ settings\all users\application D즸粖㛉ࠀᖰAA C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [146432 2008-10-26] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Christian Rietz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-209139463-1928718786-3223491114-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-209139463-1928718786-3223491114-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\searchplugins\search_the_web.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\nppl3260.dll
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-09-01]
FF Extension: Avira Browser Safety - C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\Extensions\abs@avira.com [2015-02-02]
FF Extension: GMX MailCheck - C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\Extensions\toolbar@gmx(75).net [2015-02-28]
FF Extension: DownloadHelper - C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: ProxTube - C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-28]
FF Extension: Adblock Plus - C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-16]
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-07-11]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-09-27]
FF HKU\S-1-5-21-209139463-1928718786-3223491114-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-209139463-1928718786-3223491114-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-209139463-1928718786-3223491114-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\extensions\cliqz@cliqz.com
FF Extension: No Name - C:\Users\Christian Rietz\AppData\Roaming\Mozilla\Firefox\Profiles\ltp2kpr9.default\extensions\toolbar@gmx.net [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Christian Rietz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Users\Christian Rietz\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-20]
CHR Extension: (RealDownloader) - C:\Users\Christian Rietz\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-24]
CHR Extension: (Google Wallet) - C:\Users\Christian Rietz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-07-12] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2008-10-26] (Google) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-28] () [File not signed]
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435016 2015-02-22] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1050440 2010-04-01] (TuneUp Software)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation) [File not signed]
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-14] (Avira Operations GmbH & Co. KG)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-29] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-19] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-02] (Malwarebytes Corporation)
S3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1332576 2008-09-25] (NXP Semiconductors Germany GmbH)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2013-07-12] (Padus, Inc.) [File not signed]
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-07-16] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2010-02-24] (TuneUp Software)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U4 Msetapxe_n; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-02 23:36 - 2015-03-02 23:36 - 00001086 _____ () C:\Users\Christian Rietz\Desktop\JRT.txt
2015-03-02 23:24 - 2015-03-02 23:24 - 00008115 _____ () C:\Users\Christian Rietz\Desktop\AdwCleaner[S3].txt
2015-03-02 23:07 - 2015-03-02 23:07 - 00000484 _____ () C:\Users\Christian Rietz\Desktop\mbam.txt
2015-03-02 22:47 - 2015-03-02 22:47 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-02 22:47 - 2015-03-02 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-02 22:47 - 2015-03-02 22:47 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-02 22:47 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-02 22:47 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-02 22:47 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-01 19:29 - 2015-03-01 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2015-03-01 18:18 - 2015-03-01 18:18 - 00000000 ____D () C:\Users\TEMP.Christian-PC\Documents\Eigene Google Gadgets
2015-03-01 18:18 - 2015-03-01 18:18 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Local\Avg2014
2015-03-01 18:18 - 2015-03-01 18:18 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Local\AVG Web TuneUp
2015-03-01 18:17 - 2015-03-01 18:17 - 00118304 _____ () C:\Users\TEMP.Christian-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-01 18:17 - 2015-03-01 18:17 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Roaming\Apple Computer
2015-03-01 18:17 - 2015-03-01 18:17 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Local\Wondershare
2015-03-01 18:16 - 2015-03-01 18:52 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Local\VirtualStore
2015-03-01 18:16 - 2015-03-01 18:17 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Local\Google
2015-03-01 18:16 - 2015-03-01 18:16 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Roaming\RealNetworks
2015-03-01 18:16 - 2015-03-01 18:16 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Roaming\Real
2015-03-01 18:15 - 2015-03-01 18:52 - 00000000 ____D () C:\Users\TEMP.Christian-PC
2015-03-01 18:15 - 2013-09-27 19:12 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Local\Microsoft Help
2015-03-01 18:15 - 2013-09-26 20:06 - 00000000 ____D () C:\Users\TEMP.Christian-PC\AppData\Roaming\TuneUp Software
2015-02-27 20:28 - 2015-02-27 20:30 - 00000000 ____D () C:\Users\Christian Rietz\Desktop\Playmo-Zoo
2015-02-26 00:25 - 2015-02-26 00:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox(25)
2015-02-25 23:30 - 2015-02-26 00:45 - 106785426 _____ () C:\Users\Christian Rietz\Desktop\Looking S02E06 - Looking for Gordon Freeman.flv
2015-02-25 23:09 - 2015-02-25 23:09 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Local\Skype
2015-02-25 23:09 - 2015-02-25 23:09 - 00000000 ____D () C:\Program Files\Skype(27)
2015-02-22 17:12 - 2015-02-22 17:12 - 00001869 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk
2015-02-22 17:12 - 2015-02-22 17:12 - 00001857 _____ () C:\Users\Public\Desktop\TuneUp Utilities.lnk
2015-02-22 17:12 - 2015-02-22 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities
2015-02-22 17:12 - 2010-04-01 15:17 - 00030536 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-02-22 17:12 - 2010-04-01 15:11 - 00030024 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2015-02-22 17:12 - 2010-04-01 15:11 - 00021320 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-02-22 17:11 - 2015-02-22 17:12 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2010
2015-02-22 17:10 - 2015-02-22 17:10 - 00000000 __SHD () C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2015-02-22 16:59 - 2015-02-22 16:59 - 00000000 ____D () C:\Users\Christian Rietz\Desktop\1 Tuneup Utilities
2015-02-22 13:37 - 2015-02-22 13:37 - 00000000 ____D () C:\Users\Christian Rietz\Desktop\LOOKING for Season 2
2015-02-09 22:08 - 2015-02-09 22:09 - 00000000 ____D () C:\Program Files\QuickTime
2015-02-09 22:08 - 2015-02-09 22:08 - 00001730 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-02-09 22:08 - 2015-02-09 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-09 22:01 - 2015-02-09 22:03 - 42096984 _____ (Apple Inc.) C:\Users\Christian Rietz\Downloads\QuickTimeInstaller(1).exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-02 23:40 - 2013-07-16 20:05 - 00000000 ____D () C:\FRST
2015-03-02 23:40 - 2008-10-25 04:29 - 00000438 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2015-03-02 23:35 - 2013-07-11 17:09 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-02 23:27 - 2013-07-11 14:20 - 01683207 _____ () C:\Windows\WindowsUpdate.log
2015-03-02 23:27 - 2008-10-25 04:12 - 00084921 _____ () C:\ProgramData\nvModes.dat
2015-03-02 23:27 - 2008-10-25 04:12 - 00084921 _____ () C:\ProgramData\nvModes.001
2015-03-02 23:26 - 2014-02-03 20:53 - 00000000 ___RD () C:\Users\Christian Rietz\Dropbox
2015-03-02 23:25 - 2014-02-03 20:49 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Roaming\Dropbox
2015-03-02 23:23 - 2013-07-11 17:09 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-02 23:23 - 2013-07-11 14:23 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2015-03-02 23:22 - 2008-01-21 03:47 - 00734022 _____ () C:\Windows\PFRO.log
2015-03-02 23:22 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-02 23:22 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-02 23:22 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-02 23:21 - 2006-11-02 14:01 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-02 23:20 - 2013-09-24 22:44 - 00000000 ____D () C:\AdwCleaner
2015-03-02 22:58 - 2013-10-06 11:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-02 22:48 - 2014-03-26 19:47 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-02 22:37 - 2013-07-11 14:24 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Local\Google
2015-03-02 17:54 - 2013-09-10 21:42 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-01 20:06 - 2014-04-17 18:10 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-01 20:06 - 2013-09-25 21:57 - 00000000 ____D () C:\ProgramData\Skype
2015-03-01 20:06 - 2013-07-11 17:24 - 00000000 ___RD () C:\Users\Christian Rietz\Documents\Programme
2015-03-01 20:06 - 2013-07-11 17:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-01 20:06 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2015-03-01 20:06 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2015-03-01 18:52 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-03-01 18:50 - 2013-07-11 14:23 - 00000000 ____D () C:\Users\Christian Rietz
2015-03-01 18:50 - 2006-11-02 11:22 - 46661632 _____ () C:\Windows\system32\config\software_previous
2015-03-01 18:50 - 2006-11-02 11:22 - 33554432 _____ () C:\Windows\system32\config\components_previous
2015-03-01 18:50 - 2006-11-02 11:22 - 19660800 _____ () C:\Windows\system32\config\system_previous
2015-03-01 18:50 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-03-01 18:50 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-03-01 18:50 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\default_previous
2015-03-01 18:45 - 2013-09-25 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-01 18:38 - 2015-01-26 20:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-01 18:38 - 2013-09-25 21:57 - 00000000 ___RD () C:\Program Files\Skype
2015-03-01 18:38 - 2013-09-25 21:57 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-02-26 00:25 - 2013-09-25 21:57 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Roaming\Skype
2015-02-22 17:10 - 2013-07-11 21:54 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-22 17:02 - 2006-11-02 11:33 - 01418794 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-22 16:16 - 2013-07-11 22:21 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Roaming\vlc
2015-02-22 13:20 - 2013-07-11 16:54 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Roaming\Adobe
2015-02-22 13:20 - 2008-10-20 05:03 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-19 19:07 - 2014-02-03 20:50 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-09 22:04 - 2013-07-11 21:03 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-09 22:04 - 2013-07-11 21:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-09 22:04 - 2013-07-11 21:02 - 00000000 ____D () C:\Users\Christian Rietz\AppData\Local\Adobe
2015-02-09 21:21 - 2014-08-14 20:25 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 21:21 - 2013-07-16 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-09 21:20 - 2013-07-16 20:21 - 00000000 ____D () C:\Program Files\Avira
==================== Files in the root of some directories =======
2014-02-20 21:53 - 2014-02-20 21:53 - 0000268 ___RH () C:\Users\Christian Rietz\AppData\Roaming\StatusSheet
2014-02-20 21:57 - 2014-02-20 21:57 - 0000268 ___RH () C:\Users\Christian Rietz\AppData\Roaming\Stingers
2014-02-20 21:53 - 2014-02-20 21:53 - 0000268 ___RH () C:\Users\Christian Rietz\AppData\Roaming\String Comparison
2014-02-20 21:49 - 2014-02-20 21:49 - 0000268 ___RH () C:\Users\Christian Rietz\AppData\Roaming\System Image Utility
2014-03-26 19:46 - 2014-03-26 19:46 - 0000047 _____ () C:\Users\Christian Rietz\AppData\Roaming\WB.CFG
2013-08-02 19:34 - 2014-11-20 21:45 - 0001356 _____ () C:\Users\Christian Rietz\AppData\Local\d3d9caps.dat
2013-07-28 13:50 - 2015-01-25 21:05 - 0092672 _____ () C:\Users\Christian Rietz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-10-25 04:12 - 2015-03-02 23:27 - 0084921 _____ () C:\ProgramData\nvModes.001
2008-10-25 04:12 - 2015-03-02 23:27 - 0084921 _____ () C:\ProgramData\nvModes.dat
2014-02-20 21:49 - 2014-02-20 21:49 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-02-20 21:57 - 2014-02-20 22:12 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-02-20 21:53 - 2014-02-20 22:09 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-02-20 21:53 - 2014-02-20 21:53 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-02-20 21:53 - 2014-02-20 21:53 - 0000268 ___RH () C:\ProgramData\Strings
2014-02-20 21:57 - 2014-02-20 21:57 - 0000268 ___RH () C:\ProgramData\Super Strings
2014-02-20 21:53 - 2014-02-20 21:53 - 0000268 ___RH () C:\ProgramData\SupportPrinters
Some content of TEMP:
====================
C:\Users\Christian Rietz\AppData\Local\Temp\avgnt.exe
C:\Users\Christian Rietz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqja78w.dll
C:\Users\Christian Rietz\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Christian Rietz\AppData\Local\Temp\Quarantine.exe
C:\Users\Christian Rietz\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Christian Rietz\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-02 23:32
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-03-2015
Ran by Christian Rietz at 2015-03-02 23:41:31
Running from C:\Users\Christian Rietz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8T9JQTC
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 4.42 (HKLM\...\7-Zip) (Version: - )
ACDSee 9 Foto-Manager (HKLM\...\{7AE25201-3E12-4FA2-9E65-67CD475D9263}) (Version: 9.0.55 - ACD Systems Ltd.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader 9 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.3614 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 3.2.0.18 - AVG Technologies)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira SearchFree Toolbar plus Web Protection (HKLM\...\{41564952-412D-5637-00A7-A758B70C0201}) (Version: 12.2.1.477 - Ask Partner Network)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Graphics Suite 11 (HKLM\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
Corel Graphics Suite 11 (Version: 11 - Corel Corporation) Hidden
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.00.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version: - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2019 - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5203 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2209a - CyberLink Corp.)
CyberLink PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - PowerDVDCorp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0815 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2109 - CyberLink Corp.)
DE (Version: 3.0 - Corel Corporation) Hidden
Dolby Control Center (HKLM\...\{70E8EBD5-78C9-4258-B20A-5098CCA000F0}) (Version: 1.1.0601 - Dolby)
Dropbox (HKU\S-1-5-21-209139463-1928718786-3223491114-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Free YouTube Download version 3.2.48.1015 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.48.1015 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.48.1015 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.48.1015 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.)
Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
MAGIX Screenshare (HKLM\...\{A7B517E2-07EB-47BA-877B-3F174FB7760B}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{9D5B0618-2EFA-4DAA-9B53-A546992824EA}) (Version: 7.0.2.6 - MAGIX AG)
MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2601 - CyberLink Corp.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{47948554-90C6-4AAC-8CFA-D23CE11C1031}) (Version: 8.3.124 - Nero AG)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.0 - Nikon)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
O&O Defrag Free Edition (HKLM\...\{E29CFB36-F070-4612-8DB5-7038161B6294}) (Version: 14.1.431 - O&O Software GmbH)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.5.0 - Nikon)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5704 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Samplitude 11 Silver (HKLM\...\MAGIX_MSI_sam11silver) (Version: 11.0.1.0 - MAGIX AG)
Samplitude 11 Silver (Version: 11.0.1.0 - MAGIX AG) Hidden
Samplitude Music Studio 2008 Trial 14.0.2.0 (D) (HKLM\...\Samplitude Music Studio 2008 Trial D) (Version: 14.0.2.0 - MAGIX AG)
Skype™ 6.7 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.)
StreamTransport version: 1.1.6.1 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.2.0 - Synaptics)
TuneUp Utilities (HKLM\...\TuneUp Utilities) (Version: 9.0.4100.12 - TuneUp Software)
TuneUp Utilities (Version: 9.0.4100.12 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 9.0.4100.12 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.9.0 - Nikon)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Fotogalerie (HKLM\...\{A1D08B90-AE1A-4885-AC29-731496FD397E}) (Version: 12.0.1347.0718 - Microsoft Corporation)
Windows Live installer (HKLM\...\{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}) (Version: 12.0.1471.1025 - Microsoft Corporation)
Windows Live Mail (HKLM\...\{82F2B38B-1426-443D-874C-AC25675E7BEB}) (Version: 12.0.1606.1023 - Microsoft Corporation)
Windows Live Messenger (HKLM\...\{2B091530-69AA-442E-AB09-39ED06B58220}) (Version: 8.5.1302.1018 - Microsoft Corporation)
Windows Live Writer (HKLM\...\{B8D42C3A-3CFF-4A8A-A7DA-4F44474D12C5}) (Version: 12.0.1370.0325 - Microsoft Corporation)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-209139463-1928718786-3223491114-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
25-02-2015 23:03:38 Removed Skype™ 6.7
01-03-2015 18:18:56 Wiederherstellungsvorgang
01-03-2015 19:14:16 Wiederherstellungsvorgang
01-03-2015 19:47:21 DLL-Files Fixer So, Mrz 01, 15 19:47
01-03-2015 20:02:59 Wiederherstellungsvorgang
02-03-2015 18:38:46 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2A6345ED-9E31-48E2-AAA9-1B8FE0162021} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-07-11] (RealNetworks, Inc.)
Task: {55EEAAEB-9142-4D42-8386-DC56C99A5F5F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-209139463-1928718786-3223491114-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5C0ECDDC-2000-49E2-903C-6D50008CE73C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09] (Adobe Systems Incorporated)
Task: {635C392F-D422-40B8-99A5-4F0DD50828BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {76780D4E-1472-4D15-8F1D-33CC50612792} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-209139463-1928718786-3223491114-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {7BAB9B3A-24B1-4B7B-AE0D-22DE6589D5B2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-209139463-1928718786-3223491114-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {932074F6-FEAE-4965-AE0E-62D04A8E95B4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-209139463-1928718786-3223491114-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {AC667962-B3FC-416F-B372-14A3F0B4107B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe [2010-04-01] (TuneUp Software)
Task: {C5C8E683-4485-4155-982B-47742639C45B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {D3BD0A79-9FEB-4F90-B0F7-2E7DD23CE352} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-209139463-1928718786-3223491114-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {F4B5D53B-8440-415B-9719-9419C4D509F1} - System32\Tasks\Real Networks Scheduler => C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-07-11] (RealNetworks, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) ==============
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-06-05 12:20 - 2007-06-05 12:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2013-04-16 02:07 - 2013-04-16 02:07 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2008-10-22 06:21 - 2008-06-28 01:00 - 00241734 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2015-01-19 12:03 - 2015-01-19 12:03 - 00245760 _____ () C:\Program Files\Avira\My Avira\System.ComponentModel.Composition.dll
2014-10-20 22:38 - 2014-08-05 09:22 - 01489408 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-10-20 22:38 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00750080 _____ () C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-02 23:25 - 2015-03-02 23:25 - 00043008 _____ () c:\Users\Christian Rietz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqja78w.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00047616 _____ () C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00865280 _____ () C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00200704 _____ () C:\Users\Christian Rietz\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-209139463-1928718786-3223491114-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\system32\oobe\info\wallpaper1.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-209139463-1928718786-3223491114-500 - Administrator - Disabled)
Christian Rietz (S-1-5-21-209139463-1928718786-3223491114-1000 - Administrator - Enabled) => C:\Users\Christian Rietz
Gast (S-1-5-21-209139463-1928718786-3223491114-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (07/28/2013 02:06:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-03-02 23:41:18.652
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:41:18.574
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:41:18.496
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:41:18.418
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:41:18.075
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:41:17.997
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:41:17.904
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:41:17.826
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:40:55.689
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 23:40:55.611
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 60%
Total physical RAM: 2301.44 MB
Available physical RAM: 898.57 MB
Total Pagefile: 4833.9 MB
Available Pagefile: 3111.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.07 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:141.25 GB) (Free:44.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:15.81 GB) (Free:4.4 GB) FAT32
Drive g: (Volume) (Fixed) (Total:141.01 GB) (Free:127.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: DAE4C35C)
Partition 1: (Active) - (Size=141.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.8 GB) - (Type=0C)
==================== End Of Log ============================ |