| |
| |||||||
Log-Analyse und Auswertung: WIN7: Google Suchergebnisse auf Chrome manipuliertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.02.2015, 16:43
| #1 |
| |  WIN7: Google Suchergebnisse auf Chrome manipuliert Liebes Forum-Team, Ich habe Posts anderer User bereits gelesen und finde es toll wie ihr das macht. Leider habe ich ein sehr hartnäckiges Problem. Die Google Ergebnisse im Chrome-Browser sind manipuliert u.A. mit Werbung. Im Anhang ein Screenshot. Meine Recherche hat gezeigt, dass eine Einstellung in den LAN Einstellungen des IE das Problem löst (siehe Screenshot2). Jedoch nach einem Neustart existiert das Problem wieder. Die Google Suche für den Begriff Test lautet dann Code:
ATTFilter https://www.google.at/search?q=test&oq=test&aqs=chrome.0.69i59j0l5.791j0j7&sourceid=chrome&es_sm=93&ie=UTF-8#gsc.tab=0&gsc.q=test&gsc.page=1
Hier die Logfiles: Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:11 on 21/02/2015 (Design6.at)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Design6.at (administrator) on DESIGN6AT-PC on 21-02-2015 16:14:03
Running from C:\Users\Design6.at\Downloads
Loaded Profiles: Design6.at (Available profiles: Design6.at)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) D:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) D:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) D:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) D:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) D:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(InstallShield®) C:\Program Files (x86)\InstallShield\isupdate.exe
(AVG Technologies CZ, s.r.o.) D:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ZOOM\MSSQL\Binn\sqlservr.exe
(AVG Technologies CZ, s.r.o.) D:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Greenshot) D:\Program Files\Greenshot\Greenshot.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Akamai Technologies, Inc.) C:\Users\Design6.at\AppData\Local\Akamai\netsession_win.exe
(Piriform Ltd) D:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Design6.at\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(AVG Technologies CZ, s.r.o.) D:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\tv_x64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Microsoft Corporation) D:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-19] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => D:\Program Files\Greenshot\Greenshot.exe [536576 2014-12-29] (Greenshot)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-07-31] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-07-26] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => D:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-28] ( (Atheros Communications))
HKU\S-1-5-21-3611461970-3163121172-2511595225-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Design6.at\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3611461970-3163121172-2511595225-1000\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3611461970-3163121172-2511595225-1000\...\Run: [GoogleChromeAutoLaunch_4CF9F9D6DF13FA6B77791F18F624F736] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-3611461970-3163121172-2511595225-1000\...\MountPoints2: {f5aa6b4a-98d5-11e4-be35-806e6f6e6963} - E:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
Startup: C:\Users\Design6.at\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080;
HKU\S-1-5-21-3611461970-3163121172-2511595225-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> D:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\Design6.at\AppData\Roaming\Mozilla\Firefox\Profiles\mv25ave8.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Design6.at\AppData\Roaming\Mozilla\Firefox\Profiles\mv25ave8.default\Extensions\abs@avira.com [2015-02-21]
FF Extension: PCCpnApp - C:\Users\Design6.at\AppData\Roaming\Mozilla\Firefox\Profiles\mv25ave8.default\Extensions\BGD@UNj.net [2015-02-21]
FF Extension: UUniDealSi - C:\Users\Design6.at\AppData\Roaming\Mozilla\Firefox\Profiles\mv25ave8.default\Extensions\ERgPK@o.com [2015-02-21]
FF Extension: FireFTP - C:\Users\Design6.at\AppData\Roaming\Mozilla\Firefox\Profiles\mv25ave8.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-01-21]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-01-12]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - D:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - D:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2015-01-14]
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-21]
CHR Extension: (Google Docs) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Google Drive) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-21]
CHR Extension: (YouTube) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-21]
CHR Extension: (Google Search) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-21]
CHR Extension: (Google Sheets) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-21]
CHR Extension: (Google Wallet) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-21]
CHR Extension: (Gmail) - C:\Users\Design6.at\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-28] (Windows (R) Win 7 DDK provider)
R2 avgfws; D:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; D:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; D:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-07-31] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-26] (Intel Corporation)
R2 isupdate.exe; C:\Program Files (x86)\InstallShield\isupdate.exe [43008 2015-01-21] (InstallShield®) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-26] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-02-20] () [File not signed]
R2 MSSQL$ZOOM; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ZOOM\MSSQL\Binn\sqlservr.exe [160768 2012-10-20] (Microsoft Corporation)
S4 SQLAgent$ZOOM; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ZOOM\MSSQL\Binn\SQLAGENT.EXE [448512 2012-10-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-09] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-28] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-06-28] (Qualcomm Atheros)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-07-30] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418520 2013-06-17] (Realsil Semiconductor Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1512952 2013-08-20] (Sunplus)
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 16:14 - 2015-02-21 16:14 - 00026186 _____ () C:\Users\Design6.at\Downloads\FRST.txt
2015-02-21 16:13 - 2015-02-21 16:14 - 00000000 ____D () C:\FRST
2015-02-21 16:13 - 2015-02-21 16:13 - 02086912 _____ (Farbar) C:\Users\Design6.at\Downloads\FRST64.exe
2015-02-21 16:11 - 2015-02-21 16:11 - 00000482 _____ () C:\Users\Design6.at\Downloads\defogger_disable.log
2015-02-21 16:11 - 2015-02-21 16:11 - 00000000 _____ () C:\Users\Design6.at\defogger_reenable
2015-02-21 16:10 - 2015-02-21 16:10 - 00050477 _____ () C:\Users\Design6.at\Downloads\Defogger.exe
2015-02-21 15:52 - 2015-02-21 15:52 - 00178950 _____ () C:\Users\Design6.at\Downloads\OTL.Txt
2015-02-21 15:52 - 2015-02-21 15:52 - 00063678 _____ () C:\Users\Design6.at\Downloads\Extras.Txt
2015-02-21 15:45 - 2015-02-21 15:45 - 00602112 _____ (OldTimer Tools) C:\Users\Design6.at\Downloads\OTL.exe
2015-02-21 15:30 - 2015-02-21 15:30 - 00000000 ____D () C:\Windows\pss
2015-02-21 14:38 - 2015-02-21 14:38 - 00001421 _____ () C:\Users\Design6.at\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-02-21 13:33 - 2015-02-21 13:33 - 39739064 _____ (Microsoft Corporation) C:\Users\Design6.at\Downloads\Windows-KB890830-x64-V5.21.exe
2015-02-21 12:42 - 2015-02-21 12:41 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-21 12:41 - 2015-02-21 12:41 - 00000000 ____D () C:\Users\Design6.at\AppData\Roaming\Avira
2015-02-21 12:40 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-21 12:40 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-21 12:40 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-02-21 12:38 - 2015-02-21 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-21 12:38 - 2015-02-21 12:39 - 00000000 ____D () C:\ProgramData\Avira
2015-02-21 12:38 - 2015-02-21 12:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-21 12:38 - 2015-02-21 12:38 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Design6.at\Downloads\avira_de_av___ws.exe
2015-02-21 12:35 - 2015-02-21 15:54 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-21 12:35 - 2015-02-21 15:40 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 12:35 - 2015-02-21 12:35 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-21 12:35 - 2015-02-21 12:35 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-21 12:35 - 2015-02-21 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-21 12:03 - 2015-02-21 12:05 - 00002714 _____ () C:\Users\Design6.at\Downloads\software_removal_tool.log
2015-02-21 11:58 - 2015-02-21 11:58 - 00880208 _____ (Google Inc.) C:\Users\Design6.at\Downloads\ChromeSetup.exe
2015-02-21 11:56 - 2015-02-21 11:56 - 00000812 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-21 11:32 - 2015-02-21 11:32 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-21 11:31 - 2015-02-21 11:31 - 04196968 _____ (Piriform Ltd) C:\Users\Design6.at\Downloads\ccsetup502_slim.exe
2015-02-20 19:26 - 2015-02-21 15:54 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-20 19:26 - 2015-02-21 08:57 - 00000000 ____D () C:\Windows\AutoKMS
2015-02-20 19:23 - 2015-02-20 19:23 - 00000000 ____D () C:\Windows\PCHEALTH
2015-02-20 19:23 - 2015-02-20 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-20 19:23 - 2015-02-20 19:23 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-02-20 19:23 - 2015-02-20 19:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-20 19:20 - 2015-02-20 19:20 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2015-02-20 18:39 - 2015-02-21 12:00 - 00000468 _____ () C:\Windows\Tasks\InstallShield Update Task.job
2015-02-20 18:39 - 2015-02-20 19:08 - 00003224 _____ () C:\Windows\System32\Tasks\InstallShield Update Task
2015-02-20 18:39 - 2015-02-20 19:08 - 00000000 ____D () C:\Program Files (x86)\InstallShield
2015-02-20 18:26 - 2015-02-20 18:26 - 00000000 ____D () C:\Users\Design6.at\.swt
2015-02-20 18:24 - 2015-02-20 18:32 - 00000000 ____D () C:\Users\Design6.at\AppData\Roaming\Azureus
2015-02-20 18:18 - 2015-02-20 18:25 - 00000000 ____D () C:\Users\Design6.at\Documents\Outlook Files
2015-02-20 18:17 - 2015-02-20 18:16 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2015-02-20 16:44 - 2015-02-20 16:44 - 00003214 _____ () C:\Windows\System32\Tasks\{B2FD8413-1137-4802-8888-998CD470D8F2}
2015-02-20 16:42 - 2015-02-21 09:01 - 00000000 ____D () C:\Program Files (x86)\PCCpnApp
2015-02-20 16:42 - 2015-02-20 16:42 - 00000000 ____D () C:\ProgramData\oiioioicnlbidlgkanljnbdgdcoicbff
2015-02-20 16:39 - 2015-02-20 17:11 - 00000000 ____D () C:\Program Files (x86)\UUniDealSi
2015-02-20 16:39 - 2015-02-20 16:39 - 00000000 ____D () C:\ProgramData\mogpoehfpbfiaheaphgjflgcfjgjodof
2015-02-20 16:39 - 2015-02-20 16:39 - 00000000 ____D () C:\ProgramData\13511546191016658474
2015-02-20 16:37 - 2015-02-21 09:01 - 00000000 ____D () C:\ProgramData\{775d5413-8f2a-4573-775d-d54138f2504e}
2015-02-20 13:40 - 2015-02-20 13:40 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2015-02-20 12:38 - 2015-02-21 09:49 - 00000000 ____D () C:\Users\Test
2015-02-17 13:47 - 2015-02-17 15:47 - 00000000 ____D () C:\Users\Design6.at\AppData\Roaming\.purple
2015-02-11 13:18 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 13:18 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 13:18 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 13:18 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 13:18 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 13:18 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 13:18 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 13:18 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 13:18 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 13:18 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 13:18 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 13:18 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 13:18 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 13:18 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 13:18 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 13:18 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 13:18 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 13:18 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 13:18 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 13:18 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 13:18 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 13:18 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 13:17 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 13:17 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 13:17 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 13:17 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 13:17 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 13:17 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 13:17 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 13:17 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 13:17 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 13:17 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 13:17 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 13:17 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 13:17 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 13:17 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 13:17 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 13:17 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 13:17 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 13:17 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 13:17 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 13:17 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 13:17 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 13:17 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 13:17 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 13:17 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 13:17 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 13:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 13:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 13:17 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 13:17 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 13:17 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 13:17 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 13:17 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 13:17 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 13:17 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 13:17 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 13:17 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 13:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 13:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 13:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 13:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 13:16 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 12:29 - 2015-02-18 15:29 - 00000000 ____D () C:\Users\Design6.at\AppData\Local\CrashDumps
2015-02-04 15:08 - 2015-02-16 10:23 - 00002002 _____ () C:\Windows\system32\TeamViewer10_Hooks.log
2015-02-03 12:05 - 2015-02-03 12:05 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-03 12:05 - 2015-02-03 12:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 12:01 - 2015-01-26 12:01 - 00097840 _____ () C:\Windows\Birds of Paradise PERSONAL USE ONLY.ttf
2015-01-22 11:47 - 2015-02-19 17:38 - 00000132 _____ () C:\Users\Design6.at\AppData\Roaming\Adobe PNG Format CS5 Prefs
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 16:11 - 2015-01-10 16:39 - 00000000 ____D () C:\Users\Design6.at
2015-02-21 15:59 - 2009-07-14 05:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 15:59 - 2009-07-14 05:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 15:57 - 2015-01-10 16:39 - 01812850 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 15:55 - 2015-01-13 10:03 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Design6at-PC-Design6.at Design6at-PC
2015-02-21 15:54 - 2015-01-20 12:55 - 00000000 ____D () C:\Users\Design6.at\AppData\Roaming\Dropbox
2015-02-21 15:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 15:54 - 2009-07-14 05:51 - 00035987 _____ () C:\Windows\setupact.log
2015-02-21 15:40 - 2015-01-10 17:35 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-21 15:27 - 2015-01-10 16:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-21 15:27 - 2010-11-21 04:47 - 00169578 _____ () C:\Windows\PFRO.log
2015-02-21 14:38 - 2015-01-10 16:40 - 00001455 _____ () C:\Users\Design6.at\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-21 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-21 14:24 - 2015-01-11 22:04 - 00000000 ____D () C:\Users\Design6.at\Documents\Outlook-Dateien
2015-02-21 12:38 - 2015-01-10 16:48 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-21 12:35 - 2015-01-10 17:22 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-21 12:00 - 2015-01-10 17:21 - 00000000 ____D () C:\Users\Design6.at\AppData\Local\Google
2015-02-21 09:08 - 2015-01-12 18:21 - 00000000 ____D () C:\Users\Design6.at\AppData\Local\Adobe
2015-02-21 08:57 - 2015-01-10 17:07 - 00151104 _____ () C:\Users\Design6.at\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-21 08:57 - 2009-07-14 05:45 - 05905360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-20 19:24 - 2015-01-11 21:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-20 19:23 - 2010-11-21 08:17 - 00000000 ____D () C:\Windows\ShellNew
2015-02-20 19:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-20 19:20 - 2015-01-11 21:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-20 19:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-20 19:20 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-02-20 18:31 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-20 13:53 - 2015-01-10 17:09 - 00000000 ____D () C:\Users\Design6.at\Documents\Bluetooth Folder
2015-02-20 12:50 - 2009-07-14 06:13 - 00733056 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 12:39 - 2015-01-10 17:17 - 00000000 ____D () C:\ProgramData\Atheros
2015-02-20 12:38 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-19 09:36 - 2015-01-13 16:58 - 00000000 ____D () C:\Users\Design6.at\AppData\Local\Greenshot
2015-02-18 18:25 - 2015-01-13 11:24 - 00000000 ____D () C:\Users\Design6.at\AppData\Roaming\Skype
2015-02-16 10:23 - 2015-01-13 14:23 - 00000728 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-16 10:05 - 2015-01-20 12:56 - 00000000 ____D () C:\Users\Design6.at\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-13 12:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 14:19 - 2015-01-13 15:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 14:19 - 2015-01-13 15:54 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-22 11:45 - 2015-01-12 18:21 - 00000000 ____D () C:\Users\Design6.at\AppData\Roaming\Adobe
==================== Files in the root of some directories =======
2015-01-22 11:47 - 2015-02-19 17:38 - 0000132 _____ () C:\Users\Design6.at\AppData\Roaming\Adobe PNG Format CS5 Prefs
Some content of TEMP:
====================
C:\Users\Design6.at\AppData\Local\Temp\avgnt.exe
C:\Users\Design6.at\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4rfn0m.dll
C:\Users\Design6.at\AppData\Local\Temp\Microsoft Toolkit.exe
C:\Users\Design6.at\AppData\Local\Temp\ose00001.exe
C:\Users\Design6.at\AppData\Local\Temp\SETUP.EXE
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 12:31
==================== End Of Log ============================
Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Design6.at at 2015-02-21 16:14:28
Running from C:\Users\Design6.at\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3611461970-3163121172-2511595225-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4293 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
biz.2zoom.vollinstallation (HKLM-x32\...\{D1186B75-6559-4DC8-B941-2B065068C297}) (Version: 7.0.0.0 - 2zoom)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Dropbox (HKU\S-1-5-21-3611461970-3163121172-2511595225-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Greenshot 1.2.4.10 (HKLM\...\Greenshot_is1) (Version: 1.2.4.10 - Greenshot)
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.32 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C807BEFB-0F17-41AC-B307-D7B5E1553040}) (Version: 5.0.20.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{B50981AD-95E8-4E4D-912A-7C4B738387CA}) (Version: 3.4.6.0 - Hewlett-Packard Company)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.12.1688 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.7.3.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{D0AAC6B5-2B55-4E53-B996-0D4EA696E00C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{376949D9-0B10-4E7A-9AA5-16AC38F9E843}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.230 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.18 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Service Pack 1 for SQL Server 2012 (KB2674319) (HKLM-x32\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SQL Server 2012 Client Tools (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.3 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38843 - TeamViewer)
Validity Fingerprint Sensor Driver (HKLM\...\{F5850B80-27F9-406E-91D3-1329F813BA63}) (Version: 4.5.130.0 - Validity Sensors, Inc.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3611461970-3163121172-2511595225-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-01-14 15:29 - 00003747 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 3dns.adobe.com
There are 66 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0390690F-FCAE-46F2-A987-CD48477DCBA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21] (Google Inc.)
Task: {050DC59B-CA47-40EA-A5B8-27ED142279A3} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {088E77C4-0CF9-434A-B0E2-C0BAD8A42600} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {310C0231-1044-45B8-9676-64F13DCC2E45} - System32\Tasks\2zoom.biz.backup => C:\Program Files (x86)\2zoom\2zoom.biz.backup\2zoom.biz.backup.exe [2014-12-01] (Daniel Sumak / 2zoom Software)
Task: {49AC808A-67A7-4A4B-8FE8-D59237611917} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Design6at-PC-Design6.at Design6at-PC => D:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {709AA1FB-223D-48C0-9493-4511AB1D2285} - System32\Tasks\AdobeAAMUpdater-1.0-Design6at-PC-Design6.at => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {85B56DA3-037A-4C4C-A010-92B1EA6E8382} - System32\Tasks\{B2FD8413-1137-4802-8888-998CD470D8F2} => pcalua.exe -a "C:\Program Files (x86)\UUniDealSi\UUniDealSi.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {9065AE64-F4C9-4000-8744-9456EFF4C990} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {926BD8D6-AC80-4B96-8355-5B0D8C6A4A50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21] (Google Inc.)
Task: {9CCCA785-592E-44D7-B9BB-A5707DE194D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BF5C0861-DED5-46F7-8152-87781B2CFF46} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-02-20] ()
Task: {DF5D67A2-F6A8-40D9-8049-666E024C0101} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {EBC2744E-665C-404A-8DBF-EDBB79BA5C83} - System32\Tasks\KMS Activation => D:\Program Files\KMSpico\RandomFile.exe
Task: {F9C5D8F3-545B-4D70-94EE-E1545D623DBE} - System32\Tasks\InstallShield Update Task => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\InstallShield\isupdate.ini"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\InstallShield Update Task.job => C:\Windows\system32\wscript.exe
==================== Loaded Modules (whitelisted) ==============
2013-06-28 06:00 - 2013-06-28 06:00 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () D:\Program Files\CCleaner\lang\lang-1031.dll
2013-06-28 06:08 - 2013-06-28 06:08 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-06-28 05:56 - 2013-06-28 05:56 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00750080 _____ () C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-21 15:54 - 2015-02-21 15:54 - 00043008 _____ () c:\users\design6.at\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4rfn0m.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00047616 _____ () C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00865280 _____ () C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00200704 _____ () C:\Users\Design6.at\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2015-02-21 12:35 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-21 12:35 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-21 12:35 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-01-10 17:07 - 2013-07-26 06:24 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-29 14:03 - 2015-01-29 14:03 - 03925104 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3611461970-3163121172-2511595225-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Design6.at\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
MSCONFIG\startupfolder: C:^Users^Design6.at^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office 2013 Product Key Generator Full Download.lnk => C:\Windows\pss\Microsoft Office 2013 Product Key Generator Full Download.lnk.Startup
MSCONFIG\startupreg: GoogleChromeAutoLaunch_4CF9F9D6DF13FA6B77791F18F624F736 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Accounts: =============================
Administrator (S-1-5-21-3611461970-3163121172-2511595225-500 - Administrator - Disabled)
Design6.at (S-1-5-21-3611461970-3163121172-2511595225-1000 - Administrator - Enabled) => C:\Users\Design6.at
Gast (S-1-5-21-3611461970-3163121172-2511595225-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3611461970-3163121172-2511595225-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {09c9dfa8-67be-43a1-9c42-c6134f4fd75e}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {09c9dfa8-67be-43a1-9c42-c6134f4fd75e}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Generatorname: ASR Writer
Generatorinstanz-ID: {c5c9a588-688b-4447-8739-7843746fd224}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Generatorname: ASR Writer
Generatorinstanz-ID: {c5c9a588-688b-4447-8739-7843746fd224}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 12346) (User: )
Description: Volumeschattenkopie-Fehler: Beim Initialisieren des Registrierungs-Generators ist ein Fehler "0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
"
aufgetreten. Dies kann dazu führen, dass keine Schattenkopien mehr erstellt werden können.
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {ceb9fdf0-91f9-463b-a832-81cc0ff708e0}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {ceb9fdf0-91f9-463b-a832-81cc0ff708e0}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 12342) (User: )
Description: Volumeschattenkopie-Fehler: Beim Initialisieren des Registrierungs-Generators ist ein Fehler "0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
"
aufgetreten. Dies kann dazu führen, dass keine Schattenkopien mehr erstellt werden können.
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Subscribing the Registry server writer failed. hr = 8004230208lx" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Generatorname: Registry Writer
Generatorinstanz-ID: {4764ac36-4b30-44c7-8661-d88e9f481ae6}
System errors:
=============
Error: (02/21/2015 04:05:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/21/2015 03:56:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/21/2015 03:56:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/21/2015 03:55:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/21/2015 03:54:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/21/2015 03:54:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/21/2015 03:54:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/21/2015 03:54:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/21/2015 03:54:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (02/21/2015 03:54:16 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des Assistenten für das Sprachpaket-Setup. Führen Sie einen Neustart des Systems aus, und führen Sie den Assistenten erneut aus.
Microsoft Office Sessions:
=========================
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {09c9dfa8-67be-43a1-9c42-c6134f4fd75e}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {09c9dfa8-67be-43a1-9c42-c6134f4fd75e}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Generatorname: ASR Writer
Generatorinstanz-ID: {c5c9a588-688b-4447-8739-7843746fd224}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Generatorname: ASR Writer
Generatorinstanz-ID: {c5c9a588-688b-4447-8739-7843746fd224}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 12346) (User: )
Description: 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {ceb9fdf0-91f9-463b-a832-81cc0ff708e0}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {ceb9fdf0-91f9-463b-a832-81cc0ff708e0}
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 12342) (User: )
Description: 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Subscribing the Registry server writer failed. hr = 8004230208lx0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
Error: (02/21/2015 04:14:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Generator wird abonniert
Kontext:
Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Generatorname: Registry Writer
Generatorinstanz-ID: {4764ac36-4b30-44c7-8661-d88e9f481ae6}
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 20%
Total physical RAM: 16265.11 MB
Available physical RAM: 13003.15 MB
Total Pagefile: 32528.41 MB
Available Pagefile: 29106.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:88.92 GB) (Free:9.5 GB) NTFS
Drive d: () (Fixed) (Total:143.86 GB) (Free:42.45 GB) NTFS
Drive x: (Business) (Fixed) (Total:195.78 GB) (Free:195.51 GB) NTFS
Drive y: (Privat) (Fixed) (Total:269.97 GB) (Free:269.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E570510A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=88.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=143.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 206BA7A1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
| Themen zu WIN7: Google Suchergebnisse auf Chrome manipuliert |
| 0x8007042, adware, akamai, antivir, antivirus, avira, ccsetup, cpu, desktop, device driver, einstellung, einstellungen, fehler, firefox, flash player, format, google, installation, kmspico, malware / spyware, mozilla, registry, scan, secur, security, starten, svchost.exe, system, usb, virus, windows |
Baum-Darstellung