| goldmichel | 27.03.2015 10:36 |
Hi, hatte einen dummen Fehler gemacht und FRST auf dem infizierten System heruntergeladen :nono:, wobei es manipuliert und somit unbrauchbar geworden war.
Mit sauberer Version vom Stick ist nun auch der normale Start von FRST möglich gewesen, hier nun die beiden Logfiles:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Michael Berger (administrator) on ATELIER on 27-03-2015 10:26:31
Running from H:\
Loaded Profiles: Michael Berger (Available profiles: Michael Berger & Atelier & Privat & ThinkBerger)
Platform: Windows 7 Professional (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Vtune\TBPANEL.exe
() C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Dropbox, Inc.) C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-22] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-22] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [362032 2009-11-12] (Acronis)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM-x32\...\Run: [SfWinStartInfo] => C:\Program Files (x86)\SFirm32\sfWinStartupInfo.exe [128392 2010-12-20] (SFirm Hannover)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5140960 2009-11-12] (Acronis)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-04-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\Run: [TBPanel] => C:\Program Files (x86)\Vtune\TBPanel.exe [2158592 2009-05-12] ()
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\Run: [S60 PC Suite Tray] => C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe [699392 2008-12-06] ()
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\MountPoints2: {2c374ba1-392e-11e2-93a1-002618ee5280} - G:\CREATE.EXE
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\MountPoints2: {30cef59e-bb2b-11e3-840b-002618ee5280} - G:\AutoRun.exe
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\MountPoints2: {729bab81-daf0-11e1-98ed-002618ee5280} - H:\AutoRun.exe
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\MountPoints2: {729bab8f-daf0-11e1-98ed-002618ee5280} - G:\AutoRun.exe
HKU\S-1-5-18\...\Run: [Samsung.PCSync] => C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe [1294336 2008-09-18] (Time Information Services Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Michael Berger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{d20c5ee4-142a-11df-99fc-806e6f6e6963}\bootwiz\asrm.bin
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D030415-AE3372CAF8274412FA2F&form=CONMHP&conlogo=CT3330942
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000 -> {4427C4C2-9D10-4961-836A-09F3D9843298} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000 -> {DFDB09FF-4A85-4E3D-9D9B-D6D5D3A0BEAF} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-05] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-05] (Oracle Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll [2011-02-24] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Michael Berger\AppData\Roaming\Mozilla\Firefox\Profiles\vd1soxoc.default-1426769121024
FF DefaultSearchEngine: Google Default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-04-14] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2011-06-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2011-06-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-06-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-06-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll [2011-06-21] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1869414140-2818596827-3927057037-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Michael Berger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2011-06-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2011-06-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2011-06-21] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Michael Berger\AppData\Roaming\Mozilla\Firefox\Profiles\vd1soxoc.default-1426769121024\searchplugins\firefox-add-ons.xml [2015-03-20]
FF SearchPlugin: C:\Users\Michael Berger\AppData\Roaming\Mozilla\Firefox\Profiles\vd1soxoc.default-1426769121024\searchplugins\google-default.xml [2015-03-20]
FF SearchPlugin: C:\Users\Michael Berger\AppData\Roaming\Mozilla\Firefox\Profiles\vd1soxoc.default-1426769121024\searchplugins\googlemaps.xml [2015-03-20]
FF SearchPlugin: C:\Users\Michael Berger\AppData\Roaming\Mozilla\Firefox\Profiles\vd1soxoc.default-1426769121024\searchplugins\googletranslate.xml [2015-03-20]
FF HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Michael Berger\AppData\Roaming\Mozilla\Firefox\Profiles\pxfb1wvj.default-1357663039478\extensions\cliqz@cliqz.com
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=d2170752000000000000002618ee5280"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll No File
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Plugin) - C:\Users\Michael Berger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Michael Berger\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michael Berger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-24]
CHR Extension: (Google Wallet) - C:\Users\Michael Berger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [806192 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [142336 2010-04-12] (HP) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 nmwcdsacjx64; C:\Windows\System32\drivers\nmwcdsacjx64.sys [17408 2007-05-02] (Nokia)
S3 nmwcdsacx64; C:\Windows\System32\drivers\nmwcdsacx64.sys [12288 2007-05-02] (Nokia)
S3 nmwcdsax64; C:\Windows\System32\drivers\nmwcdsax64.sys [171008 2007-05-02] (Nokia)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2012-02-17] (Duplex Secure Ltd.)
S2 TBPanel; No ImagePath
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2010-02-16] (Acronis)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198784 2009-05-25] (Vimicro Corporation)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 10:15 - 2015-03-27 10:26 - 00000000 ____D () C:\FRST
2015-03-25 12:31 - 2015-03-25 12:31 - 00000020 _____ () C:\Users\Michael Berger\defogger_reenable
2015-03-25 10:49 - 2015-03-25 10:49 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 10:49 - 2015-03-25 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 10:49 - 2015-03-25 10:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 10:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-25 10:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-25 10:35 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-25 09:07 - 2015-03-25 19:01 - 00000000 ____D () C:\MalwareBytes
2015-03-24 17:38 - 2015-03-25 13:02 - 00000000 ____D () C:\AdwCleaner
2015-03-24 12:53 - 2015-03-24 12:53 - 00002211 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-24 12:53 - 2015-03-24 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-20 14:49 - 2015-03-20 14:49 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-20 14:49 - 2015-03-20 14:49 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-20 14:49 - 2015-03-20 14:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-19 11:52 - 2015-03-19 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-19 10:47 - 2015-03-20 14:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-04 14:51 - 2015-03-04 17:00 - 00000000 ____D () C:\Users\Michael Berger\AppData\Roaming\MyPhoneExplorer
2015-03-04 14:43 - 2015-03-04 14:43 - 00002021 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2015-03-04 14:43 - 2015-03-04 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-03-04 14:43 - 2015-03-04 14:43 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2015-03-04 14:42 - 2015-03-02 18:02 - 00372248 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-04 14:42 - 2015-03-02 18:02 - 00325944 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 10:23 - 2010-02-07 21:56 - 01641792 _____ () C:\Windows\WindowsUpdate.log
2015-03-27 10:20 - 2013-04-09 10:30 - 00000000 ___RD () C:\Users\Michael Berger\Dropbox
2015-03-27 10:20 - 2013-04-09 10:25 - 00000000 ____D () C:\Users\Michael Berger\AppData\Roaming\Dropbox
2015-03-27 10:19 - 2013-12-21 11:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 10:19 - 2010-02-11 09:34 - 01114505 _____ () C:\Windows\setupact.log
2015-03-27 10:19 - 2010-02-08 01:17 - 00000000 ____D () C:\ProgramData\SFirm32
2015-03-27 10:19 - 2010-02-08 01:17 - 00000000 ____D () C:\Program Files (x86)\SFirm32
2015-03-27 10:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 09:18 - 2013-12-21 11:26 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 09:17 - 2010-04-09 16:33 - 00000000 ____D () C:\Users\Michael Berger\Documents\Outlook-Dateien
2015-03-27 08:56 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-27 08:56 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-27 08:28 - 2012-06-27 09:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 08:26 - 2010-03-16 16:31 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A4615E0D-38EC-44B6-BA17-62D20A8D9AE7}
2015-03-26 09:51 - 2014-04-14 10:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 12:31 - 2010-02-07 22:05 - 00000000 ____D () C:\Users\Michael Berger
2015-03-25 11:45 - 2010-02-14 21:56 - 00163348 _____ () C:\Windows\PFRO.log
2015-03-25 09:16 - 2009-07-14 18:58 - 00656044 _____ () C:\Windows\system32\perfh007.dat
2015-03-25 09:16 - 2009-07-14 18:58 - 00130676 _____ () C:\Windows\system32\perfc007.dat
2015-03-25 09:16 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-24 12:52 - 2010-02-07 23:12 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-19 13:42 - 2014-08-28 09:28 - 00000000 ____D () C:\Users\Michael Berger\AppData\Local\Adobe
2015-03-19 12:19 - 2010-04-03 07:51 - 00000000 ____D () C:\Users\Michael Berger\AppData\Roaming\vlc
2015-03-19 11:52 - 2012-12-17 08:44 - 00002030 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-03-18 15:31 - 2010-02-24 08:40 - 00000000 ____D () C:\ProgramData\SFirm32_Datensicherungen
2015-03-18 15:07 - 2013-04-09 10:26 - 00000000 ____D () C:\Users\Michael Berger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-04 11:44 - 2013-05-19 16:52 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-04 11:44 - 2013-03-27 16:44 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-04 11:44 - 2013-03-27 16:44 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-02 12:03 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2010-02-17 01:37 - 2014-01-03 10:16 - 0000008 _____ () C:\Users\Michael Berger\AppData\Roaming\NMM-MetaData.db
2010-09-10 12:06 - 2010-09-10 12:06 - 0022089 _____ () C:\Users\Michael Berger\AppData\Roaming\Tabulatorgetrennte Werte (Windows).ADR
2010-03-01 12:00 - 2015-02-16 14:46 - 0051712 _____ () C:\Users\Michael Berger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-08 23:49 - 2014-10-08 23:49 - 0001315 _____ () C:\Users\Michael Berger\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\Michael Berger\AppData\Local\Temp\AskSLib.dll
C:\Users\Michael Berger\AppData\Local\Temp\avgnt.exe
C:\Users\Michael Berger\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpguqo5w.dll
C:\Users\Michael Berger\AppData\Local\Temp\eps2dxf!.exe
C:\Users\Michael Berger\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Michael Berger\AppData\Local\Temp\htmlayout.dll
C:\Users\Michael Berger\AppData\Local\Temp\iebod-14.dll
C:\Users\Michael Berger\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Michael Berger\AppData\Local\Temp\lbn6ong1.dll
C:\Users\Michael Berger\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Michael Berger\AppData\Local\Temp\ose00001.exe
C:\Users\Michael Berger\AppData\Local\Temp\PicasaUpdater_2d38.exe
C:\Users\Michael Berger\AppData\Local\Temp\Quarantine.exe
C:\Users\Michael Berger\AppData\Local\Temp\SFRESTART.EXE
C:\Users\Michael Berger\AppData\Local\Temp\sfshowmsg.exe
C:\Users\Michael Berger\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Michael Berger\AppData\Local\Temp\SpOrder.dll
C:\Users\Michael Berger\AppData\Local\Temp\sqlite3.dll
C:\Users\Michael Berger\AppData\Local\Temp\toolbar30991673.exe
C:\Users\Michael Berger\AppData\Local\Temp\uninstall31142448.exe
C:\Users\Michael Berger\AppData\Local\Temp\unwise.exe
C:\Users\Michael Berger\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Michael Berger\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Michael Berger\AppData\Local\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe
[2011-04-27 08:27] - [2011-02-26 06:33] - 2614784 ____A (Microsoft Corporation) 50133485D97CD7A62BE065FE0DBD8974
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-25 12:19
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Michael Berger at 2015-03-27 10:27:19
Running from H:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1-Klick Duplikate Löschen für Dateien 1.xx (HKLM-x32\...\{320EF722-A623-4B6A-B41D-400557241820}_is1) (Version: - ITSTH)
1-Klick Duplikate Löschen für Outlook 3.12 (HKLM-x32\...\{CD423CE9-404E-4B5B-86CF-34AE8E01402D}_is1) (Version: 3.12 - ITSTH)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Acronis*True*Image*Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.6053 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Illustrator 10 (HKLM-x32\...\{412033BC-44CF-48D9-B813-4B835101F4D3}) (Version: 10 - Adobe Systems, Inc.)
Adobe InDesign CS4 (HKLM-x32\...\Adobe_1710d324011afc3e7658e969025f4ba) (Version: 6.0 - Adobe Systems Incorporated)
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Apple Mobile Device Support (HKLM\...\{8F473675-D702-45F9-8EBC-342B40C17BF5}) (Version: 3.4.0.25 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrettspielWelt (HKLM-x32\...\BrettspielWelt) (Version: 1.0 - BrettspielWelt GmbH)
Bridge Builder (HKLM-x32\...\Bridge Builder) (Version: - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - )
Canon MG5200 series Benutzerregistrierung (HKLM-x32\...\Canon MG5200 series Benutzerregistrierung) (Version: - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.28 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CONRAD USB Webcam (HKLM-x32\...\{038E236D-6305-4EFC-8744-81003568DD1A}) (Version: 2009.10.22_cornad_vc0342 - Vimicro)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
Deutsche Post Einlieferungslisten (HKLM-x32\...\{FBD3DDF9-38BD-4BBC-A135-A5F0DD7BA634}) (Version: - )
DirComp (HKLM-x32\...\{B915FA4E-B670-43E9-8EA0-9F16BFFD8AE8}) (Version: 2.06.0000 - Wolfgang Wirth)
Dir-It! (HKLM-x32\...\{602A58C3-BDF2-4B8A-B9D3-B6D9BACA386A}) (Version: 4.00.0000 - Wirth New Media Sarl)
Dropbox (HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Easy Poster Printer (HKLM-x32\...\{1B5979B5-FE79-405A-A023-592DCE48C522}) (Version: 6.0.0 - GD Software)
Easy2Sync für Dateien 1.xx (HKLM-x32\...\{EF327022-B623-4B6A-C41D-411720425583}_is1) (Version: - ITSTH)
Easy2Sync für Outlook 4.02 (HKLM-x32\...\{EF702322-B623-4B6A-B41D-411725582043}_is1) (Version: - ITSTH)
EasyBCD 1.7.2 (HKLM-x32\...\EasyBCD) (Version: 1.7.2 - NeoSmart Technologies)
EasyFIT 1.1 (HKLM-x32\...\EasyFIT) (Version: 1.1 - FIT GmbH)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
EPS 2 DXF 1 (HKLM-x32\...\EPS 2 DXF 1) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Exif-Viewer 2.50 (HKLM-x32\...\Exif-Viewer) (Version: 2.50 - Ralf Bibinger)
FastStone Image Viewer 5.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
Free Mp3 Wma Converter V 1.9 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 1.9.0.0 - Koyote Soft)
Free Video Converter V 2.5 (HKLM-x32\...\Free Video Converter_is1) (Version: 2.5.0.0 - Koyote Soft)
Free Videos To DVD V 3.2.0 (HKLM-x32\...\Free Videos To DVD_is1) (Version: 3.2.0.0 - Koyote soft)
FreeFileSync 5.22 (HKLM-x32\...\FreeFileSync) (Version: 5.22 - Zenju)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{5CA74EDC-CFC3-4FA0-AED7-1415CA19F250}) (Version: 2.7.2 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP LaserJet Professional CP1520 Series (HKLM-x32\...\{5C069542-CA13-4f1b-B90C-28C6430F4992}) (Version: - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{E15C68A1-9CA5-44AC-A7F7-6C0673F196A8}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0008 - HP)
hppCP1520LaserJetService (x32 Version: 001.007.00319 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.007.00397 - Hewlett-Packard) Hidden
hppTLBXFXCP1520 (x32 Version: 001.007.00647 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.007.00770 - Hewlett-Packard) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
iTunes (HKLM\...\{16DDB3D1-5C27-4599-9C63-E583287191CC}) (Version: 10.2.2.12 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LibreOffice 4.2.8.2 (HKLM-x32\...\{2D3234B2-FC7B-41CD-9FC8-4F9C2C20C131}) (Version: 4.2.8.2 - The Document Foundation)
Local Sync version 1.8.2.1 (HKLM-x32\...\Local Sync_is1) (Version: 1.8.2.1 - Ondřej Pšenčík)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MegaView 2012 (HKLM-x32\...\MegaView 2012) (Version: - Megatech Software GmbH)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.03.04.511 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{C50EF365-2898-489A-B6C7-30DAA466E9A2}) (Version: 7.1.23.0 - Nokia)
Nokia Map Loader (HKLM-x32\...\{45D4F727-43B5-49CD-B474-B9866A8F4FB8}) (Version: 3.0.28 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.40.6 - Nokia)
Nokia PC Suite (x32 Version: 7.1.40.6 - Nokia) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
Outlook Backup Assistant 7 (Testversion) (HKLM-x32\...\812A5AC8-50DA-43D8-B36E-30CDD7FCCAA1_is1) (Version: 7.0 - Priotecs IT GmbH)
PC Connectivity Solution (HKLM-x32\...\{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}) (Version: 9.44.0.3 - Nokia)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
phonostar-Player Version 3.01.7 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PKH-fix 4.2 (HKLM-x32\...\ST6UNST #1) (Version: - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QNewsletter Version 2.8.0 (HKLM-x32\...\QNewsletter_is1) (Version: - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Registry System Wizard.NET (HKLM\...\{110ED870-1DF3-4574-A679-E2C4A8163211}_is1) (Version: 0.10.1219.3 - WinFAQ)
ReplyButler 4.06 (HKLM-x32\...\{CDC23CE9-404E-4B5B-86CF-34AE8E01702D}_is1) (Version: - ITSTH)
Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Samsung PC Studio 7 (HKLM-x32\...\Samsung PC Studio 7) (Version: 7.2.20.9 - Samsung)
Samsung PC Studio 7 (x32 Version: 7.2.20.9 - Samsung) Hidden
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
SFirm (HKLM-x32\...\{888A6CDE-E161-492A-B94C-514E76C6A143}) (Version: 2.38.6.240.1 - SFirm Hannover)
SIW version 2010.03.10 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.03.10 - Topala Software Solutions)
Skype™ 5.8 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
SmartTools Publishing • Outlook Kontakte-Splitter (HKLM-x32\...\SmartToolsKontakte-Splitterv2.50) (Version: v2.50 - SmartTools Publishing)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Vimeo Uploader (HKLM-x32\...\vimeo.Duplo.3E2F2984357E7A95AE95C69EF2C5C14640284048.1) (Version: 0.942 - UNKNOWN)
Vimeo Uploader (x32 Version: 0.255 - UNKNOWN) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vtune 7.5 (HKLM-x32\...\Vtune_is1) (Version: - )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4) (HKLM\...\8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA) (Version: 06/01/2009 7.01.0.4 - Nokia)
Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2) (HKLM\...\05B59228C7E1C21DFBE89260F879BD95880548D8) (Version: 10/05/2009 4.2 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{6295A54D-BD2A-4CF7-A288-62B0D91F7879}\InprocServer32 -> C:\Program Files (x86)\Outlook Backup Assistant\AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{743035C6-FA33-39DF-A741-34A81649705C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{E3DF3DC0-3869-3CF6-9638-ACE5BFCF8341}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{E444D266-68C3-4748-91FC-49A65C606776}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1869414140-2818596827-3927057037-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2010-03-18 21:31 - 00000858 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0C7A2A67-4479-4D6E-8CAF-8342C7A61B8D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {18B7377C-F814-4517-8B47-5E75E84AF01F} - System32\Tasks\{C02DB76F-8DBA-45F8-ACE7-5B859F8F4FA1} => pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe" -d "E:\Users\Michael Berger\Downloads\wcpool2010_1967k2tb\WCPool_2010_3D_S605th" -c "E:\Users\Michael Berger\Downloads\wcpool2010_1967k2tb\WCPool_2010_3D_S605th\WCPool_2010_3D_S605th.jar"
Task: {393A2181-B957-488E-9A82-0E2509767D81} - System32\Tasks\{FD2F6106-7A17-476A-A25E-A7DCD3EFFFDA} => pcalua.exe -a "E:\Users\Atelier\Downloads\Exif-Viewer Setup.exe" -d E:\Users\Atelier\Downloads
Task: {3B964049-0B2E-4D34-896A-239D7AA20318} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
Task: {4A00550B-3A80-4955-AF42-BF957E3B7E1B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1869414140-2818596827-3927057037-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {61FA5C96-E625-492C-AA3E-502B8BB4A2CE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {626C21E4-7BAF-4805-9E95-021FF5FF1DBA} - System32\Tasks\{7604C456-D25E-4C37-B4F5-0DA7862E32FB} => C:\Program Files (x86)\Adobe\Illustrator 10\Support Files\Contents\Windows\Illustrator.exe [2001-10-29] (Adobe Systems, Inc.)
Task: {871CB679-768B-4DBA-AE0E-04976E5E539D} - System32\Tasks\{F6B403E1-EC14-4D50-BEC3-6898FA2E9E58} => C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe
Task: {87F14D33-5834-45D3-86C9-16F710A038D0} - System32\Tasks\{9EC45C91-FA45-4003-BB72-05DEE38771A8} => C:\Program Files (x86)\Microsoft Office\Office10\OUTLOOK.EXE
Task: {910CBB01-3E60-4F5B-8DBC-91B648E1EB70} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-05-02] (Hewlett Packard)
Task: {AD701EBD-609B-4757-91F4-5445DAE6FE2A} - System32\Tasks\{257E399E-C843-4B49-B4DC-047F866576FD} => C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrodist.exe
Task: {ADD25980-CD01-4817-BAF3-3951CD18F742} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B1DDB05D-0838-4941-A652-D4AD6A5147FC} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1869414140-2818596827-3927057037-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {C98B900A-71CB-4119-97ED-F88A67CB1ADF} - System32\Tasks\{FB9ABD56-4A4D-43CA-9F66-85395E736FA6} => pcalua.exe -a "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\ApplicationInstaller.exe" -d "C:\Users\Michael Berger\Downloads" -c "C:\Users\Michael Berger\Downloads\farmfrenzy_ch7hpqw5.sis"
Task: {D1E6CE1A-9AB5-435C-8EBD-F7108FB83A94} - System32\Tasks\{B88A6681-D128-463E-B41C-18F7AF179C0E} => pcalua.exe -a "E:\Users\Michael Berger\Downloads\olsplit.exe" -d "E:\Users\Michael Berger\Downloads"
Task: {D3F7E478-F259-4A72-A00A-3180B1F55B71} - System32\Tasks\{08F311E6-0882-4882-9DDA-AB8AD93BF67A} => C:\Program Files (x86)\MAGIX\Video_deluxe_16_Premium_Download-Version\Videodeluxe.exe
Task: {D49F046C-5B46-4855-82C8-69F6511AED52} - System32\Tasks\{7267E1D3-5E92-4BBE-AE7D-DB946AAF32FF} => pcalua.exe -a "G:\VW222 driver\AsusSetup.exe" -d "G:\VW222 driver"
Task: {DBA9659C-4060-41DE-A7E6-AD47E6E7C9DF} - System32\Tasks\{A7BDF11C-68C7-4BAD-B1E2-688F564A8502} => C:\Program Files (x86)\Adobe\Illustrator 10\Support Files\Contents\Windows\Illustrator.exe [2001-10-29] (Adobe Systems, Inc.)
Task: {ECA309B9-1160-4B47-9E56-F86D06EA6224} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
Task: {F6B60924-37F4-4DCA-A8DE-C25D20D8302F} - System32\Tasks\{51937C32-6A23-439C-A539-3431B58AD754} => pcalua.exe -a E:\Users\Atelier\Downloads\EasyFIT-Installer.exe -d E:\Users\Atelier\Downloads
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1869414140-2818596827-3927057037-1000.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) ==============
2010-11-16 14:38 - 2010-11-16 14:38 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-04-03 13:29 - 2013-01-28 03:49 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2008-12-06 02:19 - 2008-12-06 02:19 - 00918016 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\phonebrowser64.dll
2009-05-16 00:20 - 2009-05-16 00:20 - 01103872 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSCM64_Samsung.dll
2001-12-31 23:10 - 2009-05-12 15:43 - 02158592 _____ () C:\Program Files (x86)\Vtune\TBPANEL.exe
2008-12-06 01:48 - 2008-12-06 01:48 - 00699392 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe
2001-12-31 23:10 - 1998-10-31 04:55 - 00005120 _____ () C:\Program Files (x86)\Vtune\TBManage.dll
2008-12-05 16:15 - 2008-12-05 16:15 - 01581056 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtCore4.dll
2008-12-05 16:23 - 2008-12-05 16:23 - 06402048 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtGui4.dll
2008-12-05 16:15 - 2008-12-05 16:15 - 00356352 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtXml4.dll
2009-05-16 00:10 - 2009-05-16 00:10 - 00716800 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSCM.dll
2008-12-06 01:25 - 2008-12-06 01:25 - 00004608 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSL.dll
2008-12-06 01:50 - 2008-12-06 01:50 - 00713728 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\styles\NGLStyle.dll
2008-12-05 16:31 - 2008-12-05 16:31 - 00131072 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\imageformats\qjpeg4.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00750080 _____ () C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-27 10:20 - 2015-03-27 10:20 - 00043008 _____ () c:\Users\Michael Berger\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpguqo5w.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00047616 _____ () C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00865280 _____ () C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:07 - 2015-03-04 23:07 - 00200704 _____ () C:\Users\Michael Berger\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2010-04-16 10:29 - 2010-04-16 10:29 - 00119864 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\nativeutils.dll
2015-03-24 12:53 - 2015-03-14 11:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-24 12:53 - 2015-03-14 11:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-24 12:53 - 2015-03-14 11:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0DB6FB53
AlternateDataStreams: C:\ProgramData\TEMP:1FA4E6BA
AlternateDataStreams: C:\ProgramData\TEMP:31C3D68C
AlternateDataStreams: C:\ProgramData\TEMP:4FF9FD44
AlternateDataStreams: C:\ProgramData\TEMP:9FF7C773
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1869414140-2818596827-3927057037-1000\Control Panel\Desktop\\Wallpaper -> E:\Users\Michael Berger\Pictures\Picasa\Hintergründe\picasabackground.bmp
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1869414140-2818596827-3927057037-500 - Administrator - Disabled)
Atelier (S-1-5-21-1869414140-2818596827-3927057037-1001 - Limited - Enabled) => C:\Users\Atelier
Gast (S-1-5-21-1869414140-2818596827-3927057037-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1869414140-2818596827-3927057037-1004 - Limited - Enabled)
Michael Berger (S-1-5-21-1869414140-2818596827-3927057037-1000 - Administrator - Enabled) => C:\Users\Michael Berger
Privat (S-1-5-21-1869414140-2818596827-3927057037-1002 - Limited - Enabled) => C:\Users\Privat
ThinkBerger (S-1-5-21-1869414140-2818596827-3927057037-1005 - Administrator - Enabled) => C:\Users\ThinkBerger
==================== Faulty Device Manager Devices =============
Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/26/2015 01:01:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 6.0.6.622, Zeitstempel: 0x4caa28e2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5740cc49
ID des fehlerhaften Prozesses: 0x88c
Startzeit der fehlerhaften Anwendung: 0xInDesign.exe0
Pfad der fehlerhaften Anwendung: InDesign.exe1
Pfad des fehlerhaften Moduls: InDesign.exe2
Berichtskennung: InDesign.exe3
Error: (03/26/2015 11:02:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/26/2015 11:02:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/26/2015 11:02:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error: (03/26/2015 11:01:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/26/2015 11:01:12 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/26/2015 11:01:11 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (03/25/2015 06:49:17 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (03/25/2015 05:32:11 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (03/25/2015 02:10:46 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
System errors:
=============
Error: (03/27/2015 10:19:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/27/2015 10:19:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.
Error: (03/27/2015 10:19:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/27/2015 10:19:30 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\adfs.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/27/2015 10:19:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TBPanel" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/27/2015 08:23:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/27/2015 08:23:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.
Error: (03/27/2015 08:23:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/27/2015 08:23:27 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\adfs.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/27/2015 08:23:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TBPanel" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (03/26/2015 01:01:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: InDesign.exe6.0.6.6224caa28e2unknown0.0.0.000000000c00000055740cc4988c01d067b44831fd97C:\Program Files (x86)\Adobe\Adobe InDesign CS4\InDesign.exeunknowndfe84421-d3af-11e4-b083-002618ee5280
Error: (03/26/2015 11:02:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (03/26/2015 11:02:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Samsung\Samsung PC Studio 7\TIS_VistaPIM.dll
Error: (03/26/2015 11:02:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestc:\program files (x86)\phonostar-player\phonostar.exe
Error: (03/26/2015 11:01:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll
Error: (03/26/2015 11:01:12 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (03/26/2015 11:01:11 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifestc:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifest2
Error: (03/25/2015 06:49:17 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: E:\Users\Michael Berger\Downloads\EmsisoftEmergencyKit.exeE:\Users\Michael Berger\Downloads\EmsisoftEmergencyKit.exe0
Error: (03/25/2015 05:32:11 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: E:\Users\Michael Berger\Downloads\EmsisoftEmergencyKit.exeE:\Users\Michael Berger\Downloads\EmsisoftEmergencyKit.exe0
Error: (03/25/2015 02:10:46 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: E:\Users\Michael Berger\Downloads\EmsisoftEmergencyKit.exeE:\Users\Michael Berger\Downloads\EmsisoftEmergencyKit.exe0
CodeIntegrity Errors:
===================================
Date: 2010-08-11 15:57:09.649
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-08-11 15:37:26.608
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-06-08 11:13:37.644
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\spsys.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-04-08 20:08:17.704
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\MICHAE~1\AppData\Local\Temp\TII14AB.tmp\disk1\BIOSCHK.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-04-08 20:08:17.704
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\MICHAE~1\AppData\Local\Temp\TII14AB.tmp\disk1\BIOSCHK.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 41%
Total physical RAM: 4095.24 MB
Available physical RAM: 2397.09 MB
Total Pagefile: 8188.63 MB
Available Pagefile: 6078.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:2.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:100.1 GB) (Free:66.17 GB) NTFS
Drive e: () (Fixed) (Total:265.56 GB) (Free:2.55 GB) NTFS
Drive h: () (Removable) (Total:3.73 GB) (Free:3.66 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BAE3EF02)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=265.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
