| guentherw | 27.10.2014 22:32 |
frst
danke schrauber. habe avast scan im booten abgebrochen infizierte msiexec.exe nicht in container verschoben. weitergebootet
mit # einfügen? funktionierte nicht. habe reinkopiert. bitte um weitere anleitungen. danke
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by ***** (administrator) on **** on 27-10-2014 19:31:10
Running from C:\Users\g.****\Downloads
Loaded Profile: g.**** (Available profiles: Admin & g.****)
Platform: Windows 7 Professional (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Avira Security Management Center Agent\agent.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Users\g.****\Qtrax\Player\Notification.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [StopDefragment] => Install\StopDefragment.exe
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768 2011-10-10] (Avira GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-10-10] (APN)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-26] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1611584 2014-10-21] (Spigot, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Run: [QtraxNotification] => C:\Users\g.****\Qtrax\Player\Notification.exe [118568 2013-07-29] ()
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Run: [dvgtesp] => regsvr32.exe "
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Run: [temhbwj] => regsvr32.exe "
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Run: [syskey] => "C:\Users\g.****\AppData\Roaming\Microsoft\Windows\IEUpdate\syskey.exe"
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Run: [dccw] => "C:\Users\g.****\AppData\Roaming\Microsoft\Windows\IEUpdate\dccw.exe"
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\Policies\Explorer: [Run] "C:\Users\g.****\AppData\Roaming\Microsoft\Windows\IEUpdate\taskkill.exe"
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\MountPoints2: {53c3c635-92c1-11e1-a744-74f06dd08b0f} - F:\AutoRun.exe
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\MountPoints2: {53c3c646-92c1-11e1-a744-74f06dd08b0f} - F:\AutoRun.exe
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\MountPoints2: {88f8fb3f-dc02-11e2-97c7-74f06dd08b0f} - F:\AutoRun.exe
HKU\S-1-5-21-347766451-462584187-1723808825-1336\...\MountPoints2: {e1a9d4c5-cf35-11e2-8119-001e101f1843} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\g.****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dccw.lnk
ShortcutTarget: dccw.lnk -> C:\Users\g.****\AppData\Roaming\Microsoft\Windows\IEUpdate\dccw.exe (No File)
Startup: C:\Users\g.****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\g.****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\syskey.lnk
ShortcutTarget: syskey.lnk -> C:\Users\g.****\AppData\Roaming\Microsoft\Windows\IEUpdate\syskey.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\10.0\pdfforgeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\10.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {B1339902-CA3D-4754-804E-9ADA9F8C0B60} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1786F5B0-C834-422C-8C92-083E850EAF86} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^YYYYYY^YY^DE&apn_uid=23425EC2-0913-4994-A6D7-1BD0FDBEA40C&apn_sauid=02A4D7D1-273D-4297-AE29-174AF6CD12F7
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - {B1339902-CA3D-4754-804E-9ADA9F8C0B60} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Ask Shopping Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Wajam -> {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -> C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: pdfforge Toolbar -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> C:\Program Files (x86)\pdfforge Toolbar\IE\10.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Shopping Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DealPly -> {EF7BD87A-8024-11E2-F316-F3E56188709B} -> C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\10.0\pdfforgeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\10.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{37AD93E9-DA1F-42F5-B753-DF45F69A9B77}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{82967B91-DF95-410D-B46F-471B9D5EB0E9}: [NameServer] 141.30.93.226,141.30.93.135
Tcpip\..\Interfaces\{95EB8C15-CF4D-4ABD-B403-83F82E2B4627}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{B4155EBF-E4A0-424F-98CC-A39EA1453FB3}: [NameServer] 193.189.244.225 193.189.244.206
FireFox:
========
FF ProfilePath: C:\Users\g.****\AppData\Roaming\Mozilla\Firefox\Profiles\s8x6rwk3.default-1399060898605
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-26]
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-04-04]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\g.****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U34) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.340.4) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\g.****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Toolbar) - C:\Users\g.****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2013-04-21]
CHR Extension: (Wajam) - C:\Users\g.****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-04-23]
CHR Extension: (Skype Click to Call) - C:\Users\g.****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-10-09]
CHR HKLM\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\ToolbarCR.crx [2014-10-15]
CHR HKLM\...\Chrome\Extension: [dleekdifoepfadaikncodjgnkkffkccd] - C:\Users\GC395~1.WEI\AppData\Local\BostonMarketOne.crx [2013-07-29]
CHR HKLM\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\GC395~1.WEI\AppData\Local\InfoBirdPro.crx [2013-08-19]
CHR HKLM\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\GC395~1.WEI\AppData\Local\FastDiscountz.crx [2013-09-04]
CHR HKCU\...\Chrome\Extension: [dleekdifoepfadaikncodjgnkkffkccd] - C:\Users\GC395~1.WEI\AppData\Local\BostonMarketOne.crx [2013-07-29]
CHR HKCU\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\GC395~1.WEI\AppData\Local\InfoBirdPro.crx [2013-08-19]
CHR HKCU\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\GC395~1.WEI\AppData\Local\FastDiscountz.crx [2013-09-04]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\ToolbarCR.crx [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [dleekdifoepfadaikncodjgnkkffkccd] - C:\Users\GC395~1.WEI\AppData\Local\BostonMarketOne.crx [2013-07-29]
CHR HKLM-x32\...\Chrome\Extension: [fmfnfnpmhcllokmkepffndflpnadjmma] - C:\Program Files (x86)\DealPly\DealPly.crx [2013-04-23]
CHR HKLM-x32\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\GC395~1.WEI\AppData\Local\InfoBirdPro.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\g.****\AppData\Local\Wajam\Chrome\wajam.crx [2013-04-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM-x32\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\GC395~1.WEI\AppData\Local\FastDiscountz.crx [2013-09-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AFBAgent; C:\Windows\system32\FBAgent.exe [377264 2010-09-30] (ASUSTeK Computer Inc.) [File not signed]
R2 AntiVir Security Management Center Agent; C:\Program Files (x86)\Avira\Avira Security Management Center Agent\agent.exe [1131777 2012-12-25] (Avira Operations GmbH & Co. KG) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [340136 2011-10-10] (Avira GmbH)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360 2011-10-10] (Avira GmbH)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480 2011-10-10] (Avira GmbH)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [428200 2011-10-10] (Avira GmbH)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-22] (APN LLC.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-26] (AVAST Software)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8551272 2009-12-08] (DisplayLink Corp.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-04-04] (Wajam) [File not signed] <==== ATTENTION
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-10-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-10-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-26] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88288 2011-10-10] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [123784 2011-10-10] (Avira GmbH)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [17408 2011-09-16] (hxxp://libusb-win32.sourceforge.net)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [246224 2010-05-11] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-05-11] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
S3 MOSUMAC; C:\Windows\System32\DRIVERS\USBMAC64.SYS [55296 2009-12-08] (--)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-27 19:31 - 2014-10-27 19:32 - 00030664 _____ () C:\Users\g.****\Downloads\FRST.txt
2014-10-27 19:30 - 2014-10-27 19:31 - 00000000 ____D () C:\FRST
2014-10-27 19:29 - 2014-10-27 19:29 - 02113024 _____ (Farbar) C:\Users\g.****\Downloads\FRST64.exe
2014-10-26 00:16 - 2014-10-26 00:16 - 00000000 ____D () C:\Program Files (x86)\pdfforge Toolbar
2014-10-26 00:16 - 2014-10-26 00:16 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-10-26 00:15 - 2014-10-26 00:15 - 00000000 ____D () C:\Users\g.****\AppData\Roaming\AVAST Software
2014-10-26 00:06 - 2014-10-26 00:06 - 00279704 _____ () C:\Windows\Minidump\102614-27393-01.dmp
2014-10-26 00:04 - 2014-10-27 19:11 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-26 00:03 - 2014-10-26 00:04 - 36818984 _____ (Dropbox, Inc.) C:\Users\Public\Desktop\DropboxInstallerAvast.exe
2014-10-26 00:02 - 2014-10-26 00:01 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-26 00:02 - 2014-10-26 00:01 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-26 00:02 - 2014-10-26 00:01 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-26 00:02 - 2014-10-26 00:01 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-26 00:02 - 2014-10-26 00:01 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-26 00:02 - 2014-10-26 00:01 - 00082768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-26 00:02 - 2014-10-26 00:01 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-26 00:02 - 2014-10-26 00:01 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-26 00:02 - 2014-10-26 00:00 - 01049920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-26 00:01 - 2014-10-26 00:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-25 23:57 - 2014-10-25 23:57 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-25 23:49 - 2014-10-25 23:57 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-25 23:37 - 2014-10-25 23:41 - 131078000 _____ (AVAST Software) C:\Users\g.****\Downloads\avast_free_antivirus_setup.exe
2014-10-25 22:54 - 2014-10-25 22:54 - 00000000 _____ () C:\Users\g.****\AppData\Local\{2CE96A2B-4C66-4F8D-9508-A214B17D435E}
2014-10-25 18:06 - 2014-10-25 18:06 - 00857251 _____ () C:\Users\g.****\Downloads\Anhänge_20141025(1).zip
2014-10-25 18:05 - 2014-10-25 18:06 - 00417680 _____ () C:\Users\g.****\Downloads\Anhänge_20141025.zip
2014-10-24 02:21 - 2014-10-26 00:12 - 00000000 ____D () C:\Users\g.****\AppData\Roaming\Ehafas
2014-10-24 02:19 - 2014-10-26 00:12 - 00000000 ___HD () C:\Users\g.****\AppData\Roaming\2EB42334
2014-10-23 14:33 - 2014-10-23 14:33 - 00000000 ____D () C:\Users\g.****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-10-22 16:37 - 2014-10-22 16:37 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-22 16:37 - 2014-10-22 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-22 02:02 - 2014-10-24 01:37 - 00000000 ____D () C:\Users\g.****\AppData\Local\Deployment
2014-10-22 02:02 - 2014-10-22 02:02 - 00000000 ____D () C:\Users\g.****\AppData\Local\Apps\2.0
2014-10-21 22:38 - 2014-10-21 22:38 - 08088762 _____ () C:\Users\g.****\Downloads\Anhänge_20141021.zip
2014-10-16 13:48 - 2014-10-16 13:48 - 17323696 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-27 19:32 - 2011-03-08 05:28 - 01717745 _____ () C:\Windows\WindowsUpdate.log
2014-10-27 19:21 - 2011-10-10 11:20 - 00000000 ____D () C:\Users\g.****\AppData\Roaming\Skype
2014-10-27 19:21 - 2009-07-14 05:45 - 00010032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-27 19:21 - 2009-07-14 05:45 - 00010032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-27 19:16 - 2009-08-04 12:10 - 00670962 _____ () C:\Windows\system32\perfh007.dat
2014-10-27 19:16 - 2009-08-04 12:10 - 00135402 _____ () C:\Windows\system32\perfc007.dat
2014-10-27 19:16 - 2009-07-14 06:13 - 01537866 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-27 19:12 - 2014-06-11 16:11 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-10-27 19:12 - 2011-09-16 15:58 - 00000000 ____D () C:\Program Files\DisplayLink Core Software
2014-10-27 19:10 - 2011-03-08 05:42 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-27 19:09 - 2012-06-20 14:24 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-10-27 19:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-27 19:08 - 2011-03-08 06:05 - 06465456 _____ () C:\Windows\PFRO.log
2014-10-27 19:08 - 2009-07-14 05:51 - 00097852 _____ () C:\Windows\setupact.log
2014-10-26 00:07 - 2011-03-08 06:21 - 00002224 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-10-26 00:07 - 2011-03-08 06:21 - 00001433 _____ () C:\Windows\system32\ServiceFilter.ini
2014-10-26 00:06 - 2013-07-02 11:34 - 603053953 _____ () C:\Windows\MEMORY.DMP
2014-10-26 00:06 - 2013-07-02 11:34 - 00000000 ____D () C:\Windows\Minidump
2014-10-26 00:06 - 2013-04-23 15:32 - 00000300 _____ () C:\Windows\Tasks\DSite.job
2014-10-26 00:04 - 2011-03-08 05:42 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-25 23:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-10-25 23:52 - 2013-07-02 16:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-25 23:35 - 2014-02-14 00:35 - 00000306 _____ () C:\Windows\Tasks\Digital Sites.job
2014-10-25 23:35 - 2013-07-29 14:35 - 00000093 _____ () C:\Users\g.****\AppData\Roaming\WB.CFG
2014-10-25 23:05 - 2013-04-24 23:02 - 00000000 ____D () C:\Users\g.****\AppData\Local\CUSTPDF Writer
2014-10-25 22:49 - 2011-09-16 15:54 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-10-24 22:56 - 2014-06-11 11:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-22 16:37 - 2011-10-10 11:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-22 16:37 - 2011-10-10 11:20 - 00000000 ____D () C:\ProgramData\Skype
2014-10-18 11:29 - 2011-03-08 05:42 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 11:29 - 2011-03-08 05:42 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 13:48 - 2013-07-02 16:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-16 13:48 - 2012-04-23 12:41 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-16 13:48 - 2012-01-18 02:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 13:06 - 2013-04-23 13:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\MSN254E.exe
C:\Users\Administrator\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-10 21:47
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
Ran by g.**** at 2014-10-27 19:33:53
Running from C:\Users\g.****\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AntiVir Desktop (Disabled - Out of date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Disabled - Out of date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.4518.1014 - Microsoft Corporation)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
AFORS-HET 2.4.1 (HKLM-x32\...\AFORS-HET_is1) (Version: - Helmholtz-Zentrum Berlin)
Ask Shopping Toolbar (HKLM-x32\...\{4F524A00-6A76-A76A-76A7-A758B70C1200}) (Version: 12.18.0.89 - APN, LLC) <==== ATTENTION
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.41 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
Asus_PSeries_Screensaver (HKLM-x32\...\Asus_PSeries_Screensaver) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.3.585 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Avira AntiVir Professional (HKLM-x32\...\Avira AntiVir Desktop) (Version: 10.2.0.1064 - Avira GmbH)
Avira Security Management Center Agent (HKLM-x32\...\{F3493E2F-B147-4EDD-9AE2-5DEDB8776232}) (Version: - Avira GmbH)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.)
Bootstrapper (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.127.0.61 - Conexant)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.9 - ASUS)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1622 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.6.1622 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DealPly (HKCU\...\DealPly) (Version: - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.6.1 - DealPly Technologies Ltd.) <==== ATTENTION
DisplayLink Core Software (HKLM\...\{34000989-17D6-4271-9800-D78CF94B3BED}) (Version: 5.2.22617.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{DB6D5CB2-92FF-4B41-98AA-54C62C926E83}) (Version: 5.2.22826.0 - DisplayLink Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.7 - ASUS)
FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2532 - HYBRIDWEB.de)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)
Free DWG Viewer 7.0 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.0.1 - IGC)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.)
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216034FF}) (Version: 6.0.370 - Oracle)
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version: - Oberon Media Inc.)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.23.4 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Luxor 3 (HKLM-x32\...\Luxor 3) (Version: - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version: - Oberon Media Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.2.1 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.1.0.0 - Minitab, Inc.)
Minitab16 (x32 Version: 16.2.1.0 - Minitab Inc) Hidden
Minitab16 (x32 Version: 16.2.1.0 - Minitab, Inc.) Hidden
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: - Mobile Connection Manager)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.03.02.705 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenProj (HKLM-x32\...\{13702021-43FB-480C-912F-D9B74A538288}) (Version: 1.4.0 - Serena Software Inc.)
PDF Creator (HKLM\...\PDF Creator) (Version: - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v10.0 (HKLM-x32\...\{B9653183-1A31-40AE-A38E-98AF27EA5B0E}) (Version: 10.0 - Spigot, Inc.) <==== ATTENTION
Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version: - Oberon Media Inc.)
Qtrax Connection Manager (HKCU\...\Qtrax Connection Manager) (Version: 20.13.07.02 - Qtrax Inc)
Qtrax Player (HKCU\...\2629563060.portal.qtrax.com) (Version: - portal.qtrax.com)
Qtrax Player (HKLM-x32\...\{58C91689-85E3-4B25-ADEC-2697986DF817}) (Version: 1.00.0001 - Qtrax)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.02.00 - Samsung Electronics Co., Ltd.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SoftwareManager (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
STP Viewer 2.3 (HKLM-x32\...\{CECCF8B1-F595-4845-9AA6-1EC57B9BECBA}_is1) (Version: - IdeaMK)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Update for PDF Creator (HKCU\...\DSite) (Version: - ) <==== ATTENTION
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - )
USB-Ethernet Adapter Device (HKLM\...\USB-Ethernet Adapter Device) (Version: - )
Wajam (HKLM-x32\...\Wajam) (Version: 1.76 - Wajam) <==== ATTENTION
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.600 - Broadcom Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419) (HKLM\...\85CE3A3657FAE5FD305B143E90E6FC89BA53001C) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417) (HKLM\...\7341A1B43E7FE58942EB1E820A17C18305DFBCE6) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\2AA10AB519DC7432D599A0E860206A7DDCC27764) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
מסייע Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2012-03-30 15:41 - 00000848 ____A C:\Windows\system32\Drivers\etc\hosts
server01 10.80.240.8
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {199F694F-1F73-4C29-8460-D1D17CF0473A} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-10-15] (ASUS)
Task: {1CFE1816-0ADE-46C4-9098-A5D1BA7AD337} - System32\Tasks\DSite => C:\Users\g.****\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-04-23] () <==== ATTENTION
Task: {1DC43702-0414-4A71-886A-DBDB51BE4792} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {407C5DC9-0B7B-4619-91AA-629C5C5CDA7E} - System32\Tasks\Digital Sites => C:\Users\GC395~1.WEI\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {41236232-A183-4D05-BFA3-1C0522B91544} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-26] (AVAST Software)
Task: {48A2D53D-A977-4528-AB9D-9F7CCCD0C2D9} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {5A254883-3B20-45DB-B4AD-2C65E1E8242C} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-12] ()
Task: {5ADEBF77-533D-419F-A0D3-1D680F36060F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {612C6DC8-F1AB-41D7-B320-7316C739DA0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-16] (Adobe Systems Incorporated)
Task: {6663CCD4-A2B1-482F-8109-C1F3987A5249} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {66900E75-FE77-4146-84F8-3B50C35EA902} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {960F4542-7743-4E93-87E2-880A9DB261C7} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {A5D55876-4AD7-4E9F-8C78-627EFCB29E6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {AFD0E19F-FDCB-4086-9400-D6C0FACE4A8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {B9F1E749-5232-43D7-A81B-CB8920AAD0CA} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-10-01] (asus)
Task: {D2D0B001-178A-4E73-8824-A8C59565BA04} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {D5B2A4FE-307E-43AC-8999-358EA080D05D} - System32\Tasks\DealPlyUpdate => C:\Program <==== ATTENTION
Task: {DFB554F2-2CFB-4F0A-9440-5FDAA72708C3} - System32\Tasks\DealPly => C:\Users\g.****\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-02-27] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\GC395~1.WEI\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DSite.job => C:\Users\GC395~1.WEI\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-23 15:33 - 2011-10-04 21:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2011-10-24 11:39 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-07-09 15:01 - 2011-04-11 06:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2010-05-12 02:35 - 2010-05-12 02:35 - 00489392 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-03-08 06:22 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-03-16 02:48 - 2010-03-16 02:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2011-03-08 05:55 - 2011-03-08 05:55 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2011-03-08 05:55 - 2011-03-08 05:55 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-03-16 02:48 - 2010-03-16 02:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2013-07-08 13:32 - 2013-07-29 13:40 - 00118568 _____ () C:\Users\g.****\Qtrax\Player\Notification.exe
2010-03-12 05:14 - 2010-03-12 05:14 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-09-24 01:53 - 2010-09-24 01:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2014-10-26 00:08 - 2014-10-26 00:08 - 02897920 _____ () C:\Program Files\AVAST Software\Avast\defs\14102501\algo.dll
2014-10-27 19:10 - 2014-10-27 19:10 - 02898432 _____ () C:\Program Files\AVAST Software\Avast\defs\14102700\algo.dll
2011-10-10 10:03 - 2011-10-10 10:03 - 00355688 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-10-10 10:01 - 2011-12-01 11:36 - 00126721 _____ () C:\Program Files (x86)\Avira\Avira Security Management Center Agent\SCEWXMLW.dll
2014-06-11 16:10 - 2013-02-28 15:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-06-11 16:10 - 2013-07-15 15:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2014-06-11 16:10 - 2013-02-28 15:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2010-10-01 00:13 - 2010-10-01 00:13 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-10-01 00:13 - 2010-10-01 00:13 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-10-01 00:14 - 2010-10-01 00:14 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-10-01 00:13 - 2010-10-01 00:13 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2014-10-26 00:01 - 2014-10-26 00:01 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-06-11 11:41 - 2014-10-14 00:49 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-16 13:10 - 2014-10-16 13:10 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
========================= Accounts: ==========================
Admin (S-1-5-21-1122509215-102311790-3122138105-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1122509215-102311790-3122138105-500 - Administrator - Disabled)
Gast (S-1-5-21-1122509215-102311790-3122138105-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/25/2014 11:57:30 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\GC395~1.WEI\AppData\Local\Temp\_av_iup.tm~a12076\instup.exe /edition:1 /prod:ais /sfx /sfxstorage:C:\Users\GC395~1.WEI\AppData\Local\Temp\_av_iup.tm~a12076 ; Beschreibung = avast! antivirus system restore point; Fehler = 0x80070422).
Error: (10/25/2014 10:50:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Ereg.exe, Version: 5.2.0.2, Zeitstempel: 0x490ecc1a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c117f
ID des fehlerhaften Prozesses: 0xfc4
Startzeit der fehlerhaften Anwendung: 0xEreg.exe0
Pfad der fehlerhaften Anwendung: Ereg.exe1
Pfad des fehlerhaften Moduls: Ereg.exe2
Berichtskennung: Ereg.exe3
Error: (10/25/2014 07:54:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 6.0.6.722, Zeitstempel: 0x51ecf147
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0019117f
ID des fehlerhaften Prozesses: 0x196d4
Startzeit der fehlerhaften Anwendung: 0xFoxit Reader.exe0
Pfad der fehlerhaften Anwendung: Foxit Reader.exe1
Pfad des fehlerhaften Moduls: Foxit Reader.exe2
Berichtskennung: Foxit Reader.exe3
Error: (10/25/2014 07:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 6.0.6.722, Zeitstempel: 0x51ecf147
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002117f
ID des fehlerhaften Prozesses: 0x192e4
Startzeit der fehlerhaften Anwendung: 0xFoxit Reader.exe0
Pfad der fehlerhaften Anwendung: Foxit Reader.exe1
Pfad des fehlerhaften Moduls: Foxit Reader.exe2
Berichtskennung: Foxit Reader.exe3
Error: (10/25/2014 07:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 6.0.6.722, Zeitstempel: 0x51ecf147
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008117f
ID des fehlerhaften Prozesses: 0x9e78
Startzeit der fehlerhaften Anwendung: 0xFoxit Reader.exe0
Pfad der fehlerhaften Anwendung: Foxit Reader.exe1
Pfad des fehlerhaften Moduls: Foxit Reader.exe2
Berichtskennung: Foxit Reader.exe3
Error: (10/25/2014 07:46:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 6.0.6.722, Zeitstempel: 0x51ecf147
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003117f
ID des fehlerhaften Prozesses: 0x19a94
Startzeit der fehlerhaften Anwendung: 0xFoxit Reader.exe0
Pfad der fehlerhaften Anwendung: Foxit Reader.exe1
Pfad des fehlerhaften Moduls: Foxit Reader.exe2
Berichtskennung: Foxit Reader.exe3
Error: (10/25/2014 07:46:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 6.0.6.722, Zeitstempel: 0x51ecf147
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0255117f
ID des fehlerhaften Prozesses: 0x19518
Startzeit der fehlerhaften Anwendung: 0xFoxit Reader.exe0
Pfad der fehlerhaften Anwendung: Foxit Reader.exe1
Pfad des fehlerhaften Moduls: Foxit Reader.exe2
Berichtskennung: Foxit Reader.exe3
Error: (10/25/2014 07:45:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 6.0.6.722, Zeitstempel: 0x51ecf147
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000f117f
ID des fehlerhaften Prozesses: 0x19914
Startzeit der fehlerhaften Anwendung: 0xFoxit Reader.exe0
Pfad der fehlerhaften Anwendung: Foxit Reader.exe1
Pfad des fehlerhaften Moduls: Foxit Reader.exe2
Berichtskennung: Foxit Reader.exe3
Error: (10/25/2014 07:09:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 32.0.3.5379 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11a0c
Startzeit: 01cff06c638b1f69
Endzeit: 8588
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 00a92201-5c72-11e4-9971-74f06dd08b0f
Error: (10/25/2014 07:09:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xb464
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
System errors:
=============
Error: (10/27/2014 07:16:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (10/27/2014 07:15:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (10/27/2014 07:14:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/27/2014 07:14:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.
Error: (10/27/2014 07:13:22 PM) (Source: TermService) (EventID: 1067) (User: )
Description: Der Terminalserver kann den Dienstprinzipalnamen "TERMSRV", der für die Serverauthentifizierung verwendet werden soll, nicht registrieren. Der folgende Fehler ist aufgetreten: Die angegebene Domäne ist nicht vorhanden, oder es konnte keine Verbindung hergestellt werden.
.
Error: (10/27/2014 07:10:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira AntiVir WebGuard" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
Error: (10/27/2014 07:10:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira AntiVir MailGuard" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
Error: (10/27/2014 07:09:20 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: *****)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (10/27/2014 07:09:07 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (10/27/2014 07:09:04 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne SOLAR aufgrund der folgenden
Ursache nicht einrichten:
%%1311
Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.
ZUSÄTZLICHE INFORMATIONEN
Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Microsoft Office Sessions:
=========================
Error: (06/09/2014 04:51:29 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4138 seconds with 2580 seconds of active time. This session ended with a crash.
Error: (06/09/2014 03:41:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7957 seconds with 1740 seconds of active time. This session ended with a crash.
Error: (06/07/2014 02:10:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 32854 seconds with 8880 seconds of active time. This session ended with a crash.
Error: (06/06/2014 05:02:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20089 seconds with 6960 seconds of active time. This session ended with a crash.
Error: (06/05/2014 09:23:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 199097 seconds with 14520 seconds of active time. This session ended with a crash.
Error: (06/04/2014 00:43:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 61835 seconds with 2100 seconds of active time. This session ended with a crash.
Error: (06/03/2014 07:33:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1626 seconds with 540 seconds of active time. This session ended with a crash.
Error: (06/03/2014 00:02:23 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1446 seconds with 1320 seconds of active time. This session ended with a crash.
Error: (06/02/2014 11:37:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1772 seconds with 1500 seconds of active time. This session ended with a crash.
Error: (05/31/2014 11:26:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 25741 seconds with 4080 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 80%
Total physical RAM: 1900.3 MB
Available physical RAM: 379.03 MB
Total Pagefile: 3800.59 MB
Available Pagefile: 1472.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:11.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:202.08 GB) (Free:0.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=21.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=202.1 GB) - (Type=OF Extended)
==================== End Of Log ============================
--- --- --- Zitat:
Zitat von schrauber
(Beitrag 1377101)
Beende Avast erstmal. Ich will erst komplett sehen was los ist.
| habe dateien gepostet. danke im voraus für weiteren support
hallo schrauber,
hast Du meine files gesehen?
files gesehen?oder hab ich falsch gepostet?
bitte morgen weitere anweisungen geben. danke
ich hoffe Du siehst meine antworten. |
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: