MBAM-Funde

Hier wird Dir geholfen, Viren, Trojaner und andere unerwünschte Programme von Deinem Rechner zu entfernen.
Benutzeravatar
AlfaMS
Beiträge: 1835
Registriert: So 24. Aug 2014, 15:20
Betriebssystem: LinuxMint 64 & Windows 10 Pro 64 (DualBoot)
Wohnort: Münster

Re: MBAM-Funde

Beitrag von AlfaMS »

..War aber im Avira-Forum gang und gäbe..
Give Peace A Chance
Benutzeravatar
phoenix66
Beiträge: 1140
Registriert: Mi 3. Sep 2014, 19:33
Betriebssystem: Windows 7 Prof (64bit) S ;
Virenscanner: Avast Zen Free
Wohnort: Gera

Re: MBAM-Funde

Beitrag von phoenix66 »

das Problem ist gelöst und die Beate wird alles hier einstellen.

Gruß phoenix66
Win 7 professional(64bit); Linuxmint-19.1 cinnamon (64bit)
Benutzeravatar
beate67
Beiträge: 1199
Registriert: So 24. Aug 2014, 15:16
Wohnort: am wunderschönen Niederrhein

Re: MBAM-Funde

Beitrag von beate67 »

Huhu,

hier also das Log:

http://pastebin.com/s74mTD6C" onclick="window.open(this.href);return false;

Gruß, Beate :)
"Wenn du eine weise Antwort willst, mußt du vernünftig fragen." (Johann Wolfgang von Goethe)
Benutzeravatar
Carlus
Beiträge: 643
Registriert: So 24. Aug 2014, 14:40
Wohnort: Das Tor zur Welt

Re: MBAM-Funde

Beitrag von Carlus »

phoenix66 hat geschrieben:das Problem ist gelöst und die Beate wird alles hier einstellen.

Gruß phoenix66
siehste....

und genau sowas nenne ich umständlich ;)
Gruß Carlus

Die Stimme ist eine menschliche Gabe. Sie sollte geschätzt und benutzt werden.
Kraftlosigkeit und Schweigen gehören zusammen.
NoG
Moderator
Beiträge: 7383
Registriert: So 24. Aug 2014, 15:02
Betriebssystem: Windows 8.1
Virenscanner: GData
Wohnort: Pinneberg

Re: MBAM-Funde

Beitrag von NoG »

Alter Schwede! :shock: Das hat sich ja gelohnt!

Als naechstes bitte ADWCleaner (http://general-changelog-team.fr/en/tools/15-adwcleaner) herunterladen, Avira deaktivieren, ADW mit Admin-Rechten ausfuehren, Avira aktivieren und das Log hier reinstellen. Erstmal nur das Log hier posten, noch nichts loeschen lassen!
We have bugs the likes of which even God has never seen!
Benutzeravatar
AlfaMS
Beiträge: 1835
Registriert: So 24. Aug 2014, 15:20
Betriebssystem: LinuxMint 64 & Windows 10 Pro 64 (DualBoot)
Wohnort: Münster

Re: MBAM-Funde

Beitrag von AlfaMS »

"Nette" Sammlung von Adware - wie kommt das alles drauf?!
Ja - weiter mit ADWCleaner wie NoG schrieb..
Give Peace A Chance
Benutzeravatar
phoenix66
Beiträge: 1140
Registriert: Mi 3. Sep 2014, 19:33
Betriebssystem: Windows 7 Prof (64bit) S ;
Virenscanner: Avast Zen Free
Wohnort: Gera

Re: MBAM-Funde

Beitrag von phoenix66 »

dann wollen wir mal sehen, ob das Einfügen klappt?
# AdwCleaner v3.311 - Bericht erstellt am 07/10/2014 um 21:09:32
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : MB PRIVAT - MBPRIVAT-HP
# Gestartet von : C:\Users\MB PRIVAT\Documents\adwcleaner_3.311.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Windows\System32\roboot64.exe
Ordner Gefunden : C:\Program Files (x86)\AVG Secure Search
Ordner Gefunden : C:\Program Files (x86)\BrowserCompanion
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\NewSAVer
Ordner Gefunden : C:\Program Files (x86)\NewSaVer
Ordner Gefunden : C:\Program Files (x86)\Optimizer Pro
Ordner Gefunden : C:\Program Files (x86)\sweetpacks bundle uninstaller
Ordner Gefunden : C:\Program Files\DomaIQ Uninstaller
Ordner Gefunden : C:\ProgramData\50aCoupoons
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\BetterSoft
Ordner Gefunden : C:\ProgramData\clsoft ltd
Ordner Gefunden : C:\ProgramData\NewSAVer
Ordner Gefunden : C:\ProgramData\NewSaVer
Ordner Gefunden : C:\ProgramData\Premium
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\SearchProtect
Ordner Gefunden : C:\Users\MB PRIVAT\AppData\Local\Conduit
Ordner Gefunden : C:\Users\MB PRIVAT\AppData\Local\PackageAware
Ordner Gefunden : C:\Users\MB PRIVAT\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\MB PRIVAT\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\MB PRIVAT\AppData\Roaming\BrowserCompanion
Ordner Gefunden : C:\Users\MB PRIVAT\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\MB PRIVAT\AppData\Roaming\Systweak
Ordner Gefunden : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gefunden : C:\Windows\SysWOW64\SearchProtect

***** [ Tasks ] *****

Task Gefunden : Scheduled Update for Ask Toolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\5d57d7dbe76fed40
Schlüssel Gefunden : HKCU\Software\Alexa Internet
Schlüssel Gefunden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gefunden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gefunden : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\BI
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\distromatic
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C7576B9D-B442-46BC-AF74-080A9E723E01}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\Alexa Internet
Schlüssel Gefunden : [x64] HKCU\Software\Ask.com
Schlüssel Gefunden : [x64] HKCU\Software\BI
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\distromatic
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C7576B9D-B442-46BC-AF74-080A9E723E01}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gefunden : [x64] HKCU\Software\SmartBar
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gefunden : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gefunden : HKLM\SOFTWARE\5d57d7dbe76fed40
Schlüssel Gefunden : HKLM\SOFTWARE\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\I
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT1703539
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2325506
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2998365
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Default Tab
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ask-com-toolbar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ask-com-toolbar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_2_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_2_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sweetpacks Bundle Uninstaller
Schlüssel Gefunden : HKLM\SOFTWARE\SP Global
Schlüssel Gefunden : HKLM\SOFTWARE\SProtector
Schlüssel Gefunden : HKLM\SOFTWARE\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Web Assistant
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Web Assistant

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Google Chrome v37.0.2062.124

[ Datei : C:\Users\MB PRIVAT\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17841 octets] - [07/10/2014 21:09:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [17902 octets] ##########

Gruß phoenix66
Win 7 professional(64bit); Linuxmint-19.1 cinnamon (64bit)
Benutzeravatar
beate67
Beiträge: 1199
Registriert: So 24. Aug 2014, 15:16
Wohnort: am wunderschönen Niederrhein

Re: MBAM-Funde

Beitrag von beate67 »

ui, ui, ui, Du gehörst aber auch zu den großen Sammlern :D

Hier würde ich auf jeden Fall zusätzlich FRST und JRT empfehlen ;)

Gruß, Beate :)
"Wenn du eine weise Antwort willst, mußt du vernünftig fragen." (Johann Wolfgang von Goethe)
Benutzeravatar
doj
Beiträge: 144
Registriert: So 24. Aug 2014, 19:00

Re: MBAM-Funde

Beitrag von doj »

Und kannst du was hierzu sagen?

Spyware.Zbot.VXGen, C:\Users\MB PRIVAT\Documents\iResizer.zip, In Quarantäne, [e6fbfe1355276dc9cf89ab10f70a47b9],
NoG
Moderator
Beiträge: 7383
Registriert: So 24. Aug 2014, 15:02
Betriebssystem: Windows 8.1
Virenscanner: GData
Wohnort: Pinneberg

Re: MBAM-Funde

Beitrag von NoG »

Ich sag mal so - bis auf weiteres ist das ein Hinweis, aber immerhin ist der Fund nur innerhalb eines ZIP-Archivs.
We have bugs the likes of which even God has never seen!
Benutzeravatar
doj
Beiträge: 144
Registriert: So 24. Aug 2014, 19:00

Re: MBAM-Funde

Beitrag von doj »

Sorry meine Frage richtete sich an phoenix66.
NoG
Moderator
Beiträge: 7383
Registriert: So 24. Aug 2014, 15:02
Betriebssystem: Windows 8.1
Virenscanner: GData
Wohnort: Pinneberg

Re: MBAM-Funde

Beitrag von NoG »

Ok.

Und bei der Gelegenheit ;) : von ADW alle Funde loeschen lassen und dann bitte mit FRST weiter:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit oder 64 !
es wird nur die passende laufen

download:

http://www.bleepingcomputer.com/downloa ... scan-tool/

Starte jetzt FRST per Mouse-rechtsklick als Administrator.
Ändere ungefragt keine der Checkboxen und klicke auf Scan - ausser, Du hast FRST bereits zuvor eingesetzt, dann achte darauf, dass der Haken bei Addition.txt gesetzt ist.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Es werden nun 2 Dateien erstellt und zwar im Ordner in dem Frst.exe gestartet wurde :
1 - frst.txt
2- addition.txt
Die Dateien / logs bitte nicht ins Forum posten ( sie sind zu lang ) sondern zu
http://www.pastebin.com hochladen (eine Registrierung dort ist nicht notwendig)
klicke auf "submit" und poste uns die URL des uploads ( die oben angezeigte )
{Danke an Beate!}
We have bugs the likes of which even God has never seen!
Benutzeravatar
phoenix66
Beiträge: 1140
Registriert: Mi 3. Sep 2014, 19:33
Betriebssystem: Windows 7 Prof (64bit) S ;
Virenscanner: Avast Zen Free
Wohnort: Gera

Re: MBAM-Funde

Beitrag von phoenix66 »

doj hat geschrieben:Sorry meine Frage richtete sich an phoenix66.
..und hier antwortet auch der phoenix66.
ich weiß nicht, was ich davon halten soll? Ich werde mal die Funde löschen. Vielleicht läufts dann besser, obwohl mein Pc keine Probleme macht. Die Dateien sind wegen dem Zeigen noch in Quarantäne bzw., noch nicht gelöscht.

Gruß phoenix66
Win 7 professional(64bit); Linuxmint-19.1 cinnamon (64bit)
NoG
Moderator
Beiträge: 7383
Registriert: So 24. Aug 2014, 15:02
Betriebssystem: Windows 8.1
Virenscanner: GData
Wohnort: Pinneberg

Re: MBAM-Funde

Beitrag von NoG »

Bitte FRST nicht vergessen.
We have bugs the likes of which even God has never seen!
NoG
Moderator
Beiträge: 7383
Registriert: So 24. Aug 2014, 15:02
Betriebssystem: Windows 8.1
Virenscanner: GData
Wohnort: Pinneberg

Re: MBAM-Funde

Beitrag von NoG »

Phoenix - ernsthaft - wir sind hier noch nicht durch!
We have bugs the likes of which even God has never seen!
Benutzeravatar
phoenix66
Beiträge: 1140
Registriert: Mi 3. Sep 2014, 19:33
Betriebssystem: Windows 7 Prof (64bit) S ;
Virenscanner: Avast Zen Free
Wohnort: Gera

Re: MBAM-Funde

Beitrag von phoenix66 »

ich lasse es gut sein, da die Funde von MBAM gelöscht habe. Erfahrungsgemäß "finden" Sicherheitsprogramme und Scanner nicht nur Viren und sonstige schädlinge, sondern löschen auch gleich benötigte Systemdateien, wie mir mit McAffee passiert ist.
FRST habe ich schon länger und mal durchlaufen lassen.

Gruß phoenix66, der vorsichtig geworden ist.
Win 7 professional(64bit); Linuxmint-19.1 cinnamon (64bit)
NoG
Moderator
Beiträge: 7383
Registriert: So 24. Aug 2014, 15:02
Betriebssystem: Windows 8.1
Virenscanner: GData
Wohnort: Pinneberg

Re: MBAM-Funde

Beitrag von NoG »

Am Ende ist es Deine Entscheidung, aber Dir ist die Funktionsweise von FRST bekannt?
We have bugs the likes of which even God has never seen!
Benutzeravatar
Carlus
Beiträge: 643
Registriert: So 24. Aug 2014, 14:40
Wohnort: Das Tor zur Welt

Re: MBAM-Funde

Beitrag von Carlus »

phoenix66 hat geschrieben:... sondern löschen auch gleich benötigte Systemdateien, ....
FRST habe ich schon länger und mal durchlaufen lassen.

Gruß phoenix66, der vorsichtig geworden ist.
genau deswegen sollte man ja immer erst das log "vorzeigen" und danach nur nach anleitung vorgehen.

*nur mal so als einwurf*
Gruß Carlus

Die Stimme ist eine menschliche Gabe. Sie sollte geschätzt und benutzt werden.
Kraftlosigkeit und Schweigen gehören zusammen.
Benutzeravatar
phoenix66
Beiträge: 1140
Registriert: Mi 3. Sep 2014, 19:33
Betriebssystem: Windows 7 Prof (64bit) S ;
Virenscanner: Avast Zen Free
Wohnort: Gera

Re: MBAM-Funde

Beitrag von phoenix66 »

hier ist das Logfile:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by MB PRIVAT at 2014-10-08 09:15:25
Running from C:\Users\MB PRIVAT\Documents
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{ED51A23A-7BC5-3243-2C0B-D2841B5145B8}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
BenVista PhotoZoom Express 4.0.2 (HKLM-x32\...\PhotoZoom Express 4) (Version: 4.0.2 - BenVista Ltd.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0110.3.43158 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0110.3.43158 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0110.3.43158 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2013.0110.3.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0110.0002.43158 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0110.3.43158 - Advanced Micro Devices, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HydraVision (x32 Version: 4.2.242.0 - Advanced Micro Devices, Inc.) Hidden
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
IsoBuster 1.9.1 (HKLM-x32\...\IsoBuster_is1) (Version: 1.9.1 - Smart Projects)
IZArc 4.1.6 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025F0}) (Version: 7.0.250 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM-x32\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA)
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
SaveByClick (HKLM\...\{23205CB9-14EA-4CAC-AE47-5CC8F8C37E4F}) (Version: 1.0 - SaveByClick) <==== ATTENTION
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.0.7 - Shark007)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 2.24 (HKLM-x32\...\XnView_is1) (Version: 2.24 - Gougelet Pierre-e)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

24-09-2014 06:52:49 Windows Update
28-09-2014 17:23:47 Windows-Sicherung
01-10-2014 07:46:03 Windows Update
05-10-2014 17:00:06 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1221DBAF-55C2-4785-A6D3-1711D5DA7476} - System32\Tasks\HPCeeScheduleForMB PRIVAT => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {18B9030D-B17B-46AE-9591-911387BC0A30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)
Task: {33A2F224-9316-4AE1-9E7D-513F1D5A4480} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3E4FC70D-9C78-47FD-BD45-C960959EFD5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {3F81A1DB-0B9B-4AFC-98C9-1569881E59D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {62F91CF2-405A-4A68-8898-E447F56384A9} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {87913B6C-03DB-4E4B-9365-833921BB20B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11] (Google Inc.)
Task: {96BBA62D-C3C5-436C-9163-52E2196E8282} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A3FEA79C-312C-4550-B840-0591E7567AC2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {A4261E6A-5A00-4468-91B5-8599269EFBDC} - System32\Tasks\{4800C9E1-FBE9-4D85-9007-D5B2694634C0} => C:\ProgramData\BetterSoft\SaveByClick\SaveByClick.exe <==== ATTENTION
Task: {A7079066-5A5E-467D-B676-831FB56B038A} - System32\Tasks\HPCeeScheduleForMBPRIVAT-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {B2639F78-FB83-481F-A035-0345E9B96CD5} - System32\Tasks\Opera scheduled Autoupdate 1401196384 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: {B2F0954D-B453-4162-8068-FD8440E92D9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11] (Google Inc.)
Task: {D811AB69-8E6C-4DFD-AEDC-3CC71F3B7432} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)
Task: {E50CEA0D-06F9-4C14-9052-A3E1480BB5EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {EA2B71BC-428E-402F-9B82-8491D5E70EED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMB PRIVAT.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMBPRIVAT-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\{4800C9E1-FBE9-4D85-9007-D5B2694634C0}.job => C:\ProgramData\BetterSoft\SaveByClick\SaveByClick.exe

==================== Loaded Modules (whitelisted) =============

2013-02-25 22:08 - 2009-06-02 01:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-01-09 11:53 - 2011-02-28 09:39 - 00211456 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll
2012-07-30 13:54 - 2012-07-30 13:54 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2012-07-30 13:54 - 2012-07-30 13:54 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-3517970994-3013668129-2067591027-500 - Administrator - Disabled)
Gast (S-1-5-21-3517970994-3013668129-2067591027-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3517970994-3013668129-2067591027-1002 - Limited - Enabled)
MB PRIVAT (S-1-5-21-3517970994-3013668129-2067591027-1001 - Administrator - Enabled) => C:\Users\MB PRIVAT

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2014 09:13:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 08:20:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 09:04:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 07:32:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 00:06:25 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (10/07/2014 10:46:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 09:59:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 08:32:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 07:12:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 04:34:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (10/08/2014 09:14:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (10/08/2014 08:20:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (10/07/2014 09:05:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (10/07/2014 07:32:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (10/07/2014 01:57:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.

Error: (10/07/2014 10:50:36 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (10/07/2014 10:47:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (10/07/2014 09:59:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (10/07/2014 08:34:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (10/06/2014 07:13:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126


Microsoft Office Sessions:
=========================
Error: (10/08/2014 09:13:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 08:20:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 09:04:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 07:32:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 00:06:25 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (10/07/2014 10:46:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 09:59:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 08:32:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 07:12:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 04:34:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
Percentage of memory in use: 48%
Total physical RAM: 4095.24 MB
Available physical RAM: 2092.3 MB
Total Pagefile: 8188.66 MB
Available Pagefile: 6251.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.35 GB) (Free:839.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.06 GB) (Free:11.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F5E1752E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Gruß phoenix66
Win 7 professional(64bit); Linuxmint-19.1 cinnamon (64bit)
Benutzeravatar
beate67
Beiträge: 1199
Registriert: So 24. Aug 2014, 15:16
Wohnort: am wunderschönen Niederrhein

Re: MBAM-Funde

Beitrag von beate67 »

Hallo Phoenix66,

wenn Du uns jetzt noch das Log frst.txt nachlieferst - Du findest es hier: C:\Users\MB PRIVAT\Documents - dann können wir weitermachen

Gruß, Beate :)
"Wenn du eine weise Antwort willst, mußt du vernünftig fragen." (Johann Wolfgang von Goethe)
Antworten