![]() |
|
Log-Analyse und Auswertung: Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() | ![]() Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert Hallo liebes Trojaner-Board Team, Seit heute hat mein Freund ein Problem mit seinem PC (Windows 8) und kann daher nicht mehr auf das Internet zugreifen. Jedes Mal, wenn er einen Browser öffnet, erscheint ihm die Fehlermeldung "Fehler: Proxy-Server verweigert die Verbindung" (getestet wurden IE und Firefox). Wir haben die Interneteinstellungen wie in eurem Thread "Probleme mit der Internetverbindung" beschrieben geändert; öffnete man den Browser danach, konnte man kurzzeitig auf eine Website zugreifen - als wir bei den Interneteinstellungen nachgesehen haben, stellten wir fest, dass jene wieder auf die vorherigen Einstellungen zurückgesetzt worden waren (einen Proxy-Server über unseren Localhost). Ich weiß nicht, ob das etwas zur Sache tut, aber vor einigen Tagen hatten wir die DNS auf die Google DNS geändert - selbst das haben wir in Folge der Fehlersuche heute wieder rückgängig gemacht, leider natürlich ohne Erfolg. Avast hat leider nichts gefunden. Gescannt haben wir den PC nun mit defogger und FRST, GMER verweigerte bei uns leider den Dienst und teilte mit, dass es nicht auf WINDOWS/system32/config/system zugreifen könne, da jene Datei von einem anderen Prozess verwendet wird. Zum Glück kann er merkwürdigerweise noch auf Skype zugreifen, wodurch er mir die Logs schicken konnte. Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1) Log created at 21:45 on 13/01/2015 (Stefan) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02 Ran by Stefan (administrator) on STEFAN on 13-01-2015 21:45:38 Running from C:\Users\Stefan\Desktop Loaded Profile: Stefan (Available profiles: Stefan) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe () C:\Program Files (x86)\WInterEnhance\WInterEnhance Internet Enhancer\InternetEnhancerService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Spotify Ltd) C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Logitech G35] => C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c)) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM-x32\...\Run: [RazerGameBooster] => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2013-11-22] (Razer Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM\...\RunOnce: [ASYNCMAC] => rundll32.exe streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},C:\WINDOWS\INF\netrasa.inf,Ndis-Mp-AsyncMac HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [Spotify Web Helper] => C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-15] (Spotify Ltd) HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation) HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [MKLOL] => "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Stefan\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [21864 2012-07-25] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay) Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:49184;https=127.0.0.1:49184 ProxyEnable: [S-1-5-21-3178606706-2046197939-3586449545-1001] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-3178606706-2046197939-3586449545-1001] => http=127.0.0.1:49184;https=127.0.0.1:49184 HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {01AF324D-058C-4100-801E-8A0DEFF0C5F8} URL = SearchScopes: HKU\.DEFAULT -> {01AF324D-058C-4100-801E-8A0DEFF0C5F8} URL = SearchScopes: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001 -> DefaultScope {01AF324D-058C-4100-801E-8A0DEFF0C5F8} URL = SearchScopes: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001 -> {01AF324D-058C-4100-801E-8A0DEFF0C5F8} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: BonanzaDeals -> {fe063412-bea4-4d76-8ed3-183be6220d17} -> C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\epoz3lyz.default FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: https://www.youtube.com/playlist?list=FLC09PSAMZ4Gvv80uEJ9ftwQ&feature=mh_lolz FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q= FF NetworkProxy: "type", 5 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 -> C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 -> C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll () FF Plugin HKU\S-1-5-21-3178606706-2046197939-3586449545-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Extension: Google search link fix - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\epoz3lyz.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2014-12-04] FF Extension: Adblock Plus - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\epoz3lyz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-07] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-31] FF HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi Chrome: ======= CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-07] CHR Extension: (Google Drive) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-07] CHR Extension: (YouTube) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-07] CHR Extension: (Google-Suche) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-07] CHR Extension: (avast! Online Security) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-07] CHR Extension: (Google Wallet) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-07] CHR Extension: (Google Mail) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-07] CHR HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 0266061391181945mcinstcleanup; C:\Users\Stefan\AppData\Local\Temp\026606~1.EXE [834664 2013-07-30] (McAfee, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software) S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-07] (BonanzaDeals) S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-07] (BonanzaDeals) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-11-01] (WildTangent) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed] R2 Internet Enhancer Service; C:\Program Files (x86)\WInterEnhance\WInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2014-12-19] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation) S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.) S2 CGVPNCliService; "C:\Program Files\CyberGhost 5\Service.exe" [X] S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] () R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [452432 2013-03-06] (Intel Corporation) R3 LADF_DHP2; C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech) R3 LADF_SBVM; C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation) S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X] S3 wacomvhid; \SystemRoot\System32\drivers\wacomvhid.sys [X] U3 kgldypob; \??\C:\Users\Stefan\AppData\Local\Temp\kgldypob.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-13 21:45 - 2015-01-13 21:45 - 00020605 _____ () C:\Users\Stefan\Desktop\FRST.txt 2015-01-13 21:45 - 2015-01-13 21:45 - 00000474 _____ () C:\Users\Stefan\Desktop\defogger_disable.log 2015-01-13 21:44 - 2015-01-13 21:41 - 02124288 _____ (Farbar) C:\Users\Stefan\Desktop\FRST64.exe 2015-01-13 21:44 - 2015-01-13 21:41 - 00380416 _____ () C:\Users\Stefan\Desktop\snukj2jn.exe 2015-01-13 21:44 - 2015-01-13 21:41 - 00050477 _____ () C:\Users\Stefan\Desktop\Defogger.exe 2015-01-13 21:43 - 2015-01-13 21:43 - 00000000 _____ () C:\Users\Stefan\defogger_reenable 2015-01-13 21:41 - 2015-01-13 21:45 - 00000000 ____D () C:\FRST 2014-12-31 00:05 - 2014-12-31 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhance 2014-12-31 00:05 - 2014-12-31 00:05 - 00000000 ____D () C:\Program Files (x86)\WInterEnhance ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-13 21:44 - 2013-11-02 01:22 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Skype 2015-01-13 21:43 - 2013-10-24 03:29 - 00000000 ____D () C:\Users\Stefan 2015-01-13 21:42 - 2013-12-12 16:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-01-13 21:34 - 2013-12-09 13:10 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16B05073-D180-4E35-9E63-286D24EA8470} 2015-01-13 21:32 - 2013-10-07 18:27 - 00000940 _____ () C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job 2015-01-13 21:29 - 2014-08-07 12:09 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-13 21:26 - 2014-01-31 16:29 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-01-13 21:08 - 2013-10-07 18:25 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3178606706-2046197939-3586449545-1001 2015-01-13 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-01-13 20:30 - 2014-08-07 12:09 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-13 20:19 - 2013-10-24 03:24 - 01441029 _____ () C:\WINDOWS\WindowsUpdate.log 2015-01-13 20:17 - 2014-07-01 19:22 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Steganos 2015-01-13 20:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing 2015-01-13 19:56 - 2013-10-24 04:23 - 00000000 __RDO () C:\Users\Stefan\SkyDrive 2015-01-13 19:52 - 2013-10-07 18:27 - 00000936 _____ () C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job 2015-01-13 19:51 - 2013-10-24 03:25 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-13 19:51 - 2013-09-29 20:04 - 00183624 _____ () C:\WINDOWS\PFRO.log 2015-01-13 19:51 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-13 19:51 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-01-13 19:42 - 2013-12-12 16:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-01-13 19:27 - 2013-10-07 18:27 - 00000000 ____D () C:\Program Files (x86)\BonanzaDeals 2015-01-12 22:44 - 2013-10-07 18:32 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\TS3Client 2015-01-12 20:59 - 2013-10-07 18:39 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Spotify 2015-01-12 20:59 - 2013-10-07 18:39 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Spotify 2015-01-11 18:47 - 2014-03-24 20:51 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Battle.net 2015-01-10 16:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-12-31 16:22 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-31 16:22 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat 2014-12-31 16:22 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat 2014-12-31 16:17 - 2014-09-19 15:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-12-31 16:17 - 2013-12-09 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-31 16:17 - 2013-10-07 18:27 - 00000000 ____D () C:\Program Files (x86)\Wajam 2014-12-30 17:59 - 2014-05-09 23:02 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1 2014-12-30 12:11 - 2013-11-02 00:56 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-12-29 20:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-12-29 12:02 - 2014-09-28 11:30 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-12-29 12:02 - 2013-11-02 01:22 - 00000000 ____D () C:\ProgramData\Skype 2014-12-19 15:50 - 2014-08-27 22:20 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Adobe 2014-12-18 21:58 - 2014-07-13 13:48 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\OBS Some content of TEMP: ==================== C:\Users\Stefan\AppData\Local\Temp\0266061391181945mcinst.exe C:\Users\Stefan\AppData\Local\Temp\bdfilters.dll C:\Users\Stefan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpahadvq.dll C:\Users\Stefan\AppData\Local\Temp\FileSystemView.dll C:\Users\Stefan\AppData\Local\Temp\install_flashplayer11x32au_mssa_aaa_aih.exe C:\Users\Stefan\AppData\Local\Temp\JavaRa.exe C:\Users\Stefan\AppData\Local\Temp\jli.dll C:\Users\Stefan\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Stefan\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\Stefan\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Stefan\AppData\Local\Temp\jre-7u67-windows-i586.exe C:\Users\Stefan\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\Stefan\AppData\Local\Temp\keytool.exe C:\Users\Stefan\AppData\Local\Temp\msvcr100.dll C:\Users\Stefan\AppData\Local\Temp\NGMDll.dll C:\Users\Stefan\AppData\Local\Temp\NGMResource.dll C:\Users\Stefan\AppData\Local\Temp\NGMSetup.exe C:\Users\Stefan\AppData\Local\Temp\node.exe C:\Users\Stefan\AppData\Local\Temp\Player_Setup[1].exe C:\Users\Stefan\AppData\Local\Temp\SkypeSetup.exe C:\Users\Stefan\AppData\Local\Temp\sqlite3.exe C:\Users\Stefan\AppData\Local\Temp\unicows.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-13 21:08 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02 Ran by Stefan at 2015-01-13 21:46:10 Running from C:\Users\Stefan\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated) AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated) Adblock Plus für Firefox Packages (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Adblock Plus für Firefox Packages) (Version: - ) <==== ATTENTION Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden Akamai NetSession Interface (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team) BitTorrent (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\BitTorrent) (Version: 7.8.2.30332 - BitTorrent Inc.) Bonanza Deals (remove only) (HKLM-x32\...\Bonanza Deals) (Version: 5.0.1.0 - Bonanza Deals) <==== ATTENTION Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated) CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.) Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dropbox (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment) Dustforce (HKLM-x32\...\Steam App 65300) (Version: - Hitbox Team) eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM) Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3001 - Acer Incorporated) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Network Connections 17.2.153.0 (HKLM\...\PROSetDX) (Version: 17.2.153.0 - Intel) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Acer Incorporated) Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech) LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.5.2 - www.leaguereplays.com) Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.3 - Smith Micro) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MKLOL (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\MKLOL) (Version: - ) Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG) NVIDIA 3D Vision Controller-Treiber 305.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 305.29 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation) NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation) Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3200 - Acer) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Our Cruise Photos Digital Version 0.9.27 (HKLM-x32\...\{7460981E-FCC2-480B-ACB0-C75AE6201B7B}_is1) (Version: 0.9.27 - The Image Group) Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Update_for_BonanzaDeals (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Bonanza) (Version: - Update_for_BonanzaDeals) <==== ATTENTION Vindictus EU (HKLM-x32\...\Vindictus EU) (Version: - ) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.) Wajam (HKLM-x32\...\WInterEnhance) (Version: 2.21.2.24 (i2.6) - WInterEnhance) <==== ATTENTION WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.25 - WildTangent) Hidden WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) XSplit Broadcaster (HKLM-x32\...\{4BC33FAB-4249-44D7-88A3-22682C577EE3}) (Version: 1.3.1310.1103 - SplitMediaLabs) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 15-12-2014 16:53:58 Geplanter Prüfpunkt 31-12-2014 17:20:44 Geplanter Prüfpunkt 09-01-2015 15:20:23 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0C2132B1-4900-4FC0-9FAE-223145816D29} - System32\Tasks\{DB260CF8-66B3-47DD-A3E5-3BD4F86C5504} => pcalua.exe -a F:\Bin\demo32.exe -d F:\Bin Task: {0CC80265-5C5A-425C-B09A-32015231228F} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION Task: {0EE0B897-7F04-4971-B929-F296E2425D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {12851282-83FF-444A-BB6A-FC0C3DE4574F} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] () Task: {3C5EF33C-D7C1-4226-92C7-5668E8725425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07] (Google Inc.) Task: {4145606B-AE45-4C5D-ACBB-6C55CBBC3D07} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {53B47870-0B8B-4633-93EF-104A36281B1A} - System32\Tasks\{FB8F1885-F14A-4EF7-A750-52B7D19703C0} => pcalua.exe -a F:\install.exe -d F:\ Task: {5D5D5540-D375-4CF3-8CC4-E8171762F055} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07] (Google Inc.) Task: {63700C6F-EA33-4393-8289-B482449CE6A5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink) Task: {857BA6AC-AD95-4836-B94E-F9A97AED65A0} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-07] (BonanzaDeals) <==== ATTENTION Task: {A2AFB03A-03AF-4D6B-B891-F193D39D73D0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software) Task: {AA81E09B-8B5E-484D-9D5A-C9722C1B8944} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] () Task: {B6120A0C-913C-411F-B649-32B3EFBB0AF1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated) Task: {B7F5DC09-3710-4047-A319-59A31A63A266} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-07-05] (Acer Incorporated) Task: {BF735078-434B-46F2-9466-6DB8119E63B1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated) Task: {E4813DB8-8F9A-4576-972A-6DEC66CFA0B5} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {ED7ABA4E-2266-48F6-BB4C-067408FC034F} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-07] (BonanzaDeals) <==== ATTENTION Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-19 17:56 - 2014-12-19 17:56 - 00312320 _____ () C:\Program Files (x86)\WInterEnhance\WInterEnhance Internet Enhancer\InternetEnhancerService.exe 2012-06-22 02:12 - 2012-06-22 02:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll 2014-01-25 15:01 - 2013-12-04 17:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2014-08-06 14:23 - 2014-08-06 14:23 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2015-01-13 19:01 - 2015-01-13 19:01 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011302\algo.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-06 14:24 - 2014-08-06 14:24 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2012-12-06 07:42 - 2012-07-18 04:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Stefan\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk" HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run32: => "mcpltui_exe" HKLM\...\StartupApproved\Run32: => "Norton Online Backup" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\Run: => "OKAYFREEDOM_Agent" HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\Run: => "CyberGhost" ========================= Accounts: ========================== Administrator (S-1-5-21-3178606706-2046197939-3586449545-500 - Administrator - Disabled) Gast (S-1-5-21-3178606706-2046197939-3586449545-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3178606706-2046197939-3586449545-1006 - Limited - Enabled) Stefan (S-1-5-21-3178606706-2046197939-3586449545-1001 - Administrator - Enabled) => C:\Users\Stefan UpdatusUser (S-1-5-21-3178606706-2046197939-3586449545-1004 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/13/2015 09:29:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT) Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.25.11\BonanzaDealsLiveHelper.msi Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (01/13/2015 09:09:16 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (01/13/2015 09:09:16 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (01/13/2015 09:09:15 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (01/13/2015 08:29:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT) Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.25.11\BonanzaDealsLiveHelper.msi Error: (01/13/2015 08:10:14 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoID={B948ACD8-67FD-4BE2-B77A-AD641ECCAE98}: Der Benutzer "SYSTEM" hat eine Verbindung mit dem Namen "Stefanohl" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651. Error: (01/13/2015 08:09:52 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoID={390F6FFE-2E5A-4F72-98CA-E4CADD8A79C5}: Der Benutzer "SYSTEM" hat eine Verbindung mit dem Namen "Stefanohl" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0. System errors: ============= Error: (01/13/2015 08:17:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "OkayFreedom VPN Starter Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/13/2015 07:52:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "McAfee Application Installer Cleanup (0266061391181945)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/13/2015 07:51:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (01/13/2015 07:51:05 PM) (Source: DCOM) (EventID: 10010) (User: STEFAN) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (01/13/2015 07:51:05 PM) (Source: DCOM) (EventID: 10010) (User: STEFAN) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (01/13/2015 07:41:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "OkayFreedom VPN Starter Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/13/2015 07:41:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "OkayFreedom VPN Starter Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/13/2015 07:37:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "CyberGhost 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/13/2015 07:24:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (01/13/2015 07:24:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "McAfee Application Installer Cleanup (0266061391181945)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Microsoft Office Sessions: ========================= Error: (01/13/2015 09:29:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT) Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.25.11\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL) Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4 Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4 Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4 Error: (01/13/2015 09:09:16 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4 Error: (01/13/2015 09:09:16 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4 Error: (01/13/2015 09:09:15 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4 Error: (01/13/2015 08:29:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT) Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.25.11\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL) Error: (01/13/2015 08:10:14 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: {B948ACD8-67FD-4BE2-B77A-AD641ECCAE98}SYSTEMStefanohl651 Error: (01/13/2015 08:09:52 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: {390F6FFE-2E5A-4F72-98CA-E4CADD8A79C5}SYSTEMStefanohl0 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz Percentage of memory in use: 19% Total physical RAM: 8134.06 MB Available physical RAM: 6536.91 MB Total Pagefile: 11078.06 MB Available Pagefile: 9223.34 MB Total Virtual: 131072 MB Available Virtual: 131071.83 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:452.75 GB) (Free:267.85 GB) NTFS Drive d: (DATA) (Fixed) (Total:453.61 GB) (Free:452.58 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9F87AAB2) Partition: GPT Partition Type. ==================== End Of Log ============================ Vielen Dank für eure Hilfe! |
Themen zu Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert |
automatisch, autostart, browser, code, cyberghost, datei, dienst, dllhost.exe, dns, einstellungen, fehlermeldung, firefox, folge, gen, gmer, google, install.exe, internet, internetverbindung, localhost, nicht mehr, nichts, problem, probleme, proxy-server, prozess, tablet, verbindung, windows, öffnet |