| Misfit#1 | 18.04.2015 12:12 |
Gerne. Hier W7 64bit
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01
Ran by NN (administrator) on I3 on 18-04-2015 12:55:41
Running from C:\Users\NN\Desktop
Loaded Profiles: NN (Available profiles: NN)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Dropbox, Inc.) C:\Users\NN\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Mozilla Corporation) C:\Program Files\Firefox Developer Edition\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files\Firefox Developer Edition\plugin-container.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-03-25] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\MountPoints2: {4f875e64-ce4e-11e4-b190-e03f498397fc} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Vertriebsportal.exe
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\MountPoints2: {d551186e-9c17-11e4-b85e-915197496b56} - F:\pushinst.exe
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\MountPoints2: {d6844535-9c1b-11e4-99a1-c22db5732756} - F:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\Users\NN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\NN\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\NN\AppData\Roaming\Mozilla\Firefox\Profiles\t5wetv4i.default-1424854607948
FF Homepage: https://www.mozilla.org/de/|hxxp://www.tecchannel.de/pc_mobile/tipps/2040364/internet_explorer_10_unter_windows_7_deinstallieren/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\NN\AppData\Roaming\Mozilla\Firefox\Profiles\t5wetv4i.default-1424854607948\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-08]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Firefox Developer Edition\firefox.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
S2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 arusb_lhx; C:\Windows\System32\DRIVERS\arusb_lhx.sys [539136 2008-07-24] (Atheros Communications, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 12:55 - 2015-04-18 12:55 - 00000000 ____D () C:\Users\NN\Desktop\FRST-OlderVersion
2015-04-17 16:23 - 2015-04-17 16:23 - 00000000 ____D () C:\Program Files\Firefox Developer Edition
2015-04-16 22:43 - 2015-04-16 22:43 - 00264846 _____ () C:\Users\NN\Downloads\FRITZ.Box Fon WLAN 7270 v3 (UI) 74.06.05_16.04.15_2243.export
2015-04-16 21:19 - 2015-04-16 21:19 - 00012231 _____ () C:\Users\NN\Downloads\FRITZ.Box_Telefonbuch_16.04.15_2119.xml
2015-04-16 21:19 - 2015-04-16 21:19 - 00010251 _____ () C:\Users\NN\Downloads\FRITZ.Box_Telefonbuch_Volkers Telephonbuch_16.04.15_2119.xml
2015-04-16 21:18 - 2015-04-16 21:18 - 00609001 _____ () C:\Users\NN\Downloads\FRITZ.Box Fon WLAN 7270 v3 (UI) 74.06.05_16.04.15_2118.export
2015-04-16 21:07 - 2015-04-16 21:07 - 00000630 _____ () C:\Windows\PFRO.log
2015-04-16 20:22 - 2015-04-16 20:22 - 01203488 _____ () C:\Users\NN\Downloads\Firefox 39 Developer Edition 64 Bit - CHIP-Installer.exe
2015-04-16 20:22 - 2015-04-16 20:22 - 00002069 _____ () C:\Users\NN\Desktop\Firefox 39 Developer Edition (64 Bit) - CHIP Downloader.lnk
2015-04-16 12:40 - 2015-04-16 12:40 - 00001268 _____ () C:\Users\NN\Desktop\Revo Uninstaller.lnk
2015-04-16 12:40 - 2015-04-16 12:40 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-04-16 12:39 - 2015-04-16 12:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\NN\Downloads\revosetup.exe
2015-04-15 16:00 - 2015-04-15 16:01 - 00607936 _____ () C:\Users\NN\Downloads\FRITZ.Box Fon WLAN 7270 v3 (UI) 74.06.05_15.04.15_1600.export
2015-04-15 15:05 - 2015-04-15 15:05 - 00011961 _____ () C:\Users\NN\Downloads\FRITZ.Box_Telefonbuch_15.04.15_1505.xml
2015-04-15 15:05 - 2015-04-15 15:05 - 00010230 _____ () C:\Users\NN\Downloads\FRITZ.Box_Telefonbuch_Volkers Telephonbuch_15.04.15_1505.xml
2015-04-15 15:00 - 2015-04-15 15:00 - 00610272 _____ () C:\Users\NN\Downloads\FRITZ.Box Fon WLAN 7270 v3 (UI) 74.06.05_15.04.15_1500.export
2015-04-15 14:01 - 2015-04-15 14:01 - 00000618 _____ () C:\Users\NN\Desktop\JRT.txt
2015-04-15 13:57 - 2015-04-15 13:57 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-I3-Windows-7-Ultimate-(64-bit).dat
2015-04-15 13:57 - 2015-04-15 13:57 - 00000000 ____D () C:\RegBackup
2015-04-15 13:49 - 2015-04-15 13:49 - 02347384 _____ (ESET) C:\Users\NN\Desktop\esetsmartinstaller_deu.exe
2015-04-15 13:48 - 2015-04-15 13:48 - 02687136 _____ (Thisisu) C:\Users\NN\Desktop\JRT.exe
2015-04-15 13:30 - 2015-04-15 13:30 - 00001206 _____ () C:\Users\NN\Desktop\Malwarescan.txt
2015-04-15 12:54 - 2015-04-15 12:54 - 00031777 _____ () C:\Users\NN\Desktop\Addition.txt
2015-04-15 12:53 - 2015-04-18 12:55 - 00013531 _____ () C:\Users\NN\Desktop\FRST.txt
2015-04-15 12:52 - 2015-04-15 12:52 - 00000466 _____ () C:\Users\NN\Desktop\defogger_disable.log
2015-04-09 18:41 - 2015-04-09 18:41 - 00000000 ____D () C:\Users\NN\Downloads\Install_Power_Commander_5_v1.0.6.4
2015-04-09 18:38 - 2015-04-09 18:38 - 00000000 ____D () C:\Users\NN\Downloads\PC5Moto v0.1.10.6.pvu
2015-04-09 18:33 - 2015-04-09 18:33 - 00224219 _____ () C:\Users\NN\Downloads\PC5Moto v0.1.10.6.pvu.zip
2015-04-09 18:24 - 2015-04-09 18:24 - 00122182 _____ (Dynojet Research, Inc.) C:\Users\NN\Downloads\M12-001-all.exe
2015-04-09 15:27 - 2015-04-09 15:27 - 00097637 _____ (Oleg N. Scherbakov) C:\Users\NN\Downloads\m12-002-All(1).exe
2015-04-09 14:54 - 2015-04-18 12:40 - 00001176 _____ () C:\Windows\setupact.log
2015-04-09 14:54 - 2015-04-09 14:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-09 14:50 - 2015-04-09 18:42 - 00001032 _____ () C:\Users\Public\Desktop\Power Commander 5.lnk
2015-04-09 14:50 - 2015-04-09 18:42 - 00000000 ____D () C:\Program Files (x86)\Power Commander 5
2015-04-09 12:07 - 2015-04-18 12:55 - 02098176 _____ (Farbar) C:\Users\NN\Desktop\FRST64.exe
2015-04-09 12:07 - 2015-04-09 12:06 - 00380416 _____ () C:\Users\NN\Desktop\Gmer-19357.exe
2015-04-09 12:07 - 2015-04-09 11:25 - 00050477 _____ () C:\Users\NN\Desktop\Defogger.exe
2015-04-09 12:07 - 2015-04-09 11:21 - 02217984 _____ () C:\Users\NN\Desktop\adwcleaner_4.201.exe
2015-04-09 12:06 - 2015-04-09 12:06 - 00380416 _____ () C:\Users\NN\Downloads\Gmer-19357.exe
2015-04-09 11:26 - 2015-04-09 11:26 - 00000466 _____ () C:\Users\NN\Downloads\defogger_disable.log
2015-04-09 11:25 - 2015-04-09 11:26 - 00028764 _____ () C:\Users\NN\Downloads\Addition.txt
2015-04-09 11:25 - 2015-04-09 11:26 - 00023700 _____ () C:\Users\NN\Downloads\FRST.txt
2015-04-09 11:25 - 2015-04-09 11:25 - 02095616 _____ (Farbar) C:\Users\NN\Downloads\FRST64.exe
2015-04-09 11:25 - 2015-04-09 11:25 - 00050477 _____ () C:\Users\NN\Downloads\Defogger.exe
2015-04-08 12:06 - 2015-04-08 12:06 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-08 11:41 - 2015-04-08 11:41 - 00000000 ____D () C:\Users\NN\Downloads\PC5Moto v0.1.10.6.pvu(1)
2015-03-27 18:29 - 2015-03-27 18:29 - 00224219 _____ () C:\Users\NN\Downloads\PC5Moto v0.1.10.6.pvu(1).zip
2015-03-27 18:21 - 2015-04-09 18:42 - 00000000 ____D () C:\Users\NN\Documents\Power Commander 5
2015-03-27 18:20 - 2015-03-27 18:20 - 00097637 _____ (Oleg N. Scherbakov) C:\Users\NN\Downloads\m12-002-All.exe
2015-03-27 17:59 - 2015-04-09 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Commander 5
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-19 22:43 - 2015-03-19 22:43 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2015-03-19 19:52 - 2015-04-08 11:10 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-03-19 19:33 - 2015-03-19 19:37 - 182341048 _____ (AVG Technologies) C:\Users\NN\Downloads\avg_free_x645856_all_2015_ltst_221.exe
2015-03-19 18:36 - 2015-03-19 18:36 - 00000000 ____D () C:\Users\NN\AppData\Local\CrashRpt
2015-03-19 18:36 - 2015-03-19 18:36 - 00000000 ____D () C:\ProgramData\AVG
2015-03-19 18:33 - 2015-04-18 12:44 - 00117679 _____ () C:\Windows\WindowsUpdate.log
2015-03-19 18:14 - 2015-03-19 22:39 - 00000383 _____ () C:\DelFix.txt
2015-03-19 18:14 - 2015-03-19 18:14 - 00000000 ____D () C:\Windows\ERUNT
2015-03-19 18:04 - 2015-03-27 18:50 - 00000000 ____D () C:\Windows\Minidump
2015-03-19 17:58 - 2015-03-19 17:58 - 00000000 ____D () C:\rsit
2015-03-19 17:58 - 2015-03-19 17:58 - 00000000 ____D () C:\Program Files (x86)\trend micro
2015-03-19 17:50 - 2015-04-18 12:55 - 00000000 ____D () C:\FRST
2015-03-19 17:46 - 2015-04-08 17:04 - 00000000 ____D () C:\Malware
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 12:51 - 2015-01-28 19:45 - 00000000 ____D () C:\Program Files (x86)\DVAG Online-System
2015-04-18 12:48 - 2009-07-14 06:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:48 - 2009-07-14 06:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:46 - 2015-01-16 14:52 - 00003894 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1404E68D-D479-427F-85CC-B75727716C99}
2015-04-18 12:45 - 2015-01-15 18:14 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-18 12:43 - 2015-02-09 14:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 12:43 - 2015-01-15 18:44 - 00000000 ___RD () C:\Users\NN\Dropbox
2015-04-18 12:41 - 2015-01-15 18:39 - 00000000 ____D () C:\Users\NN\AppData\Roaming\Dropbox
2015-04-18 12:40 - 2015-01-30 12:26 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-04-18 12:40 - 2015-01-16 15:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 12:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 14:56 - 2015-01-14 20:47 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-17 14:55 - 2015-01-14 20:47 - 00000000 ____D () C:\Users\NN\AppData\Local\Google
2015-04-17 08:05 - 2015-02-25 10:12 - 00000000 ____D () C:\Users\NN\Desktop\Alte Firefox-Daten
2015-04-16 22:36 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-04-16 19:58 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-04-15 13:27 - 2015-02-23 14:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 13:07 - 2015-02-23 15:29 - 00000000 ____D () C:\AdwCleaner
2015-04-15 11:43 - 2015-02-09 14:50 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 11:43 - 2015-02-09 14:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 11:43 - 2015-02-09 14:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 09:53 - 2015-01-15 18:41 - 00000000 ____D () C:\Users\NN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 10:24 - 2009-07-14 19:58 - 00821220 _____ () C:\Windows\system32\perfh007.dat
2015-04-09 10:24 - 2009-07-14 19:58 - 00190336 _____ () C:\Windows\system32\perfc007.dat
2015-04-09 10:24 - 2009-07-14 07:13 - 01921648 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 17:09 - 2015-01-15 16:45 - 00001346 _____ () C:\Users\NN\Desktop\AUS.lnk
2015-04-08 13:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-08 12:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-04-08 11:24 - 2015-02-24 16:22 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-08 11:24 - 2015-02-24 16:22 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-08 11:10 - 2015-02-03 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-27 18:37 - 2015-01-14 20:04 - 00000000 ____D () C:\Users\NN\AppData\Local\VirtualStore
2015-03-19 20:16 - 2015-01-28 19:48 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-19 20:15 - 2015-02-23 22:18 - 00000000 ____D () C:\Program Files (x86)\7a0a8602-d927-415e-a813-0db6c69aa6a4
2015-03-19 18:40 - 2015-01-16 16:28 - 00000000 ____D () C:\Users\NN\AppData\Local\Adobe
2015-03-19 18:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-19 18:04 - 2009-07-14 07:08 - 00032570 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2015-01-25 18:12 - 2015-01-25 18:12 - 0001248 _____ () C:\Users\NN\AppData\Roaming\UZKBXKDL
2015-01-25 18:12 - 2015-01-25 18:12 - 0002086 _____ () C:\Users\NN\AppData\Roaming\ZXW
2015-02-20 19:29 - 2015-02-20 19:29 - 0007605 _____ () C:\Users\NN\AppData\Local\Resmon.ResmonCfg
2015-01-14 20:29 - 2015-01-14 20:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\NN\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp681tp3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 11:19
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-04-2015 01
Ran by NN at 2015-04-18 12:56:58
Running from C:\Users\NN\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (x32 Version: 5.5.708 - Avery) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Firefox Developer Edition 39.0a2 (x64 de) (HKLM\...\Firefox Developer Edition 39.0a2 (x64 de)) (Version: 39.0a2 - Mozilla)
FixFoto 3.50 X64 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Garmin BaseCamp (HKLM-x32\...\{31A67F6C-D79D-47B9-9F0B-13C0FCF3C3A8}) (Version: 4.4.6 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2015.20 (HKLM-x32\...\{EF144B2A-E433-45ED-959C-FD913ABCE5D8}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM-x32\...\{F0D44E64-51EE-4888-A1FD-F13108B75A43}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin VIRB Edit (HKLM-x32\...\{7FE515DE-36C8-4948-9786-496CE891BBFB}) (Version: 2.9.1 - Garmin Ltd or its subsidiaries)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0a2 - Mozilla)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - )
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
TL-WN821N-Drahtlos-Tool (HKLM-x32\...\{E74A1D67-FFFE-4A15-9287-50B3C0465454}) (Version: 7.0 - TP-LINK)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
version 1.0.3.1 (HKLM-x32\...\{021AC692-8CAC-43B3-8A10-EC6DEC3F9333}_is1) (Version: - Dynojet Research Inc.)
version 1.0.6.4 (HKLM-x32\...\{A877D2BD-19D7-443E-95FD-DA0A8ECB88FA}_is1) (Version: - Dynojet Research Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2645552766-4084710074-1429449726-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NN\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
08-04-2015 13:44:20 Geplanter Prüfpunkt
16-04-2015 13:33:41 Geplanter Prüfpunkt
17-04-2015 14:53:50 Revo Uninstaller's restore point - Google Chrome
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-07 23:13 - 2014-09-07 23:13 - 00000888 ____A C:\Windows\system32\Drivers\etc\hosts
109.120.169.64 albert.apple.com.
109.120.169.64 gs.apple.com.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1E4C1969-E83E-475D-9671-7F042508DEAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {24B57C20-65D4-4EA2-A5BC-580FDDC64E69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {764F2688-666A-4D77-9BB6-3E0CF4D8B0D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {A7C59E88-7D75-4EC5-A3D2-FDF5D3748AF6} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {AB71F702-52C4-428B-A733-29AF031251EF} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B8D181FA-0C52-46C3-B915-A3D7313B7241} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Loaded Modules (whitelisted) ==============
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-14 20:48 - 2013-05-07 09:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-04-15 11:43 - 2015-04-15 11:43 - 23071408 _____ () C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
2015-01-14 20:48 - 2015-04-18 12:40 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-01-14 20:48 - 2013-05-07 09:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-18 12:40 - 2015-04-18 12:40 - 00043008 _____ () c:\users\nn\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp681tp3.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\NN\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\NN\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\NN\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\NN\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-06-14 22:11 - 2012-06-14 22:11 - 00325968 _____ () C:\ProgramData\Microsoft\Windows\WER\lua5.1.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:A5B56640
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2645552766-4084710074-1429449726-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-2645552766-4084710074-1429449726-500 - Administrator - Disabled)
Gast (S-1-5-21-2645552766-4084710074-1429449726-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2645552766-4084710074-1429449726-1002 - Limited - Enabled)
NN (S-1-5-21-2645552766-4084710074-1429449726-1000 - Administrator - Enabled) => C:\Users\NN
==================== Faulty Device Manager Devices =============
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/16/2015 10:21:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/16/2015 01:28:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 03:23:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 02:38:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 02:02:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 02:01:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/15/2015 02:01:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (04/18/2015 00:40:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/18/2015 00:40:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/18/2015 00:40:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht.
Error: (04/17/2015 03:13:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/17/2015 03:13:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/17/2015 03:13:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (04/17/2015 03:12:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/17/2015 03:12:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht.
Error: (04/17/2015 08:08:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/17/2015 08:08:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (04/16/2015 10:21:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
Error: (04/16/2015 01:28:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (04/15/2015 03:23:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
Error: (04/15/2015 02:38:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (04/15/2015 02:02:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
Error: (04/15/2015 02:01:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
Error: (04/15/2015 02:01:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\NN\Desktop\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 73%
Total physical RAM: 3966.24 MB
Available physical RAM: 1059.61 MB
Total Pagefile: 7930.66 MB
Available Pagefile: 3249.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.39 GB) (Free:59.41 GB) NTFS
Drive d: () (Fixed) (Total:319.28 GB) (Free:319.14 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D4E5D4E5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Vom W7 32bit hatte ich zum Anfang bereits einmal gepostet.
Chrome habe ich bei beiden Systemen entfernt, FF Developer bei beiden neu installiert. Und dabei ploppen die Tabs auch nicht mehr auf. Nur noch beim IE und beim FF 37.0.1
Hier die Files vom W7 32bit System
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-04-2015 01
Ran by VB (administrator) on THINKPAD_X61 on 18-04-2015 12:59:07
Running from C:\Users\VB\Desktop
Loaded Profiles: VB (Available profiles: VB)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files\Join Air\AssistantServices.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\Join Air\UIExec.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Fred's Software) C:\Program Files\PrintKey2000\Printkey2000.exe
(Dropbox, Inc.) C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe
(telegate MEDIA AG) C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(Mozilla Corporation) C:\Program Files\Firefox Developer Edition\firefox.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TrackPointSrv] => C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [95264 2011-11-01] (Lenovo Group Limited)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [338216 2013-06-20] (Lenovo.)
HKLM\...\Run: [UIExec] => C:\Program Files\Join Air\UIExec.exe [138072 2010-04-27] ()
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {09af47db-ac51-11e4-a974-001d729afb15} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Vertriebsportal.exe
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {5d7880e2-f505-11e2-9c5b-001d729afb15} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Vertriebsportal.exe
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\MountPoints2: {8f3eb0a2-b334-11e3-add6-001d729afb15} - Explorer.exe UserGuild.htm
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-23] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
ShortcutTarget: Printkey2000.lnk -> C:\Program Files\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\klickTel OEM Herbst 2012 - Schnellstarter.lnk
ShortcutTarget: klickTel OEM Herbst 2012 - Schnellstarter.lnk -> C:\Program Files\klickTel\klickTel OEM Herbst 2012\kstart32.exe (telegate MEDIA AG)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-25] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-25] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\VB\AppData\Roaming\Mozilla\Firefox\Profiles\zwl4nuwt.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-23]
CHR Extension: (Google Docs) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (YouTube) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Google Search) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Google Sheets) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Gmail) - C:\Users\VB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [110128 2014-05-27] (Lenovo Group Limited)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [1664808 2013-06-26] (Lenovo Group Limited)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [49136 2015-03-27] ()
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [116208 2014-06-10] (Lenovo Group Limited)
R2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [247152 2010-04-27] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [224736 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [11976 2011-05-30] (Authentec Inc.)
R3 Tp4Track; C:\Windows\System32\DRIVERS\tp4track.sys [24872 2011-11-01] (Lenovo Group Limited)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 12:57 - 2015-04-18 12:57 - 00000000 ____D () C:\Users\VB\Desktop\FRST-OlderVersion
2015-04-18 12:40 - 2015-04-18 12:40 - 00000326 _____ () C:\Windows\PFRO.log
2015-04-18 12:40 - 2015-04-18 12:40 - 00000056 _____ () C:\Windows\setupact.log
2015-04-18 12:40 - 2015-04-18 12:40 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-17 20:36 - 2015-04-17 20:36 - 00001196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2015-04-17 20:36 - 2015-04-17 20:36 - 00001184 _____ () C:\Users\Public\Desktop\Firefox Developer Edition.lnk
2015-04-17 20:36 - 2015-04-17 20:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-17 20:36 - 2015-04-17 20:36 - 00000000 ____D () C:\Program Files\Firefox Developer Edition
2015-04-17 18:38 - 2015-04-17 18:38 - 00001321 _____ () C:\Users\VB\Desktop\JRT.txt
2015-04-17 17:18 - 2015-04-17 17:18 - 40510536 _____ () C:\Users\VB\Downloads\firefox-39.0a2.de.win32.installer.exe
2015-04-17 15:47 - 2015-04-17 15:47 - 40676944 _____ () C:\Users\VB\Downloads\Firefox Setup 37.0.1.exe
2015-04-17 14:18 - 2015-04-17 14:18 - 00001231 _____ () C:\Users\VB\Desktop\Revo Uninstaller.lnk
2015-04-17 14:18 - 2015-04-17 14:18 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-04-17 14:17 - 2015-04-17 14:17 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VB\Downloads\revosetup95.exe
2015-04-17 08:31 - 2015-04-17 08:56 - 393494439 _____ () C:\Users\VB\Downloads\DVAG_Online-System_Vers.7.4.0.exe
2015-04-15 15:10 - 2015-04-15 15:10 - 00001213 _____ () C:\Users\VB\Desktop\Malwarebytes.txt
2015-04-15 14:28 - 2015-04-15 14:28 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 14:27 - 2015-04-15 14:27 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-15 14:27 - 2015-04-15 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-15 14:27 - 2015-04-15 14:27 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-15 14:27 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-15 14:27 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-15 14:27 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-15 14:24 - 2015-04-15 14:24 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\VB\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-15 14:17 - 2015-04-18 12:56 - 00000466 _____ () C:\Users\VB\Desktop\defogger_disable.log
2015-04-15 13:34 - 2015-04-17 18:14 - 02686254 _____ (Thisisu) C:\Users\VB\Desktop\JRT.exe
2015-04-13 17:57 - 2015-04-13 17:57 - 00000000 ____D () C:\Users\VB\Downloads\Install_Power_Commander_5_v1.0.6.4
2015-04-13 17:55 - 2015-04-13 17:56 - 11938322 _____ () C:\Users\VB\Downloads\Install_Power_Commander_5_v1.0.6.4.zip
2015-04-13 17:49 - 2015-04-13 17:50 - 02347384 _____ (ESET) C:\Users\VB\Downloads\esetsmartinstaller_deu(1).exe
2015-04-09 11:56 - 2015-04-17 19:09 - 00033207 _____ () C:\Users\VB\Desktop\Addition.txt
2015-04-09 11:54 - 2015-04-18 12:59 - 00017643 _____ () C:\Users\VB\Desktop\FRST.txt
2015-04-09 11:50 - 2015-04-18 12:57 - 01137664 _____ (Farbar) C:\Users\VB\Desktop\FRST.exe
2015-04-09 11:50 - 2015-04-09 10:57 - 00380416 _____ () C:\Users\VB\Desktop\Gmer-19357(1).exe
2015-04-09 11:50 - 2015-04-09 10:43 - 00050477 _____ () C:\Users\VB\Desktop\Defogger.exe
2015-04-09 11:50 - 2015-03-20 07:29 - 00602112 _____ (OldTimer Tools) C:\Users\VB\Desktop\OTL.exe
2015-04-09 11:41 - 2015-04-15 13:16 - 00038895 _____ () C:\Users\VB\Desktop\gmer.log
2015-04-09 11:41 - 2015-04-09 11:54 - 00010610 _____ () C:\Users\VB\Desktop\gmer1.log
2015-04-09 10:57 - 2015-04-09 10:57 - 00380416 _____ () C:\Users\VB\Downloads\Gmer-19357(1).exe
2015-04-09 10:50 - 2015-04-09 10:52 - 00026765 _____ () C:\Users\VB\Downloads\Addition.txt
2015-04-09 10:49 - 2015-04-09 10:52 - 00039697 _____ () C:\Users\VB\Downloads\FRST.txt
2015-04-09 10:47 - 2015-04-18 12:59 - 00000000 ____D () C:\FRST
2015-04-09 10:46 - 2015-04-09 10:46 - 01135104 _____ (Farbar) C:\Users\VB\Downloads\FRST.exe
2015-04-09 10:45 - 2015-04-09 10:46 - 00000466 _____ () C:\Users\VB\Downloads\defogger_disable.log
2015-04-09 10:45 - 2015-04-09 10:45 - 00000000 _____ () C:\Users\VB\defogger_reenable
2015-04-09 10:43 - 2015-04-09 10:43 - 00050477 _____ () C:\Users\VB\Downloads\Defogger.exe
2015-04-08 17:02 - 2015-04-08 17:02 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-THINKPAD_X61-Windows-7-Ultimate-(32-bit).dat
2015-04-08 17:02 - 2015-04-08 17:02 - 00000000 ____D () C:\RegBackup
2015-04-08 15:33 - 2015-04-08 15:34 - 05344528 _____ (Piriform Ltd) C:\Users\VB\Downloads\ccsetup504.exe
2015-03-25 11:23 - 2015-03-25 11:23 - 00224736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-03-20 13:11 - 2015-03-20 13:11 - 00817286 _____ () C:\Users\VB\Downloads\Betrieblicher_Vorsorgerechner.zip
2015-03-20 13:11 - 2015-03-20 13:11 - 00000000 ____D () C:\Users\VB\Downloads\Betrieblicher_Vorsorgerechner
2015-03-20 08:44 - 2015-03-20 08:44 - 16342352 _____ (Geek Software GmbH ) C:\Users\VB\Downloads\pdf24-creator-6.9.2.exe
2015-03-20 08:17 - 2015-03-20 08:17 - 00000000 ____D () C:\Users\VB\Downloads\MicrosoftFixit.malware.Run
2015-03-20 07:59 - 2015-03-20 07:59 - 00000000 ____D () C:\Users\VB\AppData\Local\MetaGeek,_LLC
2015-03-20 07:55 - 2015-03-20 07:55 - 04767744 _____ () C:\Users\VB\Downloads\inSSIDer31-installer.msi
2015-03-20 07:54 - 2015-03-20 07:54 - 00211231 _____ () C:\Users\VB\Downloads\MicrosoftFixit.malware.Run.zip
2015-03-20 07:50 - 2015-03-20 07:51 - 34670726 _____ () C:\Users\VB\Downloads\torbrowser-install-4.0.4_de.exe
2015-03-20 07:48 - 2015-03-20 07:48 - 01319328 _____ (File Repair ) C:\Users\VB\Downloads\file-repair-setup.exe
2015-03-20 07:45 - 2015-03-20 07:45 - 04954736 _____ (Microsoft Corporation) C:\Users\VB\Downloads\WindowsSetupBox.exe
2015-03-20 07:29 - 2015-03-20 07:29 - 00602112 _____ (OldTimer Tools) C:\Users\VB\Downloads\OTL.exe
2015-03-20 07:22 - 2015-03-20 07:23 - 00000565 _____ () C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2015-03-20 00:36 - 2015-03-20 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-20 00:34 - 2015-03-20 00:36 - 00000000 ____D () C:\Program Files\QuickTime
2015-03-19 23:10 - 2015-03-19 23:10 - 05490752 _____ (Secunia) C:\Users\VB\Downloads\PSISetup10004.exe
2015-03-19 23:10 - 2015-03-19 23:10 - 00000000 ____D () C:\Users\VB\AppData\Local\Secunia PSI
2015-03-19 23:10 - 2015-03-19 23:10 - 00000000 ____D () C:\Program Files\Secunia
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 12:50 - 2013-07-22 21:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-18 12:47 - 2013-07-22 14:18 - 01868406 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 12:46 - 2015-01-19 16:53 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-18 12:46 - 2013-07-22 23:59 - 00000000 ___RD () C:\Dropbox
2015-04-18 12:46 - 2009-07-14 06:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:46 - 2009-07-14 06:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:42 - 2013-07-23 07:31 - 00000000 ____D () C:\Users\VB\AppData\Roaming\Dropbox
2015-04-18 12:41 - 2014-04-14 12:37 - 00000000 ____D () C:\Program Files\StarMoney 9.0
2015-04-18 12:40 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 20:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-04-17 19:07 - 2015-01-23 18:13 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-17 08:47 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-16 20:10 - 2013-07-22 20:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-16 20:10 - 2013-07-22 20:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-15 10:10 - 2013-07-23 07:33 - 00000000 ____D () C:\Users\VB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 12:48 - 2010-02-09 21:56 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 10:45 - 2013-07-22 14:31 - 00000000 ____D () C:\Users\VB
2015-04-09 10:28 - 2015-01-19 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-09 10:24 - 2013-07-22 21:37 - 00001554 _____ () C:\Users\VB\Desktop\A U S.lnk
2015-04-08 15:34 - 2013-07-22 20:19 - 00000974 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-08 15:34 - 2013-07-22 20:19 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-08 14:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-08 11:43 - 2013-07-22 22:14 - 00000000 ____D () C:\ProgramData\Lenovo
2015-04-08 11:42 - 2013-07-22 20:24 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-04-08 11:41 - 2013-07-22 20:22 - 00000000 ____D () C:\Program Files\Lenovo
2015-03-19 23:06 - 2014-08-15 10:27 - 00000000 ____D () C:\Windows\rescache
2015-03-19 22:26 - 2014-08-20 13:59 - 00000000 ____D () C:\Users\VB\AppData\Local\Adobe
==================== Files in the root of some directories =======
2013-08-19 07:44 - 2013-09-24 08:46 - 0007596 _____ () C:\Users\VB\AppData\Local\resmon.resmoncfg
2013-07-22 15:39 - 2013-07-22 15:39 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\VB\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_vist6.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 10:32
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-04-2015 01
Ran by VB at 2015-04-18 13:00:41
Running from C:\Users\VB\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 17 ActiveX (HKLM\...\{8C901387-B304-404D-93C0-E2E0C2D53D90}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM\...\Canon MX920 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (Version: 5.5.708 - Avery) Hidden
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Elevated Installer (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Energie-Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.55 - )
Firefox Developer Edition 39.0a2 (x86 de) (HKLM\...\Firefox Developer Edition 39.0a2 (x86 de)) (Version: 39.0a2 - Mozilla)
FixFoto 3.30 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
Garmin BaseCamp (HKLM\...\{7C69F731-6471-48FE-899B-1C40F80042C7}) (Version: 4.4.2 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2015.20 (HKLM\...\{EF144B2A-E433-45ED-959C-FD913ABCE5D8}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM\...\{F0D44E64-51EE-4888-A1FD-F13108B75A43}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin VIRB Edit (HKLM\...\{0CCE02C9-1020-46D8-AD46-B138CC379958}) (Version: 2.6.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1867 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Join Air (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ZTE Corporation)
Keyman Package - GreekClassical (HKLM\...\Keyman Package GreekClassical) (Version: - )
klickTel OEM Herbst 2012 (HKLM\...\{3BE928ED-DFAD-4AE2-9EE2-FD635612866B}) (Version: 1.00.0000 - telegate MEDIA AG)
Lenovo Patch Utility (HKLM\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0034 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0a2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PrintKey2000 (HKLM\...\PrintKey2000) (Version: - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0027.00 - Lenovo Group Limited)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7255 - Analog Devices)
StarMoney (Version: 4.0.4.16 - StarFinanz) Hidden
StarMoney 9.0 (HKLM\...\{6D06E570-8F56-4589-A65E-3112F512BDEB}) (Version: 9.0 - Star Finanz GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tavultesoft Keyman 6.0 (HKLM\...\Tavultesoft Keyman 6.0) (Version: - )
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad TrackPoint Driver (HKLM\...\TrackPoint) (Version: 4.73.1.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1530652611-3691238261-3748657044-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\VB\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-04-2015 14:41:09 Revo Uninstaller's restore point - Freizeitkarte_ALPS (Ausgabe 13.09)
17-04-2015 14:44:05 Revo Uninstaller's restore point - Freizeitkarte_FRA (Ausgabe 13.09)
17-04-2015 14:46:23 Revo Uninstaller's restore point - Freizeitkarte_CHE+ (Ausgabe 13.09)
17-04-2015 14:49:35 Revo Uninstaller's restore point - Freizeitkarte_AUT+ (Ausgabe 13.09)
17-04-2015 14:52:34 Revo Uninstaller's restore point - Freizeitkarte_BEL (Ausgabe 13.09)
17-04-2015 14:54:27 Revo Uninstaller's restore point - Freizeitkarte_ITA (Ausgabe 13.09)
17-04-2015 14:56:17 Revo Uninstaller's restore point - Freizeitkarte_BEL_NLD_LUX (Ausgabe 13.09)
17-04-2015 15:00:03 Revo Uninstaller's restore point - Freizeitkarte_DEU+ (Ausgabe 13.09)
17-04-2015 15:11:54 Revo Uninstaller's restore point - WinMerge 2.14.0
17-04-2015 17:20:00 Revo Uninstaller's restore point - Mozilla Firefox 37.0.1 (x86 de)
17-04-2015 18:23:41 Revo Uninstaller's restore point - Mozilla Maintenance Service
17-04-2015 20:21:55 Revo Uninstaller's restore point - inSSIDer Home
17-04-2015 20:22:33 Removed inSSIDer Home
18-04-2015 12:48:15 Revo Uninstaller's restore point - DVAG Online-System
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04A7767C-E899-4979-8EE3-39EDF9CB4571} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {201E8AF9-2AD0-4859-8E50-F611D3EE13EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {20286C40-4533-459D-9650-54C07AA3A217} - System32\Tasks\{91BA3ACA-2F9F-4EAE-B402-FB6655F89350} => C:\WU Temp\PrintKey 2000 - CHIP-Downloader.exe
Task: {2DE01F74-A019-42C7-A9C4-102716371E29} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {3A77DB6C-F1DA-4C60-ACBB-EC984ADD2F9D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3B956D18-B55B-417F-B750-066DB71DB5D5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3C5E6E2A-BD9B-428E-9210-3A93A4545C8D} - System32\Tasks\{3174844E-54BA-4883-BB4B-84BD8635F16D} => pcalua.exe -a D:\lenovo\BIOS.exe -d D:\lenovo
Task: {4C3B278D-EE21-44D3-87E2-D780748A438E} - System32\Tasks\{4B19F265-141B-46B6-B51B-76EF73F5728A} => pcalua.exe -a "C:\WU Temp\7mwc03ww.exe" -d "C:\WU Temp"
Task: {67CA7FC8-A5EA-4D60-B527-3C65001E12A9} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {6E281B41-559C-4FDA-BF78-5808A6E98E03} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {77ABAFC9-CDAC-4A57-B2AB-EEB6480E3807} - System32\Tasks\{CCBD5CED-D3B8-4151-9500-B06BC0797129} => pcalua.exe -a D:\lenovo\tvtvrnr43_1027fi.exe -d D:\lenovo
Task: {789908AD-55B6-44C2-94A3-EFE3892EDA4B} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {9994D70A-3A18-4C80-91F3-4C8A03DECBC8} - System32\Tasks\{CBB3FBC8-5D31-4494-9FAF-E56405B8BFA8} => pcalua.exe -a "C:\Program Files\DVAG Online-System\smartclient\smartclient.exe" -d "C:\Program Files\DVAG Online-System\smartclient\" -c -profile de
Task: {9F327FD7-3B81-4AB8-9D17-C8B5AD15BD0E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A07E1EA2-06F5-493E-A54B-F607559F3550} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {A2BFC3BB-5494-48C2-8D98-81BC92581156} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A9EB6D1C-0CAA-48FD-B7B2-A76C56D34A0A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B2DC7E45-988B-4CF6-90EC-F931C5588201} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {BC97B9D5-3E03-48B2-9F7F-8DD0DAD6E3FB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {C448DBEB-535E-4C4B-A408-4CEA79FA0BC7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E3BB47B1-C439-444F-9E3E-158E88E71223} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2015-03-27] ()
Task: {EE7E91B5-94C1-435B-A107-28B71BA53269} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-07-23 07:41 - 2013-06-06 08:24 - 00019448 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\TeamViewer_PrintProcessor.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-06 10:07 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files\StarMoney 9.0\ouservice\PATCHW32.dll
2013-08-03 00:47 - 2010-04-27 16:57 - 00247152 _____ () C:\Program Files\Join Air\AssistantServices.exe
2013-08-03 00:47 - 2010-04-27 17:06 - 00138072 _____ () C:\Program Files\Join Air\UIExec.exe
2013-07-22 22:13 - 2013-06-26 06:55 - 00095232 _____ () C:\Program Files\ThinkPad\Utilities\GR\PWMRT32V.DLL
2012-06-14 22:11 - 2012-06-14 22:11 - 00325968 _____ () C:\ProgramData\Microsoft\Windows\WER\lua5.1.dll
2015-04-18 12:42 - 2015-04-18 12:42 - 00043008 _____ () c:\users\vb\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_vist6.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\VB\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1530652611-3691238261-3748657044-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VB\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VR-NetWorld Auftragsprüfung.lnk => C:\Windows\pss\VR-NetWorld Auftragsprüfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^VB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Officejet Pro 8500 A910 (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Officejet Pro 8500 A910 (Netzwerk).lnk.Startup
MSCONFIG\startupreg: Launch Backup Service Once => C:\Program Files\Lenovo\Rescue and Recovery\rrstrigger.exe -start
MSCONFIG\startupreg: PSQLLauncher => "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
==================== Accounts: =============================
Administrator (S-1-5-21-1530652611-3691238261-3748657044-500 - Administrator - Disabled)
Gast (S-1-5-21-1530652611-3691238261-3748657044-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1530652611-3691238261-3748657044-1002 - Limited - Enabled)
Scanner (S-1-5-21-1530652611-3691238261-3748657044-1003 - Limited - Enabled)
VB (S-1-5-21-1530652611-3691238261-3748657044-1001 - Administrator - Enabled) => C:\Users\VB
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/18/2015 00:48:15 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7b7ce0e7-a3de-4d4a-a04e-31bf9e7bca79}
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (04/18/2015 00:41:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/17/2015 08:42:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/17/2015 08:42:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/17/2015 08:42:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Microsoft Office Sessions:
=========================
Error: (04/18/2015 00:48:15 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7b7ce0e7-a3de-4d4a-a04e-31bf9e7bca79}
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (04/18/2015 00:40:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
CodeIntegrity Errors:
===================================
Date: 2015-04-18 12:42:00.961
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-18 12:41:15.820
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:36:00.565
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:35:36.290
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:21:30.354
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:19:31.255
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:19:24.012
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 20:16:26.092
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 19:06:26.771
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-17 15:20:32.225
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\AEADIAPR.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz
Percentage of memory in use: 47%
Total physical RAM: 3062.3 MB
Available physical RAM: 1599.38 MB
Total Pagefile: 6122.89 MB
Available Pagefile: 4276.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.76 MB
==================== Drives ================================
Drive c: (Bobby) (Fixed) (Total:172.78 GB) (Free:40.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:292.97 GB) (Free:135.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1678649D)
Partition 1: (Active) - (Size=172.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
So funktioniert es: