| sweety200373 | 27.05.2015 21:56 |
Virus hat Browser lahm gelegt - kein Internet mehr!
Liste der Anhänge anzeigen (Anzahl: 1) Hallo! Bin neu hier seit heute und leider sehr unerfahren - bitte um Entschuldigung! Habe genau das selbe Problem wie Nemo1234 vom 18.01.2015. abengine.dll enthält Fehler.......kein Internet mehr möglich, Avira Antivirus kann keine Verbindung zum Internet herstellen usw. Foto von der Fehlermeldung mit Handycamera anbei. Systemwiederherstellung habe ich bereits probiert. Arbeite jetzt am alten Computer und hätte schon mal vom kaputten LT die: FRST.txt Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015 01
Ran by Sweeties (administrator) on MEDION-LAPTOP on 27-05-2015 22:14:46
Running from C:\Users\Sweeties\Downloads
Loaded Profiles: Sweeties (Available Profiles: UpdatusUser & Sweeties)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Abengine) C:\Program Files (x86)\TabNav\abengine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
() C:\Users\Sweeties\AppData\Roaming\6096FC6F-1427298418-E011-AE3F-B0EDA62CDDEB\jnsnF490.tmp
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vspdfprsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Lexmark International, Inc.) C:\Windows\System32\spool\drivers\x64\3\lxedserv.exe
( ) C:\Windows\System32\lxedcoms.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [lxedmon.exe] => C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe [770728 2010-05-17] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe [148280 2010-05-17] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-01-19] (cyberlink)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [171104 2010-03-03] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [vspdfprsrv.exe] => C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vspdfprsrv.exe [7328256 2013-12-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [Registry Helper] => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-21] (Google Inc.)
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\...\Run: [Facebook Update] => C:\Users\Sweeties\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-08] (Facebook Inc.)
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\...\MountPoints2: {19c55159-73b8-11e1-b20c-806e6f6e6963} - E:\Autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1427304207&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> {06143F17-5DA3-44D0-B76E-05CAFE52C5DA} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&ts=1427299734&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&ts=1427299734&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> {0E2F1936-2B2B-4A4F-859C-65555CB02CED} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&ts=1427299734&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&ts=1427299734&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=SAMSUNGXHM641JI_S23TJ9CZC02508&ts=1427299734&type=default&q={searchTerms}
BHO: youtubeadblocker -> {6a4f0642-c5f2-4dc7-915d-47c4631dea9b} -> C:\Program Files (x86)\youtubeadblocker\GffJbZ9N0ssLci.x64.dll No File
BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll [2012-03-21] (Google Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-11] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Lexmark Symbolleiste -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files (x86)\Lexmark Toolbar\toolband.dll [2011-08-19] ()
BHO-x32: youtubeadblocker -> {6a4f0642-c5f2-4dc7-915d-47c4631dea9b} -> C:\Program Files (x86)\youtubeadblocker\GffJbZ9N0ssLci.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll [2012-03-21] (Google Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-11] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Lexmark -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-11] (Google Inc.)
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll [2011-08-19] ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-11] (Google Inc.)
Toolbar: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-11] (Google Inc.)
Toolbar: HKU\S-1-5-21-3817086110-3837121555-82692685-1001 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\abengine.dll [341952 2015-05-06] ()
Winsock: Catalog9 02 C:\Windows\SysWOW64\abengine.dll [341952 2015-05-06] ()
Winsock: Catalog9 03 C:\Windows\SysWOW64\abengine.dll [341952 2015-05-06] ()
Winsock: Catalog9 04 C:\Windows\SysWOW64\abengine.dll [341952 2015-05-06] ()
Winsock: Catalog9 15 C:\Windows\SysWOW64\abengine.dll [341952 2015-05-06] ()
Winsock: Catalog9-x64 01 C:\Windows\system32\abengine64.dll [409168 2015-05-06] (Abengine)
Winsock: Catalog9-x64 02 C:\Windows\system32\abengine64.dll [409168 2015-05-06] (Abengine)
Winsock: Catalog9-x64 03 C:\Windows\system32\abengine64.dll [409168 2015-05-06] (Abengine)
Winsock: Catalog9-x64 04 C:\Windows\system32\abengine64.dll [409168 2015-05-06] (Abengine)
Winsock: Catalog9-x64 15 C:\Windows\system32\abengine64.dll [409168 2015-05-06] (Abengine)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-18] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3817086110-3837121555-82692685-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sweeties\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3817086110-3837121555-82692685-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sweeties\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Profile: C:\Users\Sweeties\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sweeties\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-01]
CHR Extension: (Keep Awake) - C:\Users\Sweeties\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijihlabcfdnabacffofojgmehjdielb [2015-03-25]
CHR Extension: (Avira Browser Safety) - C:\Users\Sweeties\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-01]
CHR Extension: (Skype Click to Call) - C:\Users\Sweeties\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-06]
CHR Extension: (Google Wallet) - C:\Users\Sweeties\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (SSalePlus) - C:\ProgramData\foehbagfdfdhfjjjojjnohpbllodkmmo\ []
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 abengine; C:\Program Files (x86)\TabNav\abengine.exe [1483816 2015-03-03] (Abengine) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 joqenobi; C:\Users\Sweeties\AppData\Roaming\6096FC6F-1427298418-E011-AE3F-B0EDA62CDDEB\jnsnF490.tmp [152064 2015-03-25] () [File not signed]
R2 lxedCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxedserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxed_device; C:\Windows\system32\lxedcoms.exe [1052328 2010-04-14] ( )
R2 lxed_device; C:\Windows\SysWOW64\lxedcoms.exe [598696 2010-04-14] ( )
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
S2 globalUpdate1d06749bd5b04ab; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc [X]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X] <==== ATTENTION
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-01-20] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-27 22:14 - 2015-05-27 22:16 - 00028768 _____ () C:\Users\Sweeties\Downloads\FRST.txt
2015-05-27 22:14 - 2015-05-27 22:14 - 00000000 ____D () C:\FRST
2015-05-27 22:11 - 2015-05-27 22:11 - 02108928 _____ (Farbar) C:\Users\Sweeties\Downloads\FRST64.exe
2015-05-27 21:54 - 2015-05-27 21:54 - 00199294 _____ () C:\Windows\PFRO.log
2015-05-27 21:54 - 2015-05-27 21:54 - 00000056 _____ () C:\Windows\setupact.log
2015-05-27 21:54 - 2015-05-27 21:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-27 19:25 - 2015-05-27 19:25 - 00000000 ____D () C:\Users\Sweeties\Downloads\CCleaner 501
2015-05-27 19:11 - 2015-05-27 19:11 - 00003278 _____ () C:\Windows\System32\Tasks\{E396165A-7F61-444F-B34A-6057BE326FDA}
2015-05-27 19:03 - 2015-05-27 19:03 - 00001318 _____ () C:\Users\Sweeties\Desktop\Revo Uninstaller.lnk
2015-05-27 19:03 - 2015-05-27 19:03 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-27 18:38 - 2015-05-27 18:38 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-27 18:38 - 2015-05-27 18:38 - 00000876 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-27 18:38 - 2015-05-27 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-27 18:38 - 2015-05-27 18:38 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-27 18:26 - 2015-05-27 18:26 - 00002108 _____ () C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-05-27 18:26 - 2015-05-27 18:26 - 00000000 ____D () C:\Users\Sweeties\AppData\Roaming\Avira
2015-05-27 18:26 - 2015-05-27 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-27 18:25 - 2015-04-16 15:23 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-27 18:25 - 2015-04-16 15:23 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-27 18:25 - 2015-04-16 15:23 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-05-27 18:25 - 2015-04-16 15:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-05-27 16:02 - 2015-05-27 17:52 - 00000000 ____D () C:\Users\Sweeties\Downloads\Avira
2015-05-06 18:01 - 2015-05-06 18:01 - 00003092 _____ () C:\Windows\System32\Tasks\iren3006
2015-05-06 18:00 - 2015-05-27 21:55 - 00009000 _____ () C:\Windows\SysWOW64\abengineOff.ini
2015-05-06 18:00 - 2015-05-27 21:55 - 00009000 _____ () C:\Windows\system32\abengineOff.ini
2015-05-06 18:00 - 2015-04-22 16:51 - 00341952 _____ () C:\Windows\SysWOW64\abengine.dll
2015-05-06 17:59 - 2015-04-22 16:51 - 00409168 _____ (Abengine) C:\Windows\system32\abengine64.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-27 22:07 - 2015-03-26 00:07 - 00005878 _____ () C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-6.job
2015-05-27 22:07 - 2015-03-26 00:07 - 00003154 _____ () C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-1-6.job
2015-05-27 22:07 - 2015-03-26 00:07 - 00002128 _____ () C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-10_user.job
2015-05-27 22:05 - 2009-07-14 06:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-27 22:05 - 2009-07-14 06:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-27 22:03 - 2012-03-21 18:50 - 01097737 _____ () C:\Windows\WindowsUpdate.log
2015-05-27 21:57 - 2012-07-23 17:52 - 00098197 _____ () C:\ProgramData\lxedscan.log
2015-05-27 21:54 - 2015-03-26 00:07 - 00005534 _____ () C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-7.job
2015-05-27 21:54 - 2015-03-26 00:07 - 00004510 _____ () C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-3.job
2015-05-27 21:54 - 2015-03-26 00:07 - 00003490 _____ () C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-1-7.job
2015-05-27 21:54 - 2015-03-26 00:07 - 00002462 _____ () C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-5_user.job
2015-05-27 21:54 - 2015-03-26 00:07 - 00002462 _____ () C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-5.job
2015-05-27 21:54 - 2015-03-25 18:09 - 00001348 _____ () C:\Windows\Tasks\ACHGF.job
2015-05-27 21:54 - 2015-03-25 17:47 - 00001698 _____ () C:\Windows\Tasks\BYAIAMUF.job
2015-05-27 21:54 - 2012-03-21 18:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-27 21:54 - 2011-04-19 20:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-27 21:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-27 21:51 - 2015-03-26 00:07 - 00000000 ____D () C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03
2015-05-27 21:51 - 2015-03-25 17:50 - 00000000 ____D () C:\Users\Sweeties\AppData\Local\6096FC6F-1427302227-E011-AE3F-B0EDA62CDDEB
2015-05-27 21:49 - 2012-04-12 15:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-27 21:08 - 2014-11-13 20:21 - 00000000 __SHD () C:\Users\Sweeties\AppData\Local\EmieBrowserModeList
2015-05-27 21:08 - 2014-04-21 08:52 - 00000000 __SHD () C:\Users\Sweeties\AppData\Local\EmieUserList
2015-05-27 21:08 - 2014-04-21 08:52 - 00000000 __SHD () C:\Users\Sweeties\AppData\Local\EmieSiteList
2015-05-27 20:05 - 2012-03-21 18:54 - 00000000 ____D () C:\Users\Sweeties
2015-05-27 20:03 - 2012-12-16 10:35 - 00030720 ___SH () C:\Users\Sweeties\Documents\Thumbs.db
2015-05-27 19:35 - 2013-01-08 20:30 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3817086110-3837121555-82692685-1001UA.job
2015-05-27 19:35 - 2013-01-08 20:30 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3817086110-3837121555-82692685-1001Core.job
2015-05-27 19:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-27 18:48 - 2012-03-22 21:11 - 00000000 ___DC () C:\Users\Sweeties\AppData\Local\MigWiz
2015-05-27 18:48 - 2011-02-10 20:44 - 00000000 ____D () C:\Windows\Panther
2015-05-27 18:38 - 2011-02-10 21:25 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2015-05-27 18:38 - 2011-02-10 21:25 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2015-05-27 18:38 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-27 18:25 - 2013-04-22 17:01 - 00000000 ____D () C:\ProgramData\Avira
2015-05-27 18:12 - 2015-04-18 11:09 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-27 17:44 - 2012-07-23 17:56 - 00000000 ____D () C:\ProgramData\Lx_cats
2015-05-27 17:42 - 2010-11-21 09:16 - 00000000 ____D () C:\Windows\ShellNew
2015-05-27 17:39 - 2015-04-03 10:55 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-27 17:39 - 2015-04-03 10:55 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-27 17:39 - 2015-03-25 17:44 - 00000000 ____D () C:\Program Files (x86)\TabNav
2015-05-27 17:39 - 2015-03-25 17:42 - 00000000 ____D () C:\Program Files (x86)\SSalePlus
2015-05-27 17:39 - 2012-05-13 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-27 17:39 - 2012-05-13 09:34 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-27 17:39 - 2012-05-13 09:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-27 17:39 - 2012-03-22 21:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-27 17:39 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-27 17:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-27 17:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-27 17:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-27 17:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-27 17:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-27 15:33 - 2015-04-18 11:49 - 00007601 _____ () C:\Users\Sweeties\AppData\Local\Resmon.ResmonCfg
2015-05-25 10:58 - 2013-07-29 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-20 16:44 - 2012-03-21 18:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 16:44 - 2012-03-21 18:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-20 16:44 - 2012-03-21 18:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-10 14:26 - 2015-01-30 11:52 - 00011804 _____ () C:\Users\Sweeties\Documents\40er Feier Uschi.xlsx
2015-05-06 18:01 - 2015-04-18 10:56 - 00000002 _____ () C:\END
2015-05-06 17:58 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-27 18:47 - 2014-10-18 17:45 - 00000000 ____D () C:\Users\Sweeties\Documents\Uschi Elternverein
==================== Files in the root of some directories =======
2014-10-29 21:49 - 2014-10-29 21:49 - 6000640 _____ () C:\Program Files (x86)\GUT4210.tmp
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Sweeties\AppData\Roaming\ACHGF
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Sweeties\AppData\Roaming\BYAIAMUF
2015-03-25 18:10 - 2015-03-25 18:10 - 0613255 _____ (CMI Limited) C:\Users\Sweeties\AppData\Local\nsb1EB5.tmp
2015-03-26 00:21 - 2015-03-26 00:20 - 0613255 _____ (CMI Limited) C:\Users\Sweeties\AppData\Local\nsrEF9B.tmp
2015-04-18 11:49 - 2015-05-27 15:33 - 0007601 _____ () C:\Users\Sweeties\AppData\Local\Resmon.ResmonCfg
2012-09-21 09:59 - 2012-09-21 09:59 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2012-07-23 17:59 - 2012-07-23 17:59 - 0000252 _____ () C:\ProgramData\FastPics.log
2012-08-07 15:27 - 2015-03-14 11:33 - 0262728 _____ () C:\ProgramData\lxed.log
2014-12-13 22:30 - 2014-12-13 22:31 - 0000248 _____ () C:\ProgramData\lxedDiagnostics.log
2012-07-23 17:59 - 2015-04-17 20:34 - 0051944 _____ () C:\ProgramData\lxedJSW.log
2012-07-23 17:52 - 2015-05-27 21:57 - 0098197 _____ () C:\ProgramData\lxedscan.log
2012-09-21 09:59 - 2012-09-21 09:59 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2013-05-22 15:54 - 2013-05-22 15:54 - 1210157 _____ () C:\ProgramData\SPL14C7.tmp
2013-05-12 21:50 - 2013-05-12 21:50 - 1210157 _____ () C:\ProgramData\SPL2D4B.tmp
2013-11-24 14:30 - 2013-11-24 14:30 - 1729452 _____ () C:\ProgramData\SPL339E.tmp
2013-05-13 14:46 - 2013-05-13 14:46 - 1210157 _____ () C:\ProgramData\SPL702F.tmp
2013-05-15 21:37 - 2013-05-15 21:37 - 1210157 _____ () C:\ProgramData\SPL750F.tmp
2013-05-14 18:14 - 2013-05-14 18:14 - 1210157 _____ () C:\ProgramData\SPL7DA7.tmp
2013-05-20 20:56 - 2013-05-20 20:56 - 1210157 _____ () C:\ProgramData\SPL8065.tmp
2013-05-21 08:59 - 2013-05-21 08:59 - 1210157 _____ () C:\ProgramData\SPL8989.tmp
2013-11-27 20:11 - 2013-11-27 20:11 - 0467560 _____ () C:\ProgramData\SPL8AC4.tmp
2013-05-21 22:37 - 2013-05-21 22:37 - 1210157 _____ () C:\ProgramData\SPL9B06.tmp
2013-05-21 19:21 - 2013-05-21 19:21 - 1210157 _____ () C:\ProgramData\SPLA42A.tmp
2012-07-23 17:50 - 2012-07-23 17:50 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
Some files in TEMP:
====================
C:\Users\Sweeties\AppData\Local\Temp\4jb99nif.dll
C:\Users\Sweeties\AppData\Local\Temp\ABCofPics.exe
C:\Users\Sweeties\AppData\Local\Temp\APNStub.exe
C:\Users\Sweeties\AppData\Local\Temp\AskSLib.dll
C:\Users\Sweeties\AppData\Local\Temp\avgnt.exe
C:\Users\Sweeties\AppData\Local\Temp\bdgB409.exe
C:\Users\Sweeties\AppData\Local\Temp\bitool.dll
C:\Users\Sweeties\AppData\Local\Temp\clrvu.exe
C:\Users\Sweeties\AppData\Local\Temp\COMAP.EXE
C:\Users\Sweeties\AppData\Local\Temp\D8FF84E6-6D5A-BD77-AE5F-08EE8857B61B.dll
C:\Users\Sweeties\AppData\Local\Temp\EAD3439.exe
C:\Users\Sweeties\AppData\Local\Temp\EADC6D7.exe
C:\Users\Sweeties\AppData\Local\Temp\EADDCF5.exe
C:\Users\Sweeties\AppData\Local\Temp\EADE271.exe
C:\Users\Sweeties\AppData\Local\Temp\EADFD51.exe
C:\Users\Sweeties\AppData\Local\Temp\installerdll1503709.dll
C:\Users\Sweeties\AppData\Local\Temp\installerdll1510620.dll
C:\Users\Sweeties\AppData\Local\Temp\install_flashplayer11x32axau_gtbp_chra_aih.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Sweeties\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Sweeties\AppData\Local\Temp\ose00000.exe
C:\Users\Sweeties\AppData\Local\Temp\Setup.exe
C:\Users\Sweeties\AppData\Local\Temp\SpOrder.dll
C:\Users\Sweeties\AppData\Local\Temp\UninstallEADM.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-20 18:21
==================== End of log ============================
und die Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by Sweeties at 2015-05-27 22:16:27
Running from C:\Users\Sweeties\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3817086110-3837121555-82692685-500 - Administrator - Disabled)
Gast (S-1-5-21-3817086110-3837121555-82692685-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3817086110-3837121555-82692685-1003 - Limited - Enabled)
Sweeties (S-1-5-21-3817086110-3837121555-82692685-1001 - Administrator - Enabled) => C:\Users\Sweeties
UpdatusUser (S-1-5-21-3817086110-3837121555-82692685-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A1 Internet Software (HKLM-x32\...\A1 Internet Software) (Version: 8.1.1.64 - A1 Telekom Austria AG)
A1 Internet Software (x32 Version: 8.1.1.64 - A1 Telekom Austria AG) Hidden
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Camera Suite (HKLM-x32\...\ArcSoft Camera Suite) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CantorCorner (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7c1130c3}) (Version: - CantorCorner) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2602 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2519.50 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3911 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2626 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Movie-Accessoires (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.10.11.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kreativ Drucken deluxe 2013 (HKLM-x32\...\{60EA34DE-DD75-4453-A892-0BB79F3A7435}_is1) (Version: - )
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.3 - Wistron Corp.)
Lexmark (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lexmark S600 Series (HKLM\...\Lexmark S600 Series) (Version: - Lexmark International, Inc.)
Lexmark Symbolleiste (HKLM-x32\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.63.37.0 - )
Lexmark Tools for Office (HKLM-x32\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.29.0.0 - )
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.1517 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.1517 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Premium (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301031}) (Version: 7.02.9753 - Nero AG)
NVIDIA 3D Vision Treiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PDF Experte 9 Professional (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 9.02.0.0 - Avanquest Software)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SalePlus (HKLM-x32\...\{B696F285-F54E-2524-58B1-E06A70ABE6BE}) (Version: - ) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.15723 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Unity Web Player (HKU\S-1-5-21-3817086110-3837121555-82692685-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAP11G (HKLM-x32\...\{2C73154B-F7F9-4B53-AF56-D06846C99EC4}_is1) (Version: 5.0.30.4 for WIN7/VISTA/WINXP - ShenZhen HouTian Network Communication Techlogy Co.Ltd)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wondershare PDF to PowerPoint (Build 2.0.1) (HKLM-x32\...\{71CC7DEB-2D46-4F28-B664-898AB88D48A6}_is1) (Version: - Wondershare Software)
Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
18-04-2015 12:07:47 Windows Update
20-05-2015 18:28:32 Geplanter Prüfpunkt
25-05-2015 10:39:31 Windows Update
27-05-2015 17:19:29 Wiederherstellungsvorgang
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00E2D92C-D412-4C30-9E14-A88D6123C52A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3817086110-3837121555-82692685-1001UA => C:\Users\Sweeties\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-08] (Facebook Inc.)
Task: {10A1A6C1-4F8B-43ED-A425-49A8FED1E4F6} - System32\Tasks\b200321a-3845-42bf-9257-929d1fd12462-10_user => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-10.exe <==== ATTENTION
Task: {1F7700B5-BD43-40AC-87EA-9C2F9DA1EACB} - System32\Tasks\b200321a-3845-42bf-9257-929d1fd12462-1-6 => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-1-6.exe <==== ATTENTION
Task: {21837B66-CEF0-4B2B-9E89-DDE7F2ADC1BE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3817086110-3837121555-82692685-1001Core => C:\Users\Sweeties\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-08] (Facebook Inc.)
Task: {29A7B496-2C1D-47BC-9C1D-9FBB58F7949C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-02] (Google Inc.)
Task: {348941F0-5C68-4C4F-A71B-092F7E36E882} - System32\Tasks\fres3005 => C:\PROGRA~2\HIGHLI~1\fres3005.exe
Task: {3583CA48-6237-4E27-9B52-E7CDF8E643B1} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {496B30BD-F07E-4354-877B-843254FFAA61} - System32\Tasks\b200321a-3845-42bf-9257-929d1fd12462-5 => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-5.exe <==== ATTENTION
Task: {4DE20E96-921D-45A7-99A9-6C109D6F831A} - System32\Tasks\{E396165A-7F61-444F-B34A-6057BE326FDA} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {4DECEDE4-7A59-426D-8D4D-2474DC5E865A} - System32\Tasks\b200321a-3845-42bf-9257-929d1fd12462-5_user => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-5.exe <==== ATTENTION
Task: {4FA4F5BC-F8C7-48E6-B59E-1DC8880829C3} - System32\Tasks\arg3002 => C:\Program Files (x86)\TabNav\arg3002.exe [2015-02-19] ()
Task: {586BB5E9-F349-4FF8-9351-289815930423} - System32\Tasks\b200321a-3845-42bf-9257-929d1fd12462-3 => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-3.exe <==== ATTENTION
Task: {63D4896C-6850-4F50-B2B0-0CE29A6070BF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-18] (Adobe Systems Incorporated)
Task: {656BEEEB-4C7B-461C-9D8D-277A32B1DB5B} - System32\Tasks\{A364F307-451B-42FB-BEBE-E563F5A941AC} => pcalua.exe -a C:\Users\Sweeties\AppData\Roaming\omniboxes\UninstallManager.exe -c -ptid=obw
Task: {6AC71D40-ED02-4633-A6BB-96A1676F605E} - System32\Tasks\b200321a-3845-42bf-9257-929d1fd12462-6 => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-6.exe <==== ATTENTION
Task: {8012BBA2-8FB1-494B-B67E-52BABCBA14F2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {8CDA036C-12C7-401F-A920-4390270D94A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-02] (Google Inc.)
Task: {905FDC57-A5EC-4944-A58A-836101DB8BB0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {9064E180-5202-4CED-B101-924104FE8D18} - System32\Tasks\BYAIAMUF => C:\Users\Sweeties\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: {9665EBC1-45B8-4428-A93D-D07CC3FD3805} - System32\Tasks\{65CB560E-3FAC-472E-8A33-F4EE7CBD3094} => pcalua.exe -a "C:\Program Files (x86)\Origin\EAProxyInstaller.exe" -d C:\PROGRA~3\Origin\DOWNLO~1\{CP_GU~1 -c /proxyFullPath=C:\PROGRA~3\Origin\DOWNLO~1\{CP_GU~1\ORIGIN~1.EXE /proxyCmdLineArgs= /proxyCurrentDir=C:\PROGRA~3\Origin\DOWNLO~1\{CP_GU~1 /proxyShowUI=1 /proxyRegPath=C:\ProgramData\Origin\DownloadCache\staging.reg /proxyWait=1
Task: {CBAD9FA3-643A-4690-8E2C-11B9452D8F65} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {D09C1E9D-C66C-4B34-BA09-FC83A9B032E0} - System32\Tasks\ACHGF => C:\Users\Sweeties\AppData\Roaming\ACHGF.exe <==== ATTENTION
Task: {D142C243-5927-4623-8402-4882BFC966DB} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: {DF2207F5-D8E7-4337-A6D8-9ECDF47E90D8} - System32\Tasks\iren3006 => C:\Program Files (x86)\HighlightSearches\iren3006.exe [2015-04-24] () <==== ATTENTION
Task: {E312CCEC-97BC-465D-9028-ACC6E64E01B0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E7614DD6-3E65-4514-83CA-9F124F3C0C0F} - System32\Tasks\b200321a-3845-42bf-9257-929d1fd12462-7 => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-7.exe <==== ATTENTION
Task: {F44D9410-07A1-49C1-B6FD-B9CF2699AB6F} - System32\Tasks\b200321a-3845-42bf-9257-929d1fd12462-1-7 => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\ACHGF.job => C:\Users\Sweeties\AppData\Roaming\ACHGF.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-1-6.job => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-1-7.job => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-10_user.job => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-3.job => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-5.job => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-5_user.job => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-6.job => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\b200321a-3845-42bf-9257-929d1fd12462-7.job => C:\Program Files (x86)\Cinema Plus Pro 3.2cV25.03\b200321a-3845-42bf-9257-929d1fd12462-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\Sweeties\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3817086110-3837121555-82692685-1001Core.job => C:\Users\Sweeties\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3817086110-3837121555-82692685-1001UA.job => C:\Users\Sweeties\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2012-07-23 17:53 - 2009-11-04 15:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeddrpp.dll
2012-11-04 17:33 - 2013-01-10 23:36 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-05-13 09:54 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-23 17:51 - 2010-05-17 15:52 - 00770728 _____ () C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe
2012-07-23 17:51 - 2010-05-17 15:52 - 00148280 _____ () C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-03-25 17:47 - 2015-03-25 17:47 - 00152064 _____ () C:\Users\Sweeties\AppData\Roaming\6096FC6F-1427298418-E011-AE3F-B0EDA62CDDEB\jnsnF490.tmp
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-10-01 13:31 - 2013-12-17 10:14 - 07328256 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vspdfprsrv.exe
2012-07-23 17:53 - 2009-05-18 15:32 - 01416192 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxedptpc.dll
2012-07-23 17:52 - 2009-11-04 15:19 - 00198656 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxeddrui.dll
2012-07-23 17:52 - 2009-06-08 02:55 - 00152576 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxedPRPR.DLL
2012-07-23 17:52 - 2009-11-04 15:17 - 00280576 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxeddr.dll
2012-07-23 17:51 - 2010-04-01 19:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark S600 Series\lxedscw.dll
2012-07-23 17:50 - 2009-05-27 14:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark S600 Series\lxeddatr.dll
2012-07-23 17:50 - 2009-05-27 14:13 - 00081920 _____ () C:\Program Files (x86)\Lexmark S600 Series\lxedcats.dll
2012-07-23 17:51 - 2010-04-01 19:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark S600 Series\lxedDRS.dll
2012-07-23 17:51 - 2009-03-10 07:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark S600 Series\lxedcaps.dll
2012-07-23 17:49 - 2009-02-20 10:48 - 00381440 _____ () C:\Windows\system32\lxedsm.dll
2012-07-23 17:49 - 2009-04-28 09:56 - 00024064 _____ () C:\Windows\system32\lxedsmr.dll
2012-07-23 17:51 - 2010-04-05 12:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark S600 Series\Epwizard.DLL
2012-07-23 17:51 - 2010-04-05 12:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark S600 Series\customui.dll
2012-07-23 17:51 - 2010-04-05 12:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark S600 Series\Eputil.DLL
2012-07-23 17:51 - 2010-04-05 12:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark S600 Series\Imagutil.DLL
2012-07-23 17:51 - 2010-04-05 12:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark S600 Series\Epfunct.DLL
2012-07-23 17:51 - 2009-06-23 13:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark S600 Series\EPWizRes.dll
2012-07-23 17:51 - 2009-06-23 13:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark S600 Series\epstring.dll
2012-07-23 17:51 - 2009-06-23 13:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark S600 Series\EPOEMDll.dll
2012-07-23 17:51 - 2009-04-07 21:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark S600 Series\iptk.dll
2012-07-23 17:51 - 2009-03-02 16:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark S600 Series\lxedptp.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-01 13:31 - 2013-12-17 10:14 - 01200128 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\TMSlite170.bpl
2014-10-01 13:31 - 2013-12-16 18:14 - 00090112 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vspropsaver170.bpl
2014-10-01 13:31 - 2013-12-17 10:14 - 05165056 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vspdfcore170.bpl
2014-10-01 13:31 - 2013-12-16 18:14 - 02544640 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vsvector170.bpl
2014-10-01 13:31 - 2013-12-17 10:14 - 02974720 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\BBlite170.bpl
2014-10-01 13:31 - 2013-12-17 10:14 - 00025600 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vstrees170.bpl
2014-10-01 13:31 - 2013-12-17 10:14 - 00066560 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vsprinters170.bpl
2014-10-01 13:31 - 2013-12-16 18:14 - 00064512 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vspdfprinter170.bpl
2014-10-01 13:31 - 2013-12-16 18:14 - 01951288 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\js32.dll
2014-10-01 13:31 - 2013-12-17 10:14 - 00078848 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\expertpdfcore170.bpl
2014-10-01 13:31 - 2013-12-17 10:14 - 00572928 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 9 Professional\vspdfeditor170.bpl
2015-03-25 16:51 - 2014-10-31 17:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-03-25 16:51 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-10-19 18:14 - 2014-10-19 18:14 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2011-04-19 19:52 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VCL => ""="service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3817086110-3837121555-82692685-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sweeties\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A5D02DFB-D2D3-476D-B3BF-42996628F632}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{83A7B532-4A8C-4918-B91B-56FFB8586E94}] => (Allow) LPort=2869
FirewallRules: [{B9F3473E-66B5-4C14-B1AF-84E4F888E2EF}] => (Allow) LPort=1900
FirewallRules: [{16207F27-E370-4AFD-A963-EEA943D13737}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F8BA434F-3751-4264-BB64-81A691281D5C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2F4C5D0D-F586-4FB7-B81D-B542674F291D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{90C31E51-808C-4CA1-8D0A-891BE2255A26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FD0EB332-C7F9-4F10-A569-2EDD452A96F0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{FFCD10EB-9469-4AE8-8AA4-66F08043A8C0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [TCP Query User{5CB9AEDD-AE83-4A89-9549-0EA5EDD2CABD}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{F23EFD2D-60BC-4C90-BCF7-17244B4C8B3F}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{0620581D-502D-4C04-8C1E-54931C509AD2}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{68167599-AF8C-494D-A3CB-026412A0BD8B}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{F4EA7E95-D909-4F5C-A0F4-3DE397DC347A}] => (Allow) C:\Windows\system32\lxedcoms.exe
FirewallRules: [{C211F61E-31EC-460D-8619-0BB351B059BE}] => (Allow) C:\Windows\system32\LXEDcoms.exe
FirewallRules: [{65F33689-2887-4E25-BB4B-66BF790D0513}] => (Allow) C:\Windows\system32\LXEDcoms.exe
FirewallRules: [{8969B5D6-9476-4672-89FB-BF419C4FF523}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{CD3838CF-B47A-4B35-A81A-077DA8EF3403}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{ED680C61-6F4A-4415-85D2-71A3C4E002B2}] => (Allow) C:\Windows\system32\LXEDcoms.exe
FirewallRules: [TCP Query User{351A21B8-0723-4E8A-9F58-E7E00BCA3CA9}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{CDAD3700-6D71-4475-A943-2CDADE46DF6E}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [{5A10A5F6-28A5-45DD-BBBD-430CA08CEA62}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{18FC501D-6C9D-4978-A53A-808C55CC4667}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{E4DC1E49-849F-49CB-B707-48A159EDB463}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{F6784630-3087-4A8A-BA13-48152D3CD6F5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{1B6627CF-6148-4EBB-980A-4D98E1290AA2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{CFCB4A24-64DB-4AD9-8A08-48362A97110A}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{968C5829-8C06-4FAF-9C42-C7EFB7E39568}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [{B7760572-53A2-4672-A360-4EE94C67180F}] => (Allow) C:\Program Files (x86)\A1\A1 Breitband\A1Breitband.exe
FirewallRules: [{1D459FAD-3D58-4AC6-A911-EDB282678ED1}] => (Allow) C:\Program Files (x86)\A1\A1 Breitband\A1Breitband.exe
FirewallRules: [{CFCD3DE0-24AE-4AFD-A80F-7075113755C1}] => (Allow) C:\Program Files (x86)\A1\A1 Breitband\A1Breitband.exe
FirewallRules: [{4D5AF1B5-CD97-415E-AC2C-246C07442F65}] => (Allow) C:\Program Files (x86)\A1\A1 Breitband\A1Breitband.exe
FirewallRules: [{5F5D4485-46BE-44D3-BF4B-573DCA69F4D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2C23FDB0-21C3-4E88-8D0A-6C39F5F8D1A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7D84DA15-1D13-4A59-80F0-6C4872848C69}] => (Allow) C:\Users\Sweeties\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{CA208D7E-1C08-412E-BAE7-1FA1271DBE9A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{336CF0FC-E86F-409A-85BF-1C61B147E3E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F9D129B1-4AF7-4CDE-8E36-D8A029141E1D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FAECDDF4-F671-4917-86E9-FA0BEE972379}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B664E408-4B54-405E-8ED3-1E6358DA3936}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4E1D1F1A-9A69-4600-8EEF-DBA9E51E3688}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/27/2015 10:08:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (05/27/2015 09:57:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2015 09:11:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 42.0.2311.135, Zeitstempel: 0x553ea9d4
Name des fehlerhaften Moduls: chrome.dll, Version: 42.0.2311.135, Zeitstempel: 0x553ea523
Ausnahmecode: 0x80000003
Fehleroffset: 0x0051aaeb
ID des fehlerhaften Prozesses: 0xde0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/27/2015 09:11:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 42.0.2311.135, Zeitstempel: 0x553ea9d4
Name des fehlerhaften Moduls: chrome.dll, Version: 42.0.2311.135, Zeitstempel: 0x553ea523
Ausnahmecode: 0x80000003
Fehleroffset: 0x0051aaeb
ID des fehlerhaften Prozesses: 0xbd4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/27/2015 09:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 42.0.2311.135, Zeitstempel: 0x553ea9d4
Name des fehlerhaften Moduls: chrome.dll, Version: 42.0.2311.135, Zeitstempel: 0x553ea523
Ausnahmecode: 0x80000003
Fehleroffset: 0x0051aaeb
ID des fehlerhaften Prozesses: 0x14c8
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/27/2015 09:09:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 42.0.2311.135, Zeitstempel: 0x553ea9d4
Name des fehlerhaften Moduls: chrome.dll, Version: 42.0.2311.135, Zeitstempel: 0x553ea523
Ausnahmecode: 0x80000003
Fehleroffset: 0x0051aaeb
ID des fehlerhaften Prozesses: 0x7b8
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/27/2015 08:00:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ezprint.exe, Version 3.98.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a3c
Startzeit: 01d09897fca502cf
Endzeit: 7
Anwendungspfad: C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe
Berichts-ID: 45015f15-049a-11e5-aa26-00262dc48bed
Error: (05/27/2015 07:35:44 PM) (Source: Google Update) (EventID: 20) (User: Medion-Laptop)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
Error: (05/27/2015 06:37:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 42.0.2311.135, Zeitstempel: 0x553ea9d4
Name des fehlerhaften Moduls: chrome.dll, Version: 42.0.2311.135, Zeitstempel: 0x553ea523
Ausnahmecode: 0x80000003
Fehleroffset: 0x0051aaeb
ID des fehlerhaften Prozesses: 0xc5c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (05/27/2015 06:34:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 42.0.2311.135, Zeitstempel: 0x553ea9d4
Name des fehlerhaften Moduls: chrome.dll, Version: 42.0.2311.135, Zeitstempel: 0x553ea523
Ausnahmecode: 0x80000003
Fehleroffset: 0x0051aaeb
ID des fehlerhaften Prozesses: 0x18bc
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
System errors:
=============
Error: (05/27/2015 09:59:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/27/2015 09:59:20 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/27/2015 09:59:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate1d06749bd5b04ab)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/27/2015 07:59:59 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.
Error: (05/27/2015 07:16:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}
Error: (05/27/2015 06:15:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/27/2015 06:15:50 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/27/2015 06:15:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate1d06749bd5b04ab)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/27/2015 06:09:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/27/2015 06:09:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office:
=========================
Error: (04/03/2014 02:56:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2158 seconds with 180 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 390 @ 2.67GHz
Percentage of memory in use: 36%
Total physical RAM: 3893.42 MB
Available physical RAM: 2470.11 MB
Total Pagefile: 8085.04 MB
Available Pagefile: 6030.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:555.07 GB) (Free:304.79 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:37.6 GB) NTFS
Drive f: (16 GB SÜSS) (Removable) (Total:14.63 GB) (Free:14.43 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=555.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
========================================================
Disk: 1 (Size: 14.6 GB) (Disk ID: 6E652072)
No partition Table on disk 1.
==================== End of log ============================
Anhang 74257
Vielen Dank für Ihre Mühe und
Liebe Grüße
sweety200373 |
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
