| littlewang | 20.02.2015 16:43 |
Hi!
Danke dir. Scan habe ich mit dem Programm ausgeführt.
Ich hänge das mal an.
FRST.txt
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Felix (administrator) on FELIXWANG on 20-02-2015 15:34:20
Running from C:\Users\Felix\Downloads
Loaded Profiles: Felix (Available profiles: Felix)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Pinyin 2\GooglePinyinDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-04-08] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-17] (Realtek semiconductor)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [901216 2013-04-29] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253952 2013-05-07] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-10-31] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-10-31] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [90640 2013-07-09] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1367360 2014-12-16] (Lavasoft)
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-04-19] (Microsoft Corporation)
Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com.tw
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com.tw
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2245537700-3172704806-3865764235-1001 -> DefaultScope {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10088_test01_150114&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2245537700-3172704806-3865764235-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10088_test01_150114&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {206599BA-54C3-4B56-8B27-361541F02B36} hxxp://iss.leeds.ac.uk/helpdesk/connect/tools/xc_loader_activex.ocx
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.1 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2245537700-3172704806-3865764235-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Felix\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2245537700-3172704806-3865764235-1001: @talk.google.com/O1DPlugin -> C:\Users\Felix\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2245537700-3172704806-3865764235-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Felix\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2245537700-3172704806-3865764235-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Felix\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2245537700-3172704806-3865764235-1001: bluejeans.com/bjninstallplugin -> C:\Users\Felix\AppData\Roaming\Blue Jeans\bjnplugin\2.6.207.8\npbjninstallplugin_2.6.207.8.dll (Blue Jeans)
FF Plugin HKU\S-1-5-21-2245537700-3172704806-3865764235-1001: bluejeans.com/bjnplugin -> C:\Users\Felix\AppData\Roaming\Blue Jeans\bjnplugin\2.6.207.8\npbjnplugin_2.6.207.8.dll (Blue Jeans)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Felix\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Felix\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
Chrome:
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DYMO Label Framework) - C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Felix\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Blue Jeans Installation Plugin) - C:\Users\Felix\AppData\Roaming\Blue Jeans\bjnplugin\2.6.207.8\npbjninstallplugin_2.6.207.8.dll (Blue Jeans)
CHR Plugin: (Blue Jeans Video Plugin) - C:\Users\Felix\AppData\Roaming\Blue Jeans\bjnplugin\2.6.207.8\npbjnplugin_2.6.207.8.dll (Blue Jeans)
CHR Plugin: (Google Talk Plugin) - C:\Users\Felix\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Felix\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll No File
CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-14]
CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-14]
CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14]
CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]
CHR Extension: (Google Search) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]
CHR Extension: (Google Sheets) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-14]
CHR Extension: (GoToMeeting Pro Screensharing) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcgikpombjkodabhbdalkcdhmllafipp [2015-01-21]
CHR Extension: (Google Wallet) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14]
CHR Extension: (Gmail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [45056 2013-06-15] () [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-04-08] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-04-08] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-04-08] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-04-08] (Intel Corporation)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [32336 2011-01-28] (Sanford, L.P.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-27] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [1351512 2014-12-16] (Lavasoft Limited)
S3 memoQauhlp70; C:\Program Files (x86)\Kilgray\memoQ-2014\MemoQ.AutoUpdate.exe [222176 2014-10-14] (Kilgray)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2014-12-16] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [30992 2013-10-31] (Lenovo)
S2 cae99edb; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll",ENT
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-04-08] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [45880 2013-04-08] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-04-08] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-04-08] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-04-08] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-19] (Disc Soft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-28] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-06-27] (Intel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548936 2013-05-24] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1563352 2013-07-24] (Realtek Semiconductor Corporation )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-17] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
R4 gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-20 15:34 - 2015-02-20 15:34 - 00029262 _____ () C:\Users\Felix\Downloads\FRST.txt
2015-02-20 15:34 - 2015-02-20 15:34 - 00000000 ____D () C:\FRST
2015-02-20 15:33 - 2015-02-20 15:33 - 02086912 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe
2015-02-20 14:06 - 2015-02-20 14:06 - 00000070 _____ () C:\WINDOWS\RAVTC.TMP
2015-02-20 14:02 - 2015-02-20 14:02 - 02347384 _____ (ESET) C:\Users\Felix\Downloads\esetsmartinstaller_deu.exe
2015-02-20 14:02 - 2015-02-20 14:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-20 13:47 - 2015-02-20 13:47 - 00000017 _____ () C:\ProgramData\adaware-installer-reboot-required.tmp
2015-02-19 10:41 - 2015-02-19 10:41 - 00001915 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-02-19 10:41 - 2015-02-19 10:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2015-02-19 10:41 - 2015-02-19 10:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2015-02-19 10:41 - 2015-02-19 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-02-17 14:12 - 2015-02-17 14:12 - 00777369 _____ () C:\Users\Felix\Downloads\Identifikationsnummer Felix Seite 2.jpeg
2015-02-17 14:12 - 2015-02-17 14:12 - 00486024 _____ () C:\Users\Felix\Downloads\Identifikationsnummer Felix Seite 1.jpeg
2015-02-17 14:08 - 2015-02-17 14:49 - 00000000 ____D () C:\Users\Felix\Desktop\Bonn Docs
2015-02-16 10:30 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-16 10:30 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-12 12:34 - 2015-02-12 12:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-12 10:17 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-12 10:17 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-12 10:17 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-12 10:17 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-12 10:17 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-12 10:17 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-12 10:17 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-12 10:17 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-12 10:17 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-12 10:17 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-12 10:17 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-12 10:17 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-12 10:17 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-12 10:17 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-12 10:16 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-12 10:16 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-12 10:16 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-12 10:16 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-12 10:16 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-12 10:16 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-12 10:16 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-12 10:16 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-12 10:16 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-12 10:16 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-12 10:16 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-12 10:16 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-12 10:16 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-12 10:16 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-12 10:16 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-12 10:16 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-12 10:16 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-12 10:16 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-12 10:16 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-12 10:16 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-12 10:16 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-12 10:16 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-12 10:16 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-12 10:16 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-12 10:16 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-12 10:16 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-12 10:16 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-12 10:16 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-12 10:16 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-12 10:16 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-12 10:16 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-12 10:16 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-12 10:16 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-12 10:16 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-12 10:16 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-12 10:16 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-12 10:16 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-12 10:16 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-12 10:16 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-12 10:16 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-12 10:16 - 2014-12-19 08:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-12 10:16 - 2014-12-19 08:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-12 10:16 - 2014-12-08 23:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-12 10:16 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-12 10:16 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-12 10:16 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-12 10:16 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-12 10:16 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-12 10:16 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-12 10:16 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-12 10:16 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-10 16:37 - 2015-02-10 16:37 - 00000000 _____ () C:\WINDOWS\SysWOW64\debug.log
2015-02-08 15:16 - 2015-02-08 15:29 - 00000000 ____D () C:\Users\Felix\Desktop\04.08.2013 20_14 Tatort_ Der schöne Schein
2015-02-08 09:38 - 2015-02-08 09:38 - 00178915 _____ () C:\Users\Felix\Downloads\smdk_fat322.zip
2015-02-05 09:11 - 2015-02-05 09:11 - 02333352 _____ () C:\Users\Felix\Downloads\Kennziffer39_14_3.13 Bewerbung Felix Brender.zip
2015-01-29 20:20 - 2015-01-29 20:20 - 00000000 ____D () C:\Users\Felix\AppData\Local\IsolatedStorage
2015-01-26 13:03 - 2015-02-03 15:38 - 00000000 ____D () C:\Users\Felix\Desktop\CV current
2015-01-22 22:16 - 2015-01-22 22:36 - 120771962 _____ () C:\Users\Felix\Downloads\YangLan_2011G-480p-zh-tw.mp4
2015-01-22 22:14 - 2015-01-22 22:32 - 120495708 _____ () C:\Users\Felix\Downloads\Jenny8Lee_2008P-480p-zh-tw.mp4
2015-01-22 22:13 - 2015-01-22 22:30 - 103419907 _____ () C:\Users\Felix\Downloads\LeslieChang_2012G-480p-zh-tw.mp4
2015-01-22 12:09 - 2015-01-22 12:09 - 00003471 _____ () C:\Users\Felix\Downloads\download.htm
2015-01-21 11:36 - 2015-01-21 11:36 - 800477469 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-21 11:36 - 2015-01-21 11:36 - 00286032 _____ () C:\WINDOWS\Minidump\012115-8421-01.dmp
2015-01-21 09:40 - 2015-01-21 09:40 - 00003105 _____ () C:\Users\Felix\Desktop\Text United App.lnk
2015-01-21 09:40 - 2015-01-21 09:40 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Text United
2015-01-21 09:40 - 2015-01-21 09:40 - 00000000 ____D () C:\Program Files (x86)\Text United GmbH
2015-01-21 09:38 - 2015-01-21 09:39 - 12957696 _____ () C:\Users\Felix\Downloads\TextUnitedAppSetup.msi
2015-01-21 09:09 - 2015-01-21 09:10 - 00000000 ____D () C:\ProgramData\tmpd.updt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-20 15:21 - 2014-04-18 17:17 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-20 15:05 - 2015-01-14 21:00 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 15:01 - 2014-12-23 08:56 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2245537700-3172704806-3865764235-1001UA.job
2015-02-20 15:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-20 14:57 - 2014-04-19 02:00 - 02051365 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-20 14:42 - 2014-04-18 11:52 - 00000000 ____D () C:\Users\Felix\Documents\Outlook Files
2015-02-20 14:11 - 2014-04-18 11:06 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2245537700-3172704806-3865764235-1001
2015-02-20 14:06 - 2015-01-13 22:15 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Panda Security
2015-02-20 14:06 - 2015-01-13 22:14 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-02-20 14:06 - 2015-01-13 22:11 - 00000000 ____D () C:\ProgramData\Panda Security
2015-02-20 13:59 - 2014-07-01 23:13 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2015-02-20 13:47 - 2015-01-14 17:27 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Lavasoft
2015-02-20 13:47 - 2015-01-14 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-02-20 13:47 - 2015-01-14 17:18 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-02-20 12:41 - 2014-04-18 11:00 - 00064320 _____ () C:\Users\Felix\AppData\Local\BTServer.log
2015-02-20 12:41 - 2013-08-22 14:46 - 00311855 _____ () C:\WINDOWS\setupact.log
2015-02-20 10:34 - 2015-01-13 22:17 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2015-02-20 10:00 - 2014-04-18 21:53 - 00245566 _____ () C:\WINDOWS\system32\prfh0404.dat
2015-02-20 10:00 - 2014-04-18 21:53 - 00082716 _____ () C:\WINDOWS\system32\prfc0404.dat
2015-02-20 10:00 - 2014-03-18 10:03 - 01152018 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-20 09:52 - 2015-01-14 21:00 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 09:52 - 2014-04-19 02:11 - 00000000 __RDO () C:\Users\Felix\OneDrive
2015-02-20 09:52 - 2014-04-19 01:55 - 00000000 ____D () C:\Users\Felix
2015-02-20 09:51 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-20 02:04 - 2014-12-23 08:56 - 00000876 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2245537700-3172704806-3865764235-1001Core.job
2015-02-20 02:04 - 2014-04-18 11:52 - 08365790 _____ () C:\Users\Public\CAFADEBUG.log
2015-02-19 21:20 - 2014-07-03 21:43 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\vlc
2015-02-19 12:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-19 10:41 - 2014-12-25 12:57 - 00000000 ____D () C:\ProgramData\Garmin
2015-02-19 10:41 - 2013-10-31 05:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-19 10:40 - 2014-12-25 12:57 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-02-19 10:40 - 2014-12-25 12:56 - 00003556 _____ () C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-02-18 12:50 - 2014-04-18 11:00 - 00000000 ____D () C:\Users\Felix\AppData\Local\Packages
2015-02-18 09:34 - 2014-04-18 12:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-18 09:33 - 2014-04-18 11:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-17 15:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-17 12:28 - 2014-12-10 13:09 - 00000000 ____D () C:\Users\Felix\Desktop\Liliana
2015-02-17 09:15 - 2014-10-21 15:13 - 00000000 ____D () C:\Users\Felix\Desktop\Invoices
2015-02-16 17:11 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-15 18:59 - 2013-10-31 05:27 - 00000000 ____D () C:\ProgramData\Realtek
2015-02-15 18:47 - 2014-03-18 09:54 - 00185032 _____ () C:\WINDOWS\PFRO.log
2015-02-15 18:47 - 2013-08-22 14:44 - 00528144 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-15 18:47 - 2013-08-22 13:25 - 04194304 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-15 18:46 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\zh-HK
2015-02-15 18:46 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2015-02-14 21:27 - 2014-04-18 18:23 - 00000000 ____D () C:\Users\Felix\AppData\Local\Adobe
2015-02-14 21:26 - 2014-12-16 10:22 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-14 21:26 - 2014-12-16 10:22 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-14 21:26 - 2014-04-18 17:17 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-12 12:59 - 2014-04-18 16:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-12 12:47 - 2014-04-18 16:38 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-12 12:44 - 2012-07-26 05:26 - 00000167 _____ () C:\WINDOWS\win.ini
2015-02-10 16:37 - 2014-04-18 11:00 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Adobe
2015-02-10 16:29 - 2015-01-13 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-10 16:29 - 2015-01-13 22:21 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-28 09:10 - 2014-07-01 23:21 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 13:12 - 2014-11-26 00:00 - 00000000 ____D () C:\Users\Felix\Desktop\Ut graduation 2014
2015-01-26 12:59 - 2014-09-11 10:05 - 00000000 ___RD () C:\Users\Felix\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2015-01-21 11:36 - 2014-09-11 09:18 - 00000000 ____D () C:\WINDOWS\Minidump
==================== Files in the root of some directories =======
2014-12-07 21:42 - 2014-12-07 21:44 - 0028456 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2014-04-18 11:01 - 2014-04-18 12:00 - 0000745 _____ () C:\Users\Felix\AppData\Roaming\AbsoluteReminder.xml
2014-04-19 06:53 - 2014-04-19 06:53 - 0000046 _____ () C:\Users\Felix\AppData\Roaming\WB.CFG
2014-04-18 11:00 - 2015-02-20 12:41 - 0064320 _____ () C:\Users\Felix\AppData\Local\BTServer.log
2015-02-20 13:47 - 2015-02-20 13:47 - 0000017 _____ () C:\ProgramData\adaware-installer-reboot-required.tmp
2013-10-31 05:36 - 2013-10-31 05:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\3a8cad46-7e9e-42d7-9037-24a92402e3d4.exe
C:\Users\Felix\AppData\Local\Temp\avgnt.exe
C:\Users\Felix\AppData\Local\Temp\Quarantine.exe
C:\Users\Felix\AppData\Local\Temp\SpOrder.dll
C:\Users\Felix\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 12:12
==================== End Of Log ============================
--- --- ---
--- --- ---
[/CODE]
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Felix at 2015-02-20 15:36:55
Running from C:\Users\Felix\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Web Companion (x32 Version: 1.1.844.1586 - Lavasoft) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version: - )
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple 應用程式支援 (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
bjnplugin (HKLM-x32\...\{7506B00B-4F29-47F2-B295-07BE8E3C5CD6}) (Version: 2.6.207.8 - Blue Jeans)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.60.51 - Conexant)
Công cụ Soát lỗi Microsoft Office 2013 - Tiếng Việt (HKLM\...\{90150000-001F-042A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.3.0.1242 - Sanford, L.P.)
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
LavasoftTcpService (x32 Version: 2.2.9.5 - Lavasoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10234 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
memoQ 2014 (HKLM-x32\...\{C365C9F2-8079-4E30-844A-997433074145}_is1) (Version: - Kilgray)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 校訂工具 2013 - 繁體中文 (HKLM\...\{90150000-001F-0404-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Text United App (HKLM-x32\...\{D94D2C42-AA6B-4D98-A3E8-1CD38E526F4D}) (Version: 1.0.0 - Text United GmbH)
Ver.2014 (HKLM-x32\...\Fernstudium Französisch Modul 6_is1) (Version: - Universität Leipzig, Wissenschaftliche Weiterbildung und Fernstudium)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Web Companion (HKLM-x32\...\{D5116390-5C95-4FEA-A719-78C3C8B5DFB5}_WebCompanion) (Version: 1.1.844.1586 - Lavasoft)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
谷歌拼音输入法 2.7 (HKLM\...\GooglePinyin2) (Version: - Google Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2245537700-3172704806-3865764235-1001_Classes\CLSID\{9914FC2A-D49E-4e44-A607-5D697693120B}\InprocServer32 -> C:\WINDOWS\System32\mscomct2.ocx No File
CustomCLSID: HKU\S-1-5-21-2245537700-3172704806-3865764235-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Felix\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2245537700-3172704806-3865764235-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Felix\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
18-02-2015 09:32:35 Windows Update
19-02-2015 10:40:20 Garmin Express
20-02-2015 13:45:26 AA11
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A10882D-A7DD-41DA-9BC9-9F33C57E0926} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {426BC888-2D2A-43E1-963C-92B8DD2BAD31} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2245537700-3172704806-3865764235-1001
Task: {5B1F3567-0F4E-4202-A7F0-94C918427CAD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-14] (Adobe Systems Incorporated)
Task: {60B2A44A-2142-4901-A793-9CAD554A3E38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-14] (Google Inc.)
Task: {692FADFF-10C8-4DC2-A67F-66C4D7888FDC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {6D907E9B-569C-4764-8C81-4D944EE34990} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245537700-3172704806-3865764235-1001Core => C:\Users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.)
Task: {7A6883D5-5672-4EE1-884A-DE85F697A25D} - System32\Tasks\Google Pinyin Daemon => C:\Program Files (x86)\Google\Google Pinyin 2\GooglePinyinDaemon.exe [2014-07-02] (Google Inc.)
Task: {AE374F14-6506-4407-A3B4-356E24C95FA0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245537700-3172704806-3865764235-1001UA => C:\Users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.)
Task: {B3857DE1-04F1-4BA1-8E85-8419C9486C1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C35D0611-3D7F-4EC4-952D-3CA3514C28EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D4D822FE-0039-4C32-A4B9-AA99E0897399} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-14] (Google Inc.)
Task: {F2774C03-D24A-43CF-BC7E-B2D80AC2697E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FE976C85-7711-4864-84A9-A7DC531E0B31} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2245537700-3172704806-3865764235-1001Core.job => C:\Users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2245537700-3172704806-3865764235-1001UA.job => C:\Users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-10-31 05:27 - 2013-06-15 01:12 - 00045056 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-12-16 12:08 - 2014-12-16 12:08 - 00015208 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2014-12-16 12:08 - 2014-12-16 12:08 - 00012144 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2014-12-16 12:08 - 2014-12-16 12:08 - 00032616 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2013-10-31 05:34 - 2013-10-31 05:34 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-31 05:25 - 2010-10-26 04:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2013-10-31 05:33 - 2013-07-31 22:32 - 00034288 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Lenovo.YogaPicks.Utils.dll
2015-02-20 14:03 - 2014-06-26 07:44 - 00358144 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-04-23 20:05 - 2014-04-23 20:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 20:04 - 2014-04-23 20:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-31 05:35 - 2013-04-17 22:26 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2013-10-31 05:35 - 2013-04-17 22:26 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2013-10-31 05:35 - 2013-04-17 22:26 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2013-10-31 05:35 - 2013-04-17 22:26 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2013-10-31 05:35 - 2013-04-17 22:26 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2013-10-31 05:35 - 2013-04-17 22:26 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2013-10-31 05:35 - 2013-04-17 22:25 - 00027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2014-12-16 12:08 - 2014-12-16 12:08 - 00070464 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2014-12-16 12:08 - 2014-12-16 12:08 - 00171368 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2014-12-16 12:08 - 2014-12-16 12:08 - 00089928 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2014-12-16 12:08 - 2014-12-16 12:08 - 00033136 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2014-12-16 12:08 - 2014-12-16 12:08 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2014-12-16 12:10 - 2014-12-16 12:10 - 00041304 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-01-14 21:02 - 2015-01-09 00:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-14 21:02 - 2015-01-09 00:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-14 21:02 - 2015-01-09 00:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-14 21:02 - 2015-01-09 00:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-14 21:02 - 2015-01-09 00:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
2013-10-31 05:23 - 2013-06-27 00:33 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Felix\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2245537700-3172704806-3865764235-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-2245537700-3172704806-3865764235-500 - Administrator - Disabled)
Felix (S-1-5-21-2245537700-3172704806-3865764235-1001 - Administrator - Enabled) => C:\Users\Felix
Guest (S-1-5-21-2245537700-3172704806-3865764235-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/20/2015 03:32:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (02/20/2015 02:02:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (02/20/2015 02:02:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (02/20/2015 11:33:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3813
Error: (02/20/2015 11:33:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3813
Error: (02/20/2015 11:33:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/20/2015 09:59:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: esu.exe, version: 2.0.0.0, time stamp: 0x54a424af
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process id: 0xf60
Faulting application start time: 0xesu.exe0
Faulting application path: esu.exe1
Faulting module path: esu.exe2
Report Id: esu.exe3
Faulting package full name: esu.exe4
Faulting package-relative application ID: esu.exe5
Error: (02/20/2015 09:59:18 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: esu.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileLoadException
Stack:
at ExpressSelfUpdater.Program.RealMain()
at ExpressSelfUpdater.Program.Main(System.String[])
Error: (02/20/2015 09:51:48 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceMainThread: NotifyServiceStatusRunning() failed.
Error: (02/20/2015 09:51:48 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyCriticalService
NotifyServiceStatusRunning: DeviceIoControl() failed.
Last error = [0x00000001]
System errors:
=============
Error: (02/20/2015 02:05:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5
Error: (02/20/2015 09:51:59 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5
Error: (02/20/2015 09:51:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Super Optimizer service to connect.
Error: (02/20/2015 09:51:17 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (02/20/2015 09:51:15 AM) (Source: Service Control Manager) (EventID: 7018) (User: )
Description: Detected circular dependencies auto-starting services. Check the service dependency tree.
Error: (02/20/2015 09:51:15 AM) (Source: Service Control Manager) (EventID: 7019) (User: )
Description: The EsgScanner service depends on a service in a group which starts later. Change the order in the service dependency tree to ensure that all services required to start this service are starting before this service is started.
Error: (02/20/2015 09:51:15 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:04:11 PM on 2/19/2015 was unexpected.
Error: (02/20/2015 02:04:35 AM) (Source: DCOM) (EventID: 10010) (User: FELIXWANG)
Description: {0006F03A-0000-0000-C000-000000000046}
Error: (02/19/2015 09:16:19 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.
Error: (02/19/2015 09:11:50 PM) (Source: DCOM) (EventID: 10010) (User: FELIXWANG)
Description: microsoft.windows.immersivecontrolpanel
Microsoft Office Sessions:
=========================
Error: (02/20/2015 03:32:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Felix\Downloads\esetsmartinstaller_deu.exe
Error: (02/20/2015 02:02:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Felix\Downloads\esetsmartinstaller_deu.exe
Error: (02/20/2015 02:02:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Felix\Downloads\esetsmartinstaller_deu.exe
Error: (02/20/2015 11:33:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3813
Error: (02/20/2015 11:33:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3813
Error: (02/20/2015 11:33:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/20/2015 09:59:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: esu.exe2.0.0.054a424afKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606cf6001d04cf3e3e367a3C:\Program Files (x86)\Garmin\Express Self Updater\esu.exeC:\WINDOWS\system32\KERNELBASE.dll229654db-b8e7-11e4-bea7-a4db3085a32b
Error: (02/20/2015 09:59:18 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: esu.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileLoadException
Stack:
at ExpressSelfUpdater.Program.RealMain()
at ExpressSelfUpdater.Program.Main(System.String[])
Error: (02/20/2015 09:51:48 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceServiceMainThread: NotifyServiceStatusRunning() failed.
Error: (02/20/2015 09:51:48 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyCriticalServiceNotifyServiceStatusRunning: DeviceIoControl() failed.Last error = [0x00000001]
CodeIntegrity Errors:
===================================
Date: 2015-01-01 22:56:09.438
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-30 17:19:24.265
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-20 06:24:30.842
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-25 13:12:12.885
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-22 14:58:32.029
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-21 15:49:36.033
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-23 11:24:38.059
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-11 13:03:23.808
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-09 14:45:56.759
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-04 16:31:31.961
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210Y CPU @ 1.50GHz
Percentage of memory in use: 63%
Total physical RAM: 8072.27 MB
Available physical RAM: 2907.98 MB
Total Pagefile: 11272.27 MB
Available Pagefile: 5813.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:99.8 GB) (Free:19.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:4 GB) (Free:2.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 477E7D27)
Partition: GPT Partition Type.
==================== End Of Log ============================
Danke dir! |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
