Danke für die schnelle Antwort!
FRST :
[CODE]
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by wolfgang (administrator) on WOLFGANG-PC on 04-11-2014 11:06:19
Running from C:\Users\wolfgang\Desktop
Loaded Profiles: wolfgang & UpdatusUser (Available profiles: wolfgang & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PSIService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\Realtek Semiconductor Corp\Realtek USB 2.0 Card Reader\reset.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6609440 2008-10-31] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1434920 2009-02-27] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2426607693-3086012762-4238772180-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2426607693-3086012762-4238772180-1000\...\Run: [Ecemr] => C:\Users\wolfgang\AppData\Roaming\Ilam\etwat.exe
HKU\S-1-5-21-2426607693-3086012762-4238772180-1000\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-2426607693-3086012762-4238772180-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2426607693-3086012762-4238772180-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-2426607693-3086012762-4238772180-1000\...\MountPoints2: {1011ded3-8973-11e1-b12f-001f16180464} - I:\setup.exe AUTORUN=1
HKU\S-1-5-21-2426607693-3086012762-4238772180-1000\...\MountPoints2: {a1ccd321-e8c2-11de-aa84-806e6f6e6963} - E:\Msetup4.exe
HKU\S-1-5-21-2426607693-3086012762-4238772180-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: 10.1.8.1:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=bc25e5ee0000000000000022fa2830c6
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
URLSearchHook: HKCU - (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
SearchScopes: HKLM - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKLM - {4B21386F-B87E-1E88-7EF4-1C53F5BDEC92} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1269415
SearchScopes: HKCU - Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=D9B50E05D6A61D14997BE250449A7BDC&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={B83E03E9-6989-4DC3-BF6F-212CD1CAFCDC}&mid=89908f5c520c47d194e6d15650fced97-3891d7bac0645c700f1cc1427aca68052d820988&lang=de&ds=st011&pr=sa&d=2012-02-20 20:02:52&v=9.0.0.23&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1269415
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.50.5.13 10.50.5.12 10.50.5.11
FireFox:
========
FF ProfilePath: C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll No File
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\wolfgang\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-05-03]
FF Extension: No Name - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-08-03]
FF Extension: ColorfulTabs - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-11-03]
FF Extension: FT DeepDark - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-09-22]
FF Extension: WOT - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: Ghostery - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\firefox@ghostery.com.xpi [2013-10-30]
FF Extension: YouTube ALL HTML5 - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2013-12-03]
FF Extension: Tile Tabs - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\tiletabs@DW-dev.xpi [2013-10-30]
FF Extension: SmoothWheel (mozdev.org) - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2013-10-30]
FF Extension: NoScript - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-30]
FF Extension: Adblock Plus - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-25]
FF Extension: BetterPrivacy - C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\3fcy8na6.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-11-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-03]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-03]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\10.0.0.7
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\10.0.0.7 [2012-02-23]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-09-03]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin
FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\wolfgang\AppData\Local\Temp\ccex.crx []
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2304912 2011-07-06] (WIBU-SYSTEMS AG)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 jswpsapi; C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 resetWinService; C:\Program Files\Realtek Semiconductor Corp\Realtek USB 2.0 Card Reader\reset.exe [70656 2008-10-29] () [File not signed]
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2008-04-03] (Avanquest Software) [File not signed]
S3 DNIMp50; C:\Windows\System32\Drivers\DNIMp50.sys [21504 2006-11-16] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 DNISp50; C:\Windows\System32\Drivers\DNISp50.sys [20480 2006-11-16] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-10-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [114904 2014-11-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
R3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [6680064 2000-01-01] (Intel Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [112096 2012-02-09] (Power Software Ltd)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
S3 WINIO; C:\Windows\system32\WinIo.sys [9336 2009-03-03] () [File not signed]
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2v.sys [432640 2008-05-31] (Atheros Communications, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 uxddrv; \??\F:\qti\uxddrv86.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 11:06 - 2014-11-04 11:06 - 00020250 _____ () C:\Users\wolfgang\Desktop\FRST.txt
2014-11-04 11:06 - 2014-11-04 11:06 - 00000000 ____D () C:\FRST
2014-11-04 11:04 - 2014-11-04 11:05 - 00000478 _____ () C:\Users\wolfgang\Desktop\defogger_disable.log
2014-11-04 11:03 - 2014-11-04 11:03 - 00000000 _____ () C:\Users\wolfgang\defogger_reenable
2014-11-04 11:02 - 2014-11-04 10:58 - 00380416 _____ () C:\Users\wolfgang\Desktop\Gmer-19357.exe
2014-11-04 11:02 - 2014-11-04 10:57 - 01106432 _____ (Farbar) C:\Users\wolfgang\Desktop\FRST.exe
2014-11-04 11:02 - 2014-11-04 10:56 - 00050477 _____ () C:\Users\wolfgang\Desktop\Defogger.exe
2014-11-04 10:11 - 2014-11-04 10:25 - 00000652 _____ () C:\Windows\setupact.log
2014-11-04 10:11 - 2014-11-04 10:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-04 09:58 - 2014-11-04 10:30 - 00004604 _____ () C:\Windows\WindowsUpdate.log
2014-11-04 09:54 - 2014-11-04 09:54 - 00001086 _____ () C:\Windows\PFRO.log
2014-11-04 09:37 - 2014-11-04 09:37 - 00000000 ____D () C:\Users\wolfgang\Desktop\PRE
2014-11-04 09:24 - 2014-11-04 09:24 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-11-04 09:20 - 2014-11-04 09:20 - 02849160 _____ () C:\Users\wolfgang\Downloads\bitdefender_tsecurity.exe
2014-11-04 09:08 - 2014-11-04 09:08 - 00000808 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-04 09:06 - 2014-11-04 10:44 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-04 09:06 - 2014-11-04 09:06 - 04974864 _____ (Piriform Ltd) C:\Users\wolfgang\Downloads\ccsetup419.exe
2014-11-04 09:06 - 2014-11-04 09:06 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-04 09:06 - 2014-11-04 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-04 09:06 - 2014-11-04 09:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-04 09:06 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-04 09:06 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-04 09:06 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-04 08:44 - 2014-11-04 08:44 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\wolfgang\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-04 08:44 - 2014-11-04 08:44 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\wolfgang\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-11-04 08:39 - 2014-11-04 08:39 - 00002214 _____ () C:\Users\wolfgang\Desktop\Use case.dia
2014-11-04 08:39 - 2014-11-04 08:39 - 00000728 _____ () C:\Users\wolfgang\AppData\Local\recently-used.xbel
2014-11-04 08:18 - 2014-11-04 08:39 - 00000000 ____D () C:\Users\wolfgang\.dia
2014-11-04 08:17 - 2014-11-04 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia
2014-11-04 08:16 - 2014-11-04 08:17 - 00000000 ____D () C:\Program Files\Dia
2014-11-04 08:15 - 2014-11-04 08:16 - 19620143 _____ (The Dia Developers) C:\Users\wolfgang\Downloads\dia-setup-0.97.2-2-unsigned.exe
2014-10-26 16:46 - 2014-11-04 09:32 - 00000000 ____D () C:\Users\wolfgang\AppData\Roaming\Ilam
2014-10-26 16:46 - 2014-10-26 16:47 - 00000000 ____D () C:\Users\wolfgang\AppData\Roaming\Qauhy
2014-10-26 16:46 - 2014-10-26 16:46 - 00000000 ____D () C:\Users\wolfgang\AppData\Roaming\Atifwi
2014-10-26 16:03 - 2014-10-26 16:05 - 303625288 _____ ( ) C:\Users\wolfgang\Downloads\HappyFoto-Designer.exe
2014-10-24 15:21 - 2014-10-24 15:21 - 01054912 _____ (Adobe) C:\Users\wolfgang\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2014-10-07 08:20 - 2014-10-14 14:47 - 00000000 ____D () C:\Users\wolfgang\AppData\Roaming\Canon
2014-10-07 08:19 - 2014-10-07 08:19 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 11:03 - 2009-12-14 16:31 - 00000000 ____D () C:\Users\wolfgang
2014-11-04 11:01 - 2006-11-02 11:33 - 01453138 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 10:48 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 10:48 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 10:42 - 2014-03-04 09:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-04 10:42 - 2010-03-23 22:16 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-04 10:42 - 2009-03-03 07:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-04 10:42 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 10:33 - 2014-03-15 19:48 - 00008586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-04 09:41 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-11-04 09:40 - 2009-03-03 08:38 - 00000000 ____D () C:\Program Files\Adobe
2014-11-04 09:39 - 2010-03-23 22:16 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-04 09:36 - 2012-02-20 20:00 - 00000000 ____D () C:\Users\wolfgang\AppData\Roaming\BitTorrent
2014-11-04 09:36 - 2011-07-29 09:53 - 00000000 ____D () C:\Windows\Minidump
2014-11-04 09:32 - 2014-03-11 18:40 - 00000000 ____D () C:\Users\wolfgang\AppData\Roaming\Elahyg
2014-11-04 09:32 - 2014-03-10 15:57 - 00000000 ____D () C:\Users\wolfgang\AppData\Roaming\Lunei
2014-11-04 09:08 - 2013-10-25 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-04 09:08 - 2013-10-25 13:14 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-04 09:07 - 2013-12-08 23:07 - 00000130 _____ () C:\Users\wolfgang\AppData\Roaming\wklnhst.dat
2014-11-04 09:06 - 2013-10-25 13:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-04 08:39 - 2014-09-28 11:11 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-11-03 15:10 - 2009-03-07 13:59 - 00000974 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-10-07 08:18 - 2012-05-14 18:28 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-04 10:49
==================== End Of Log ============================
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by wolfgang at 2014-11-04 11:07:15
Running from C:\Users\wolfgang\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4500_G510nz_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Authorizer Ignition Key Support (Version: 1.0.3.0 - Propellerhead Software AB) Hidden
AVG 2012 (Version: 12.0.2437 - AVG Technologies) Hidden
BitTorrent (HKLM\...\BitTorrent) (Version: 7.6.0 - BitTorrent Inc.)
bl (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2500 series Benutzerregistrierung (HKLM\...\Canon MG2500 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version: - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2325 - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1412 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2521 - CyberLink Corp.)
DE (Version: 3.0 - Corel Corporation) Hidden
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
Dia (nur entfernen) (HKLM\...\Dia) (Version: - )
DivX Plus Pro (HKLM\...\DivX Plus Pro8.2) (Version: 8.2 - DivX Plus Pro)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Foxlink Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.48000.201_WHQL - Sonix)
Google Earth (HKLM\...\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}) (Version: 4.3.7284.3916 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}) (Version: 1.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
LEGO® Star Wars™ III: The Clone Wars™ (HKLM\...\{6C0A6B81-0D00-453F-B220-E1F7931B3C2A}) (Version: 1.0.0.0 - LucasArts)
Lenovo Drivers Update Utility (HKLM\...\Lenovo Drivers Update Utility_is1) (Version: - DGTSoft Inc.)
Line 6 Uninstaller (HKLM\...\Line 6 Uninstaller) (Version: - Line 6)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Battery 3 (HKLM\...\Native Instruments Battery 3) (Version: - Native Instruments)
Native Instruments FM8 (HKLM\...\Native Instruments FM8) (Version: - Native Instruments)
Native Instruments Guitar Rig 4 (HKLM\...\Native Instruments Guitar Rig 4) (Version: - Native Instruments)
Native Instruments Komplete 6 (HKLM\...\Native Instruments Komplete 6) (Version: - Native Instruments)
Native Instruments Kontakt 4 (HKLM\...\Native Instruments Kontakt 4) (Version: - Native Instruments)
Native Instruments Service Center (HKLM\...\Native Instruments Service Center) (Version: - Native Instruments)
Nero 8 Essentials (HKLM\...\{47948554-90C6-4AAC-8CFA-D23CE11C1031}) (Version: 8.3.124 - Nero AG)
NETGEAR WN121T wireless USB 2.0 adapter (HKLM\...\InstallShield_{2A17F4DB-C3B7-4E45-AECC-7F9FF6909C4B}) (Version: 1.00 - NETGEAR)
NETGEAR WN121T wireless USB 2.0 adapter (Version: 1.00 - NETGEAR) Hidden
Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
ph (Version: 1.0.0 - Your Company Name) Hidden
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PowerISO (HKLM\...\PowerISO) (Version: 5.0 - Power Software Ltd)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 1.00.0000 - NETGEAR)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5730 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20111 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.3.2.12064_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SweetIM for Messenger 3.6 (HKLM\...\{A81A974F-8A22-43E6-9243-5198FF758DA1}) (Version: 3.6.0002 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetIM Toolbar for Internet Explorer 4.2 (HKLM\...\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}) (Version: 4.2.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.2.3.3 - Synaptics Incorporated)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WN111v2 (Version: 1.00.0000 - NETGEAR) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
04-09-2014 15:23:17 Geplanter Prüfpunkt
09-09-2014 16:48:36 Geplanter Prüfpunkt
20-09-2014 09:18:48 Geplanter Prüfpunkt
22-09-2014 13:45:07 Geplanter Prüfpunkt
24-09-2014 14:21:30 Geplanter Prüfpunkt
25-09-2014 18:08:33 Geplanter Prüfpunkt
27-09-2014 10:57:09 Geplanter Prüfpunkt
28-09-2014 09:51:06 Gerätetreiber-Paketinstallation: Canon Drucker
28-09-2014 09:51:37 Gerätetreiber-Paketinstallation: Canon Bildverarbeitungsgeräte
14-10-2014 15:22:44 Geplanter Prüfpunkt
16-10-2014 17:05:52 Geplanter Prüfpunkt
17-10-2014 14:28:31 Geplanter Prüfpunkt
19-10-2014 18:06:18 Geplanter Prüfpunkt
24-10-2014 17:40:24 Geplanter Prüfpunkt
25-10-2014 08:59:04 Geplanter Prüfpunkt
26-10-2014 17:20:55 Geplanter Prüfpunkt
27-10-2014 12:45:54 Geplanter Prüfpunkt
03-11-2014 14:47:31 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03ADDB1B-80FA-4928-A33E-311B92F5D771} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {1E38C4C4-1DCC-46C8-827E-82D2DC5855D3} - System32\Tasks\{4B0051C8-CA01-45A0-8229-651943D35994} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {2A40382C-1468-44F1-B87D-CC619C6D1F20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {566C8FDD-FA44-4997-A10D-FB0CEF4E5084} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)
Task: {6D912C84-4C81-4C6E-B71A-73A211C6DDF3} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {94DD685F-FC45-4F66-97D3-CE278638BFC8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A575ED4-8562-4050-98D1-8A71AF168139} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28] (Google)
Task: {A7CC0960-060D-4E5C-870A-472A3DD0573D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)
Task: {ACC2650F-8DAC-403F-8AD2-3D59CB33F1CB} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - wolfgang => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2009-03-03 07:28 - 2008-10-29 16:20 - 00070656 _____ () C:\Program Files\Realtek Semiconductor Corp\Realtek USB 2.0 Card Reader\reset.exe
2009-03-04 04:17 - 2009-02-25 09:13 - 00247152 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Ecemr => C:\Users\wolfgang\AppData\Roaming\Ilam\etwat.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: tsnp2uvc => C:\Windows\tsnp2uvc.exe
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: {5EFF6A61-E1D7-49DC-2481-15C5CB7E3531} => C:\Users\wolfgang\AppData\Roaming\Template\Templatewin.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2426607693-3086012762-4238772180-500 - Administrator - Disabled)
Gast (S-1-5-21-2426607693-3086012762-4238772180-501 - Limited - Enabled)
UpdatusUser (S-1-5-21-2426607693-3086012762-4238772180-1001 - Limited - Enabled) => C:\Users\UpdatusUser
wolfgang (S-1-5-21-2426607693-3086012762-4238772180-1000 - Administrator - Enabled) => C:\Users\wolfgang
==================== Faulty Device Manager Devices =============
Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/04/2014 10:44:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 10:08:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 09:57:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 09:38:18 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (11/04/2014 09:38:18 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (11/04/2014 09:38:18 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (11/04/2014 09:38:18 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (11/04/2014 09:37:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (11/04/2014 09:37:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (11/04/2014 08:02:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32295810
System errors:
=============
Error: (11/04/2014 10:45:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (11/04/2014 10:09:23 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}
Error: (11/04/2014 10:08:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (11/04/2014 10:06:49 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 04.11.2014 um 10:05:03 unerwartet heruntergefahren.
Error: (11/04/2014 09:57:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (11/04/2014 09:57:22 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (11/04/2014 09:57:22 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error: (11/04/2014 09:57:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}
Error: (11/04/2014 08:09:00 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.1.3 für die Netzwerkkarte mit der Netzwerkadresse 0022FA2830C6 wurde durch den DHCP-Server 1.3.3.7 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (11/04/2014 08:02:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: WINIO%%193
Microsoft Office Sessions:
=========================
Error: (11/04/2014 10:44:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 10:08:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 09:57:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 09:38:18 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING-TO_DELETE
Error: (11/04/2014 09:38:18 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING
Error: (11/04/2014 09:38:18 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING
Error: (11/04/2014 09:38:18 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING-BACKUP
Error: (11/04/2014 09:37:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING-TO_DELETE
Error: (11/04/2014 09:37:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\WOLFGANG\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\3FCY8NA6.DEFAULT\SAFEBROWSING-BACKUP
Error: (11/04/2014 08:02:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32295810
CodeIntegrity Errors:
===================================
Date: 2014-11-04 10:45:05.727
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 10:08:48.970
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 09:57:50.071
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 09:07:14.458
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 09:07:14.021
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 09:07:13.572
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 09:07:13.095
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 09:06:48.232
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 09:06:47.634
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-04 09:06:47.029
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 41%
Total physical RAM: 3065.95 MB
Available physical RAM: 1808.41 MB
Total Pagefile: 22336.16 MB
Available Pagefile: 21194.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1910.59 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:440.37 GB) (Free:132.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:25.38 GB) (Free:9.09 GB) FAT32
Drive f: (XIAOMI) (CDROM) (Total:0.06 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: A89BC304)
Partition 1: (Active) - (Size=440.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=25.4 GB) - (Type=0C)
==================== End Of Log ============================
|
So funktioniert es:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
dann auf 
und dann auf 
.