FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-10-2014 01
Ran by mobil_2 (administrator) on HENRY-PC on 05-10-2014 10:49:18
Running from F:\
Loaded Profile: mobil_2 (Available profiles: mobil_2)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(ACD Systems, Ltd.) C:\Program Files (x86)\Common Files\ACD Systems\DE\DevDetect.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [Device Detector] => C:\Program Files (x86)\Common Files\ACD Systems\DE\DevDetect.exe [217088 2003-11-27] (ACD Systems, Ltd.)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus_Sonderedition\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe [70728 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKU\S-1-5-21-3144644184-4217118365-2383263394-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {768A4D95-993E-423D-A4FD-4DF6571E0546} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {768A4D95-993E-423D-A4FD-4DF6571E0546} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {768A4D95-993E-423D-A4FD-4DF6571E0546} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {768A4D95-993E-423D-A4FD-4DF6571E0546} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {768A4D95-993E-423D-A4FD-4DF6571E0546} URL =
SearchScopes: HKCU - {768A4D95-993E-423D-A4FD-4DF6571E0546} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\mobil_2\AppData\Roaming\Mozilla\Firefox\Profiles\myks6oxs.default
FF NewTab: hxxp://www.google.de
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 1-Click YouTube Video Downloader - C:\Users\mobil_2\AppData\Roaming\Mozilla\Firefox\Profiles\myks6oxs.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-08-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-14]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-07-30] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-07-18] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-07-18] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-07-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-07-18] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468240 2013-04-23] (Intel Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] () [File not signed]
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [18504 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [189000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-10-04] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-10-04] (G Data Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [142336 2014-10-04] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [64000 2014-10-04] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2014-10-04] (G Data Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-10-04] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [61440 2014-10-04] (G Data Software AG)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [9856 2014-07-18] (Padus, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-07-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-05 10:49 - 2014-10-05 10:49 - 00000000 ____D () C:\FRST
2014-10-04 08:11 - 2014-10-04 08:11 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2014-10-04 07:14 - 2014-10-04 07:14 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2014-10-04 07:04 - 2014-10-04 07:04 - 00020992 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2014-10-04 07:04 - 2014-10-04 07:04 - 00002078 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2014-10-04 07:04 - 2014-10-04 07:04 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2014-10-04 07:04 - 2014-10-04 07:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2014-10-04 07:03 - 2014-10-04 07:03 - 00064000 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-10-04 07:00 - 2014-10-04 07:00 - 00068608 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-10-04 06:59 - 2014-10-04 06:59 - 00142336 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-10-04 06:59 - 2014-10-04 06:59 - 00061440 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-10-04 06:59 - 2014-10-04 06:59 - 00055808 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-10-04 06:59 - 2014-10-04 06:59 - 00000779 _____ () C:\Users\mobil_2\AppData\Roaming\gdscan.log
2014-10-04 06:59 - 2014-10-04 06:59 - 00000000 _____ () C:\Users\mobil_2\AppData\Roaming\gdfw.log
2014-10-04 06:58 - 2014-10-04 06:59 - 00019238 _____ () C:\WINDOWS\DPINST.LOG
2014-10-04 06:56 - 2014-10-04 06:56 - 00000000 ____D () C:\Program Files (x86)\G DATA
2014-10-04 06:51 - 2014-10-04 07:14 - 00000000 ____D () C:\ProgramData\G Data
2014-10-04 06:19 - 2014-10-04 06:19 - 00972865 _____ () C:\Users\mobil_2\Downloads\WinDlg_v1_27.zip
2014-10-04 06:19 - 2014-10-04 06:19 - 00000000 ____D () C:\Users\mobil_2\Downloads\WinDlg_v1_27
2014-10-04 06:19 - 2014-10-04 06:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2014-10-04 06:19 - 2014-10-04 06:19 - 00000000 ____D () C:\Program Files (x86)\Western Digital Corporation
2014-10-04 06:10 - 2014-10-04 06:14 - 200825928 _____ (G Data Software AG) C:\Users\mobil_2\Downloads\INT_R_BASE_2015_IS.exe
2014-10-04 05:49 - 2014-10-04 05:50 - 00000000 ____D () C:\Users\mobil_2\AppData\Roaming\Wise Registry Cleaner
2014-10-04 05:48 - 2014-10-04 05:48 - 01101648 _____ () C:\Users\mobil_2\Downloads\Wise Registry Cleaner - CHIP-Installer.exe
2014-10-04 05:48 - 2014-10-04 05:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2014-10-04 05:48 - 2014-10-04 05:48 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-10-04 04:58 - 2014-10-04 04:58 - 02405664 _____ (Trend Micro Inc.) C:\Users\mobil_2\Downloads\HousecallLauncher64.exe
2014-10-03 08:16 - 2014-10-03 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
2014-10-03 08:16 - 2014-10-03 08:16 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-10-03 08:15 - 2014-10-03 08:15 - 00812344 _____ (Trend Micro Inc.) C:\Users\mobil_2\Downloads\HJTInstall.exe
2014-10-03 08:14 - 2014-10-03 08:37 - 00000000 ____D () C:\Users\mobil_2\Downloads\lastactivityview
2014-10-03 08:13 - 2014-10-03 08:13 - 00071671 _____ () C:\Users\mobil_2\Downloads\lastactivityview.zip
2014-10-01 08:29 - 2014-10-01 08:29 - 00001043 _____ () C:\Users\mobil_2\Desktop\EasyCash&Tax.lnk
2014-10-01 08:29 - 2014-10-01 08:29 - 00000000 ____D () C:\Users\mobil_2\AppData\Local\CrashRpt
2014-10-01 08:29 - 2014-10-01 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyCash
2014-10-01 08:29 - 2014-10-01 08:29 - 00000000 ____D () C:\Program Files (x86)\EasyCash&Tax
2014-10-01 08:28 - 2014-10-01 08:29 - 13536304 _____ (tm ) C:\Users\mobil_2\Downloads\ECTSetup.exe
2014-09-30 07:25 - 2014-09-30 07:25 - 01143253 _____ () C:\Users\mobil_2\Downloads\modern2012.zip
2014-09-28 23:45 - 2014-09-28 23:45 - 00000000 ___RD () C:\Users\mobil_2\AppData\Roaming\Brother
2014-09-28 23:19 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-28 23:19 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-28 23:10 - 2014-09-28 23:10 - 00000425 _____ () C:\WINDOWS\BRWMARK.INI
2014-09-28 23:10 - 2014-09-28 23:10 - 00000027 _____ () C:\WINDOWS\BRPP2KA.INI
2014-09-28 22:58 - 2014-09-28 22:58 - 00000000 ____D () C:\ProgramData\Brother
2014-09-25 09:39 - 2014-09-25 09:39 - 00000000 ____D () C:\Users\mobil_2\AppData\Roaming\NVIDIA
2014-09-23 20:22 - 2014-09-23 20:22 - 00000956 _____ () C:\Users\mobil_2\Desktop\Top-Faktura 7.0.lnk
2014-09-23 20:22 - 2014-09-23 20:22 - 00000000 ____D () C:\Users\mobil_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Top-Faktura 7.0
2014-09-23 20:22 - 2014-09-23 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Top-Faktura 7.0
2014-09-23 20:22 - 2014-09-23 20:22 - 00000000 ____D () C:\Program Files (x86)\TopFakt7
2014-09-23 20:22 - 2014-09-23 20:22 - 00000000 ____D () C:\Program Files (x86)\Gemeinsame Dateien
2014-09-23 13:10 - 2014-09-23 13:10 - 00000000 ____D () C:\Users\mobil_2\AppData\Local\Adobe
2014-09-22 13:21 - 2014-09-22 13:21 - 00000000 ____D () C:\ProgramData\LHService
2014-09-22 10:25 - 2014-09-22 10:25 - 06626832 _____ (TeamViewer GmbH) C:\Users\mobil_2\Downloads\TeamViewer_Setup_de.exe
2014-09-22 10:24 - 2014-09-22 10:24 - 04972848 _____ (TeamViewer) C:\Users\mobil_2\Downloads\TeamViewerQS_de.exe
2014-09-22 10:24 - 2014-09-22 10:24 - 00000000 ____D () C:\Users\mobil_2\AppData\Roaming\TeamViewer
2014-09-21 20:06 - 2014-09-21 20:06 - 04464640 _____ (HTTrack ) C:\Users\mobil_2\Downloads\httrack_x64-3.48.19.exe
2014-09-20 16:07 - 2014-09-20 16:07 - 00000000 ____D () C:\Users\mobil_2\Downloads\e-a_excel-rechner
2014-09-20 16:06 - 2014-09-20 16:06 - 00095037 _____ () C:\Users\mobil_2\Downloads\e-a_excel-rechner.zip
2014-09-20 15:22 - 2014-09-22 13:21 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-20 15:22 - 2014-09-22 11:14 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software
2014-09-20 15:22 - 2014-09-20 15:22 - 01106472 _____ (NCH Software) C:\Users\mobil_2\Downloads\easetupfree.exe
2014-09-20 14:59 - 2014-09-23 20:22 - 00000000 ____D () C:\BDE401
2014-09-20 14:59 - 2014-09-20 14:59 - 00000932 _____ () C:\Users\mobil_2\Desktop\Top-EA 4.0.lnk
2014-09-20 14:59 - 2014-09-20 14:59 - 00000000 ____D () C:\Users\mobil_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Top-EA 4.0
2014-09-20 14:59 - 2014-09-20 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Top-EA 4.0
2014-09-20 14:59 - 2014-09-20 14:59 - 00000000 ____D () C:\Program Files (x86)\TopEA4
2014-09-20 14:58 - 2014-09-20 14:58 - 00000000 ____D () C:\Program Files (x86)\Amicron-Faktura 8.5
2014-09-17 13:50 - 2014-09-17 13:50 - 00063053 _____ () C:\Users\mobil_2\Downloads\20140917-100171065-umsatz.csv
2014-09-17 10:23 - 2014-09-17 10:23 - 00000053 _____ () C:\Users\mobil_2\Downloads\googlea8d75f47a0e46238.html
2014-09-16 07:25 - 2014-09-16 07:25 - 00000600 _____ () C:\Users\mobil_2\AppData\Local\PUTTY.RND
2014-09-14 15:04 - 2014-10-02 23:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-05 07:38 - 2014-10-04 05:15 - 00277122 _____ () C:\Users\mobil_2\AppData\Local\census.cache
2014-09-05 07:38 - 2014-10-04 05:15 - 00116047 _____ () C:\Users\mobil_2\AppData\Local\ars.cache
2014-09-05 07:24 - 2014-09-05 07:24 - 00000036 _____ () C:\Users\mobil_2\AppData\Local\housecall.guid.cache
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-05 10:53 - 2014-07-18 13:23 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3144644184-4217118365-2383263394-1003
2014-10-05 10:48 - 2014-07-18 19:08 - 00012533 _____ () C:\WINDOWS\setupact.log
2014-10-05 10:48 - 2014-07-18 15:09 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-05 10:48 - 2014-07-18 13:18 - 00000000 ____D () C:\Users\mobil_2
2014-10-05 10:43 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-05 10:42 - 2014-07-18 10:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-05 02:55 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-05 02:55 - 2014-03-18 11:25 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-05 02:55 - 2014-03-18 11:25 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-05 02:26 - 2014-07-18 15:09 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-05 02:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-04 07:51 - 2013-08-22 16:44 - 00433696 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-04 07:36 - 2014-07-18 10:27 - 01967225 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-04 05:55 - 2014-07-31 20:39 - 00000000 ____D () C:\Program Files\Kyocera
2014-10-04 05:55 - 2014-03-18 03:50 - 00022474 _____ () C:\WINDOWS\PFRO.log
2014-10-04 05:32 - 2014-07-18 10:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-03 18:46 - 2014-07-21 22:23 - 00000848 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-10-03 08:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-03 00:25 - 2013-05-15 11:42 - 00000000 ____D () C:\ProgramData\Temp
2014-10-02 23:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-02 23:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-02 23:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-02 23:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-02 23:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-09-29 11:20 - 2014-07-18 15:21 - 00000000 ____D () C:\Users\mobil_2\AppData\Roaming\FreeFileSync
2014-09-28 23:28 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-28 23:23 - 2014-07-17 11:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-23 13:12 - 2014-07-31 19:35 - 00000000 ____D () C:\Users\mobil_2\AppData\Local\Unity
2014-09-22 13:22 - 2014-08-01 08:49 - 00000000 ____D () C:\Program Files\LockHunter
2014-09-21 19:19 - 2014-07-18 15:01 - 00000000 ____D () C:\Users\mobil_2\AppData\Roaming\FileZilla
2014-09-21 19:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-09-20 14:59 - 2014-07-18 13:18 - 00000000 ____D () C:\Users\mobil_2\AppData\Local\VirtualStore
2014-09-20 10:36 - 2014-07-18 15:09 - 00000000 ____D () C:\Users\mobil_2\AppData\Local\Google
2014-09-20 10:36 - 2014-07-18 15:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-18 18:27 - 2014-07-18 15:03 - 00000000 ____D () C:\Users\mobil_2\AppData\Roaming\vlc
2014-09-14 15:05 - 2014-07-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\mobil_2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\mobil_2\AppData\Local\Temp\ochelper.dll
C:\Users\mobil_2\AppData\Local\Temp\ochelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-01 07:34
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-10-2014 01
Ran by mobil_2 at 2014-10-05 10:53:34
Running from F:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACDSee 6.0 Standard (HKLM-x32\...\{A460B835-CF65-4753-A506-227A6E12C0E3}) (Version: 6.0.2 - ACD Systems Ltd.)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3017 - Acer Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{6F33B065-4478-44EE-8E5F-A40BBD61619F}) (Version: 20.2.45.72438 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.2.45.72438 - Alcor Micro Corp.) Hidden
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang BR (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang CZ (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang EN (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang FR (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang IT (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang NL (x32 Version: 14.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Graphics Suite X4 - Lang PL (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang SU (x32 Version: 14.0 - Yrityksen nimi) Hidden
CorelDRAW Graphics Suite X4 - Lang SV (x32 Version: 14.0 - Ditt företagsnamn) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: - Corel Corporation)
Data Lifeguard Diagnostic for Windows 1.27 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 6.5 (HKLM-x32\...\EaseUS Todo Backup Free 6.5_is1) (Version: 6.5 - CHENGDU YIWO Tech Development Co., Ltd)
EasyCash&Tax 2.14 (HKLM-x32\...\EasyCash&Tax_is1) (Version: - tm)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
FreeFileSync 6.7 (HKLM-x32\...\FreeFileSync) (Version: 6.7 - Zenju)
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.2 - G DATA Software AG)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3007 - Acer Incorporated)
HP Officejet 4620 series - Grundlegende Software für das Gerät (HKLM\...\{B16F9E6E-1388-472C-98C3-F32D397EF85D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3005 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel(R) Network Connections 18.1.59.0 (Version: 18.1.59.0 - Intel) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
klickTel OEM Frühjahr 2012 (HKLM-x32\...\{D8F10EFC-6688-4BE8-8318-44AE4F972548}) (Version: 1.00.0000 - telegate MEDIA AG)
MAGIX Screenshare (HKLM-x32\...\{A95E668D-5B58-43E4-9E10-BFF43E943AEB}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{F5CA1223-2B80-4901-AB52-1595A7DE13D1}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 17 Plus Sonderedition (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_plus) (Version: 10.0.12.2 - MAGIX AG)
MAGIX Video deluxe 17 Plus Sonderedition (x32 Version: 10.0.12.2 - MAGIX AG) Hidden
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Expression Web 4 (x32 Version: 4.0.1460.0 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NVIDIA 3D Vision Controller-Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 311.06 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39039 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
StreamTransport version: 1.1.6.2 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Top-EA 4.0 (c) Amicron Software (HKLM-x32\...\Top-EA 3.0) (Version: - )
Top-Faktura 7.0 business edition (c) Amicron Software (HKLM-x32\...\Top-Faktura 7.0 business edition) (Version: - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Wise Registry Cleaner 8.23 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.23 - WiseCleaner.com, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
04-10-2014 04:56:02 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0661E145-8165-45E2-818F-B452CE5E1B87} - System32\Tasks\{CCD7796C-15A1-4D75-9FE6-0D1D3BCF6008} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.59.187&LastError=404
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FE9285D-CDE4-466A-92F8-F887214BC768} - System32\Tasks\{420DCB07-8285-486B-A73F-080419726950} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.18.0.105/de/abandoninstall?page=tsPlugin
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21653024-AF23-4A39-98DA-39D155A8C54B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2A8987B1-FC29-4902-AFCE-51E65C1ABAE9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-29] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3AE37246-8A22-4B20-8460-2F08152905D5} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-04-02] (Acer Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D6729D4-A99D-4C7A-A273-7BADD0AC6774} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BC4961E-113B-48E1-A201-0DAF318C4FA6} - System32\Tasks\{B5BC3209-0B01-4CEA-B964-60BAA52E695B} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.59.187/de/eula?source=lightinstaller
Task: {4FA4BC7E-8652-4F1B-8245-54116112A604} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18] (Google Inc.)
Task: {52E7EAE9-C055-41F2-85E8-99044A09E080} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {5B7DDEE6-5E9C-4E13-9142-BCAD0FF48423} - System32\Tasks\{E9D94291-A814-4C18-9D2B-CB38F1B3EFA6} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.59.187&LastError=404
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B35EC35-DED5-4EB7-B9DE-0E609B2BF2B3} - System32\Tasks\{2F47C6EE-6E8E-4CAC-93A6-F53F1FFFED72} => Firefox.exe hxxp://ui.skype.com/ui/0/6.18.59.106/de/abandoninstall?page=tsMain
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {717EB07A-C83F-4A48-BFC3-744305CB5CC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18] (Google Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DC4D7B7C-3C14-4DBA-B3F2-E0840AAC88D2} - System32\Tasks\{ABC8465A-58C1-4426-B5EA-0ED926E57BFD} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.59.187/de/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2014-07-19 01:27 - 2013-11-14 14:59 - 00031304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2014-07-19 01:27 - 2008-11-25 17:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2014-07-19 01:27 - 2004-10-05 03:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2014-07-19 01:27 - 2014-01-13 18:06 - 00105544 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00030280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00192072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2014-07-19 01:27 - 2013-12-23 11:01 - 00281672 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00022600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00192584 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2014-07-19 01:27 - 2013-10-22 17:31 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00135240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2014-07-19 01:27 - 2013-12-24 17:42 - 00017992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2014-07-19 01:27 - 2013-09-04 11:19 - 00249928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\uexper.dll
2014-04-25 07:25 - 2013-03-12 07:20 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "EaseUs Tray"
HKLM\...\StartupApproved\Run32: => "EaseUs Watch"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TrayServer"
========================= Accounts: ==========================
Administrator (S-1-5-21-3144644184-4217118365-2383263394-500 - Administrator - Disabled)
Gast (S-1-5-21-3144644184-4217118365-2383263394-501 - Limited - Disabled)
mobil_2 (S-1-5-21-3144644184-4217118365-2383263394-1003 - Administrator - Enabled) => C:\Users\mobil_2
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/05/2014 02:16:39 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1404) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 36864 (0x0000000000009000) für 4096 (0x00001000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/05/2014 02:15:05 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1404) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 32768 (0x0000000000008000) für 32768 (0x00008000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/05/2014 02:14:03 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1404) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 0 (0x0000000000000000) für 65536 (0x00010000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/05/2014 02:10:38 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1404) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 32768 (0x0000000000008000) für 32768 (0x00008000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/05/2014 02:09:35 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1404) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 0 (0x0000000000000000) für 65536 (0x00010000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/05/2014 02:09:15 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1404) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 32768 (0x0000000000008000) für 32768 (0x00008000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/05/2014 02:08:06 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1404) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 0 (0x0000000000000000) für 65536 (0x00010000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/04/2014 08:34:44 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1500) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 32768 (0x0000000000008000) für 32768 (0x00008000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/04/2014 08:33:13 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1500) SRUJet: Versuch, aus Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" bei Offset 0 (0x0000000000000000) für 65536 (0x00010000) Bytes zu lesen, ist nach svchost0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Leseoperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/04/2014 08:31:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14211.177, Zeitstempel: 0x53d842e7
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.3.9600.16384, Zeitstempel: 0x52157dee
Ausnahmecode: 0xc0020043
Fehleroffset: 0x0005183c
ID des fehlerhaften Prozesses: 0xd34
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3
Vollständiger Name des fehlerhaften Pakets: AVKProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKProxy.exe5
System errors:
=============
Error: (10/05/2014 10:46:37 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1068GDFwSvc-Service{1DED95CA-C567-464A-B405-087EDDF0B095}
Error: (10/05/2014 10:46:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "G DATA Personal Firewall" ist vom Dienst "G DATA Dateisystem Wächter" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Error: (10/05/2014 10:46:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "G DATA Dateisystem Wächter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/05/2014 10:46:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G DATA Dateisystem Wächter erreicht.
Error: (10/05/2014 10:43:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "G DATA Dateisystem Wächter" ist vom Dienst "G DATA Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Error: (10/05/2014 10:43:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "G DATA Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/05/2014 10:43:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G DATA Scanner erreicht.
Error: (10/05/2014 10:39:04 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys
Error: (10/05/2014 10:43:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.10.2014 um 03:08:44 unerwartet heruntergefahren.
Error: (10/05/2014 02:36:10 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys
Microsoft Office Sessions:
=========================
Error: (10/05/2014 02:16:39 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1404SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat36864 (0x0000000000009000)4096 (0x00001000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/05/2014 02:15:05 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1404SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat32768 (0x0000000000008000)32768 (0x00008000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/05/2014 02:14:03 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1404SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat0 (0x0000000000000000)65536 (0x00010000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/05/2014 02:10:38 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1404SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat32768 (0x0000000000008000)32768 (0x00008000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/05/2014 02:09:35 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1404SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat0 (0x0000000000000000)65536 (0x00010000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/05/2014 02:09:15 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1404SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat32768 (0x0000000000008000)32768 (0x00008000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/05/2014 02:08:06 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1404SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat0 (0x0000000000000000)65536 (0x00010000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/04/2014 08:34:44 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1500SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat32768 (0x0000000000008000)32768 (0x00008000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/04/2014 08:33:13 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost1500SRUJet: C:\WINDOWS\system32\SRU\SRUDB.dat0 (0x0000000000000000)65536 (0x00010000)-1022 (0xfffffc02)1117 (0x0000045d)Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. 0.020
Error: (10/04/2014 08:31:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKProxy.exe1.5.14211.17753d842e7RPCRT4.dll6.3.9600.1638452157deec00200430005183cd3401cfdf984c85839aC:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exeC:\WINDOWS\SYSTEM32\RPCRT4.dll175ea7d5-4b90-11e4-be8c-448a5b9794ca
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 13%
Total physical RAM: 8116.6 MB
Available physical RAM: 7023.61 MB
Total Pagefile: 9972.6 MB
Available Pagefile: 8490.44 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:101.09 GB) (Free:47.27 GB) NTFS
Drive d: () (Fixed) (Total:813.54 GB) (Free:418.45 GB) NTFS
Drive f: (DISC) (Removable) (Total:7.52 GB) (Free:4.43 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9616D01E)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 37089E90)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)
==================== End Of Log ============================ soll ich jetzt "FIX" ausführen oder sieht es aus als ob die Platte wirklich einen Defekt hat? |