muffelbirne | 21.11.2014 17:33 | Hallo schrauber,
vielen Dank für die Schnelle Antwort! :)
Als erstes, wie verlangt, die FRST logfile
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by Wolfgang (administrator) on WOLFGANG-PC on 20-11-2014 20:05:30
Running from C:\Users\Wolfgang\Desktop
Loaded Profile: Wolfgang (Available profiles: Wolfgang)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Haufe\iDesk\iDeskService\ideskservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Haufe Mediengruppe) C:\Program Files (x86)\Haufe\iDesk\iDeskService\ideskpython.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AVM Berlin) C:\Users\Wolfgang\AppData\Local\Apps\2.0\1ROBEXO0.CTM\55NJMCEW.YEX\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1055\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-06-14] (Samsung)
HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Wolfgang\AppData\Local\Apps\2.0\1ROBEXO0.CTM\55NJMCEW.YEX\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2013-12-23] (AVM Berlin)
HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6070040 2013-04-23] (Piriform Ltd)
HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
ShortcutTarget: Status Monitor.lnk -> C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3729097478-2049141933-32761983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.chiemgau24.de/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {8C46B4D3-8AF9-4DAE-B045-55E4C71227B8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3729097478-2049141933-32761983-1001 -> DefaultScope {95D7463A-98C1-4710-A757-94038A0F805B} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3729097478-2049141933-32761983-1001 -> {95D7463A-98C1-4710-A757-94038A0F805B} URL = https://www.google.com/search?q={searchTerms}
BHO: No Name -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} - No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3729097478-2049141933-32761983-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E4CF4E86-D0DC-4864-8F0E-4F6EA2526334} https://img.ui-portal.de/1und1/smartdrive/activex/v1/1und1_de_osupload_2002.cab
Handler: haufereader - No CLSID Value
Hosts: 127.0.0.1 www.nero.com
Tcpip\Parameters: [DhcpNameServer] 192.168.174.1
FireFox:
========
FF ProfilePath: C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\sbkqw9au.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF user.js: detected! => C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\sbkqw9au.default\user.js
FF Extension: Avira Browser Safety - C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\sbkqw9au.default\Extensions\abs@avira.com [2014-10-06]
FF Extension: Amazon-Icon - C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\sbkqw9au.default\Extensions\amazon-icon@giga.de [2013-12-05]
FF Extension: pricealarm - C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\sbkqw9au.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2013-12-08]
FF Extension: Snap.Do - C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\sbkqw9au.default\Extensions\{684775a7-2a0a-44d5-d829-33bbc3d19d6e} [2014-05-03]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\sbkqw9au.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-07-24]
FF Extension: Jump Flip - C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\sbkqw9au.default\Extensions\{cc30460f-753f-44d9-b58c-13dae1321968}.xpi [2014-02-04]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-22]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-03]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: No Name - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-18]
Chrome:
=======
CHR Profile: C:\Users\Wolfgang\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-06-11]
CHR Extension: (Freemake Video Converter) - C:\Users\Wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2014-06-11]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2014-10-21]
CHR Extension: (Amazon-Icon) - C:\Users\Wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-06-11]
CHR Extension: (Google Wallet) - C:\Users\Wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-07-18]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Wolfgang\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-12-05]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [993584 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AVM IGD CTRL Service; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [81920 2005-11-21] (AVM Berlin) [File not signed]
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd)
S3 de_serv; C:\Program Files (x86)\Common Files\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-03-26] (Freemake) [File not signed]
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1055\G2AC_Service.exe [309568 2014-11-11] (Citrix Online, a division of Citrix Systems, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HRService; C:\Program Files (x86)\Haufe\iDesk\iDeskService\iDeskService.exe [12800 2013-07-03] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-12] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116480 2013-10-26] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-10-26] (AVM Berlin)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R1 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 smsbda; C:\Windows\System32\drivers\smsbda.sys [56960 2011-03-06] (Siano)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-09-13] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633552 2012-09-13] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390224 2012-09-13] (Paragon)
S3 cpuz130; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 20:05 - 2014-11-20 20:05 - 00022624 _____ () C:\Users\Wolfgang\Desktop\FRST.txt
2014-11-20 20:05 - 2014-11-20 20:05 - 00000000 ____D () C:\FRST
2014-11-20 20:05 - 2014-11-20 20:03 - 02117120 _____ (Farbar) C:\Users\Wolfgang\Desktop\FRST64.exe
2014-11-20 18:29 - 2014-11-20 18:29 - 00001908 _____ () C:\Windows\avmacc.log
2014-11-15 17:03 - 2014-11-15 17:03 - 00000000 ____D () C:\Users\Wolfgang\Desktop\Beitragserhebung
2014-11-11 19:25 - 2014-11-11 19:25 - 00000000 ____D () C:\Windows\pss
2014-11-11 12:26 - 2014-11-11 12:26 - 00000000 ____D () C:\Users\Wolfgang\AppData\Roaming\Haufe Mediengruppe
2014-11-11 12:26 - 2014-11-11 12:26 - 00000000 ____D () C:\Users\Wolfgang\AppData\Local\Haufe Mediengruppe
2014-11-11 12:25 - 2014-11-11 12:25 - 00002323 _____ () C:\Users\Public\Desktop\BDL - Handbuch für Lohnsteuerhilfevereine starten.lnk
2014-11-11 12:18 - 2014-11-11 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haufe
2014-11-11 12:18 - 2014-11-11 12:18 - 00002875 _____ () C:\Users\Public\Desktop\Haufe Formular-Manager.lnk
2014-11-11 12:17 - 2014-11-11 12:17 - 00000000 ____D () C:\ProgramData\Haufe
2014-11-11 12:17 - 2014-11-11 12:17 - 00000000 ____D () C:\Program Files (x86)\Haufe
2014-11-11 12:03 - 2014-11-11 12:03 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-11-10 14:07 - 2014-11-10 14:07 - 00000879 _____ () C:\Users\Wolfgang\Downloads\032021.xml
2014-11-06 12:07 - 2014-11-06 12:07 - 00164863 _____ () C:\Users\Wolfgang\Desktop\grundbuch.xps
2014-11-06 11:29 - 2014-11-06 11:29 - 00000263 _____ () C:\Users\Wolfgang\Desktop\Grundbuchvollmacht.log
2014-10-29 09:05 - 2014-10-29 09:05 - 00009845 _____ () C:\Users\Wolfgang\Desktop\Ausfuellhilfe-EUER-2013.xlsx
2014-10-22 19:19 - 2014-10-22 19:19 - 00000971 _____ () C:\Users\Public\Desktop\Fotoschau.lnk
2014-10-22 13:24 - 2014-10-22 13:24 - 00003278 _____ () C:\Windows\System32\Tasks\{2E5DC977-4385-4D88-B72E-2F97E121B401}
2014-10-21 17:04 - 2014-10-21 17:04 - 00003002 _____ () C:\Windows\System32\Tasks\{D600B3A4-C1A4-452C-BBF9-ABBFA7473A76}
2014-10-21 17:04 - 2014-10-21 17:04 - 00003002 _____ () C:\Windows\System32\Tasks\{3F6F3834-03FC-4E46-B91C-4AE654C09F5C}
2014-10-21 17:04 - 2014-10-21 17:04 - 00003002 _____ () C:\Windows\System32\Tasks\{254D196D-D10B-43BC-B6C9-BF453902ABCB}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 19:49 - 2012-10-22 12:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-20 19:31 - 2013-02-15 20:19 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-20 19:31 - 2013-02-15 20:19 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-20 19:24 - 2014-05-31 20:06 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BE3246C8-555C-4879-9A45-FDA762C7E516}
2014-11-20 18:38 - 2012-11-19 21:07 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-20 18:34 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-20 18:34 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-20 18:33 - 2011-04-12 08:43 - 00700358 _____ () C:\Windows\system32\perfh007.dat
2014-11-20 18:33 - 2011-04-12 08:43 - 00149154 _____ () C:\Windows\system32\perfc007.dat
2014-11-20 18:33 - 2009-07-14 06:13 - 01622012 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-20 18:29 - 2014-06-25 21:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-20 18:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-20 17:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-11-20 17:51 - 2014-02-11 21:05 - 00000000 ____D () C:\ProgramData\Updater
2014-11-20 11:03 - 2012-10-20 15:38 - 00000518 _____ () C:\Windows\BRWMARK.INI
2014-11-19 17:37 - 2012-10-22 13:09 - 00001240 _____ () C:\Windows\wiso.ini
2014-11-19 15:13 - 2014-10-10 07:20 - 00000000 ____D () C:\Users\Wolfgang\AppData\Roaming\UseNeXT
2014-11-18 07:45 - 2014-07-28 16:47 - 00001262 _____ () C:\Users\Public\Desktop\Steuersoft Servicetool.lnk
2014-11-18 07:45 - 2013-03-16 17:14 - 00001300 _____ () C:\Users\Public\Desktop\Steuersoft Fernwartung.lnk
2014-11-18 07:45 - 2013-03-16 17:14 - 00001277 _____ () C:\Users\Public\Desktop\Steuersoft Datenbankprüfung.lnk
2014-11-18 07:45 - 2012-10-20 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuersoft NX
2014-11-17 12:19 - 2013-10-09 21:28 - 00000000 _____ () C:\ctapi_out_gr.txt
2014-11-15 17:50 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-14 15:04 - 2012-10-29 21:48 - 00004664 _____ () C:\Users\Wolfgang\AppData\Roaming\CMLS16.tst.txt
2014-11-13 19:26 - 2013-02-15 20:19 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 19:26 - 2013-02-15 20:19 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 08:34 - 2013-10-26 17:01 - 00000000 ____D () C:\Users\Wolfgang\AppData\Local\Deployment
2014-11-12 16:49 - 2012-10-22 12:48 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 16:49 - 2012-10-22 12:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 16:49 - 2012-10-22 12:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 07:20 - 2009-07-14 05:45 - 00471040 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-11 17:58 - 2012-10-20 17:19 - 00128792 _____ () C:\Users\Wolfgang\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-11 12:17 - 2014-01-15 20:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-11 12:05 - 2014-09-20 14:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-11 12:05 - 2012-10-21 14:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-11 11:53 - 2012-10-21 19:00 - 00000000 ____D () C:\Users\Wolfgang\AppData\Roaming\vlc
2014-11-11 07:24 - 2014-08-07 07:54 - 00001143 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-11 07:24 - 2013-03-16 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-11 07:24 - 2013-03-16 17:50 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-08 14:02 - 2013-03-16 17:14 - 00001228 _____ () C:\Users\Public\Desktop\ESt-Plus NX.lnk
2014-11-07 18:16 - 2013-11-16 10:56 - 00000000 ____D () C:\Users\Wolfgang\Desktop\Temp
2014-11-03 16:49 - 2012-10-21 14:26 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-11-03 16:48 - 2012-10-20 15:36 - 00000000 ____D () C:\Users\Wolfgang
2014-11-01 18:44 - 2014-09-08 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Mein Geld 2013
2014-10-30 07:53 - 2013-03-13 22:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-30 07:53 - 2013-03-13 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-29 20:54 - 2013-03-13 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-27 14:56 - 2013-01-21 21:57 - 00000000 ____D () C:\Program Files (x86)\svnet
2014-10-24 11:15 - 2012-10-22 13:09 - 00001188 _____ () C:\Users\Wolfgang\AppData\Local\crc32list11.txt
2014-10-23 19:44 - 2014-06-25 21:03 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-23 19:44 - 2014-06-25 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-23 19:44 - 2014-06-25 21:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-22 19:19 - 2014-07-20 18:59 - 00000996 _____ () C:\Users\Public\Desktop\Pixum Fotobuch.lnk
2014-10-22 19:19 - 2012-12-08 23:16 - 00000000 ____D () C:\ProgramData\tmp
2014-10-22 19:10 - 2012-12-08 23:16 - 00000000 ____D () C:\ProgramData\hps
2014-10-22 13:24 - 2013-01-21 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\svnet
2014-10-21 06:42 - 2014-06-11 08:20 - 00000000 ____D () C:\Users\Wolfgang\AppData\Local\Adobe
Some content of TEMP:
====================
C:\Users\Wolfgang\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 12:22
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
Und auch die Addition logfile Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2014
Ran by Wolfgang at 2014-11-20 20:05:48
Running from C:\Users\Wolfgang\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
5700_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.377 - ArcSoft)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0A06}) (Version: 12.10.6.48 - APN, LLC) <==== ATTENTION
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.31.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.4.57710 - Ask.com) <==== ATTENTION
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Avery Zweckform Assistent 3.1 (HKLM-x32\...\InstallShield_{EB7A2041-6A16-4BAC-8079-43B985673C2C}) (Version: 3.1.0.2153 - Avery)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - )
AVM FRITZ!DSL (HKLM-x32\...\FRITZ!DSL) (Version: - )
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - )
BDL - Handbuch für Lohnsteuerhilfevereine (HKLM-x32\...\{28f7ae67-d7ac-4435-a5b0-a52bc2d4d4e2}) (Version: 18.1.0.0 - Haufe-Lexware)
BDL - Handbuch für Lohnsteuerhilfevereine (x32 Version: 18.01.00.0000 - Haufe-Lexware GmbH Co.KG) Hidden
BMWi Businessplan (HKLM-x32\...\de.bmwi.businessplan) (Version: 1.4.0 - Bundesministerium für Wirtschaft und Energie)
BMWi Businessplan (x32 Version: 1.4.0 - Bundesministerium für Wirtschaft und Energie) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Brother P-touch Editor 5.0 (HKLM-x32\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.110 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (x32 Version: 5.0.110 - Brother Industries, Ltd.) Hidden
Brother P-touch Software User's Guide (HKLM-x32\...\InstallShield_{FD525A47-5E7A-4970-A896-C520E270B079}) (Version: 1.00.0000 - Brother Industries, Ltd.)
Brother P-touch Software User's Guide (x32 Version: 1.00.0000 - Brother Industries, Ltd.) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Cryptonify 2.0.1 (HKLM-x32\...\Cryptonify_0) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - CHIP.de)
Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - )
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.00.100 - Nuance Communications Inc.)
ELAXY Baufinanzierungssystem (HKLM-x32\...\{B2A34FA7-9E17-11D5-A7CD-00A024CC8A1B}) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular 13.0.0.8086k) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
eSpeak version 1.47.11 (HKLM-x32\...\eSpeak_is1) (Version: - )
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.1.0.1055 - Citrix Online, a division of Citrix Systems, Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2014.01.01 - www.hardcopy.de)
Haufe Formular-Manager (x32 Version: 13.09.01.0001 - Haufe-Lexware GmbH & Co. KG) Hidden
Haufe iDesk-Browser (x32 Version: 13.07.23.0001 - Haufe-Lexware GmbH & Co. KG) Hidden
Haufe iDesk-Service (x32 Version: 14.03.01.0197 - Haufe-Lexware GmbH & Co. KG) Hidden
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
HKVertrag 2.04 (HKLM-x32\...\HKVertrag_is1) (Version: - Horst Kirchberg - Softwareentwicklung)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP OfficeJet J5700 (HKLM\...\{D3A65B0A-403B-4C20-A488-BFED2BC5D2EF}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
J5700 (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
mapserver 5 COM-Module (HKLM-x32\...\{5C4AE262-DA69-4C68-BF71-7C2C935BE9C2}) (Version: - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MD86351 driver install (HKLM-x32\...\InstallShield_{8F09C270-2407-4EC5-9AA3-E0735EC745C6}) (Version: 6.3.6.1 - Ihr Firmenname)
MD86351 driver install (x32 Version: 6.3.6.1 - Ihr Firmenname) Hidden
Mein Büro (HKLM-x32\...\{11CF3ABC-DFB0-47DE-B31F-71CB995A12D7}_is1) (Version: 14.0 - Buhl Data Service GmbH)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Miniplan 3.1.6 (HKLM-x32\...\2476-8030-0924-5048) (Version: 3.1.6 - LucaNet AG)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\MyFreeCodec) (Version: - )
Nero 11 Platinum (HKLM-x32\...\{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}) (Version: 11.2.00700 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Open It! (HKLM-x32\...\OpenIt Open It!) (Version: 1.1.1 - OpenIt)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OptimizerPro (HKLM\...\{9A21CB52-7CDB-71E6-930D-34F941C2E9A4}) (Version: 1.0 - PC Utilities Pro) <==== ATTENTION
Paragon Backup and Recovery™ 2013 Plus Edition (HKLM-x32\...\{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}) (Version: 90.00.0003 - Paragon Software)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.6 - CEWE Stiftung u Co. KGaA)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
ProductContext (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
ratDVD 0.78.1444 (HKLM-x32\...\ratDVD) (Version: 0.78.1444 - ratDVD)
Rommé 1 (HKLM-x32\...\Rommé 1) (Version: - )
Romme XXL (HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\Romme XXL) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snap.Do Engine (HKU\S-1-5-21-3729097478-2049141933-32761983-1001\...\{45c1fd71-b9a7-4469-8050-e58ffaae7d8b}) (Version: 11.71.1.16545 - ReSoft Ltd.) <==== ATTENTION
Snapform Viewer 1.7.36 (HKLM-x32\...\2841-5017-1617-4151) (Version: 1.7.36 - Ringler Informatik AG)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steuersoft EStPlus NX (HKLM-x32\...\EstPlusNX) (Version: 20101 - Steuersoft GmbH)
Steuersoft Routenplaner (HKLM-x32\...\Steuersoft Routenplaner) (Version: 3.0 - Steuersoft GmbH)
sv.net (HKLM-x32\...\sv.net) (Version: 14.1 - ITSG GmbH)
t@x 2010 Professional (HKLM-x32\...\{1F2899C5-8938-4232-98CC-7A075ECB3172}) (Version: 17.00.6531 - Buhl Data Service GmbH)
t@x 2011 Professional (HKLM-x32\...\{B0414A3B-3AE3-47B8-8FC0-2129781FF425}) (Version: 18.00.6928 - Buhl Data Service GmbH)
t@x 2012 Professional (HKLM-x32\...\{0E806605-5B82-4A4F-BC31-AA4FADA03C42}) (Version: 19.00.7303 - Buhl Data Service GmbH)
t@x 2013 Professional (HKLM-x32\...\{6737F045-A91A-4177-9C8C-59460FC1C84D}) (Version: 20.00.8137 - Buhl Data Service GmbH)
t@x 2014 Professional (HKLM-x32\...\{2547CF96-DBB7-4EDD-9327-0EFDD0D1FA8A}) (Version: 21.00.8480 - Buhl Data Service GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
test und FINANZtest Archiv CD-Rom 2012 (HKLM-x32\...\test und FINANZtest Archiv CD-Rom 2012) (Version: - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TV IR (HKLM-x32\...\{C1FD1627-2EAF-48CB-A333-42D39BCB096D}) (Version: 2.2 - MEDION)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Voice Pro 12 Premium (HKLM\...\{74FA3C8A-1739-4AE0-B578-0E4E288B6688}) (Version: 12.2.121.2246 - Linguatec Sprachtechnologien GmbH)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
Windows Utils (HKLM-x32\...\Windows Utils) (Version: - )
WISO Mein Geld 2013 Professional (x32 Version: 15.0.0.1 - Buhl Data Service GmbH) Hidden
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
20-11-2014 18:03:54 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2012-12-20 20:21 - 00001921 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.nero.com
127.0.0.1 www.nero.com/rus/index.html
127.0.0.1 www.nero.com/rus/support.html
127.0.0.1 www.nero.com/rus/support-customer-service-product-registration.html
127.0.0.1 www.nero.com/rus/store-upgrade-center.html
127.0.0.1 www.nero.com/rus/store-volume-licensing.html
127.0.0.1 www.nero.com/eng/support.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/store-upgrade-center.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/support-customer-service-product-registration.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/index.html
127.0.0.1 www.nero.com/eng/store-upgrade-center.html&sa=X&oi=smap&resnum=1&ct=result&cd=6&usg=AFQjCNFRzc_q0umeKlIj7pPYNNBYCFbXkg
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 activation@nero.com
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 www.nero.com/eng/privacy.html.
127.0.0.1 legal@nero.com
127.0.0.1 support.nero.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1953862F-63B0-4FC4-8A6E-7DD4D72EE7B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15] (Google Inc.)
Task: {24C09F64-8CAD-4D8F-BE29-F175985C2337} - System32\Tasks\{254D196D-D10B-43BC-B6C9-BF453902ABCB} => C:\Program Files (x86)\BMWi Businessplan\BMWi Businessplan.exe [2014-05-31] ()
Task: {407AD445-D571-4538-B188-309BAD5C0EA0} - System32\Tasks\{3F6F3834-03FC-4E46-B91C-4AE654C09F5C} => C:\Program Files (x86)\BMWi Businessplan\BMWi Businessplan.exe [2014-05-31] ()
Task: {44DD6207-4974-4635-8173-8554B69C9CFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {46E21E00-D774-4E18-ADC9-D07D48A466BA} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {4EBEA34A-6553-46B2-B68D-D784DDE708E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15] (Google Inc.)
Task: {7AEA9302-DFFD-440D-B5D9-D5FEB7FE94FA} - System32\Tasks\{D600B3A4-C1A4-452C-BBF9-ABBFA7473A76} => C:\Program Files (x86)\BMWi Businessplan\BMWi Businessplan.exe [2014-05-31] ()
Task: {8A604584-4AA7-4C27-9573-F3BFACF05379} - \Windows Update Check - 0x1FE004EA No Task File <==== ATTENTION
Task: {B029FC76-F394-4908-83DE-11051AF60C58} - System32\Tasks\{6D3446E7-1B10-41AB-B5AE-D401AB2710DA} => C:\Users\Wolfgang\Downloads\FRITZ!fax_3.07.04.exe [2013-10-23] (AVM Berlin )
Task: {BB336CF2-8711-4E5E-B5B2-688BC087EDFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {BD9BC2A5-F05E-4EBB-8971-D708CCB00674} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {CB727A64-2031-4366-9C07-77C73CBF0221} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()
Task: {E45FDE1B-8201-409A-A05F-840BF8C49710} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-09-05 11:36 - 2012-05-15 10:28 - 00085824 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-03 19:02 - 2013-07-03 19:02 - 00012800 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\iDeskService.exe
2013-12-23 20:16 - 2013-10-30 10:49 - 00126968 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_43_x64.dll
2013-12-23 20:16 - 2013-07-17 16:03 - 00037880 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2013-12-23 20:16 - 2012-11-08 07:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2013-07-03 19:02 - 2013-07-03 19:02 - 00082432 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\pywintypes24.dll
2013-07-03 19:00 - 2013-07-03 19:00 - 00052224 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\DLLs\zlib.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00029696 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\win32process.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00016896 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\win32event.pyd
2013-07-03 19:00 - 2013-07-03 19:00 - 00037888 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\DLLs\_socket.pyd
2013-07-03 19:00 - 2013-07-03 19:00 - 00475136 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\DLLs\_ssl.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00064512 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\win32api.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00017920 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\win32evtlog.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00027648 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\servicemanager.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00071680 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\win32file.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00018944 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\win32pipe.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00086528 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\win32security.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00036864 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Lib\site-packages\win32\win32service.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00017920 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\persistent.cPersistence.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00011264 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\persistent.TimeStamp.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00017920 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\persistent.cPickleCache.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00023040 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\Acquisition._Acquisition.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00017408 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\ExtensionClass._ExtensionClass.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00007680 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\ComputedAttribute._ComputedAttribute.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00024064 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\AccessControl.cAccessControl.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00010240 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\Record._Record.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00017408 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\DocumentTemplate.cDocumentTemplate.pyd
2013-07-03 19:00 - 2013-07-03 19:00 - 00124416 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\DLLs\pyexpat.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00049664 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\BTrees._OOBTree.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00051712 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\BTrees._OIBTree.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00053248 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\BTrees._IOBTree.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00053760 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\BTrees._IIBTree.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00008192 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\Persistence._Persistence.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00006656 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\MethodObject._MethodObject.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00008192 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\Missing._Missing.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00008704 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\MultiMapping._MultiMapping.pyd
2013-07-03 19:00 - 2013-07-03 19:00 - 00010240 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\DLLs\select.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00006656 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\ZODB.winlock.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00006144 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\Products.ZCTextIndex.stopper.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00007168 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\Products.ZCTextIndex.okascore.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00378368 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\_jpype.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00009728 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\TextIndexNG2\normalizer.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00010240 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\TextIndexNG2\indexsupport.pyd
2014-03-20 15:15 - 2014-03-20 15:15 - 00607232 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\OSR32V10.dll
2014-03-20 15:32 - 2014-03-20 15:32 - 00052224 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\BTrees._fsBTree.pyd
2014-03-20 15:32 - 2014-03-20 15:32 - 00259072 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\M2Crypto.__m2crypto.pyd
2013-07-03 18:57 - 2013-07-03 18:57 - 00148480 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\SSLEAY32.dll
2013-07-03 18:57 - 2013-07-03 18:57 - 00825344 _____ () C:\Program Files (x86)\Haufe\iDesk\iDeskService\Zope\lib\python\LIBEAY32.dll
2013-12-23 20:16 - 2013-10-30 10:49 - 00117752 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_43_Win32.dll
2013-12-23 20:16 - 2012-07-05 14:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2013-12-23 20:16 - 2013-12-14 11:09 - 03001152 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2013-10-10 21:05 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2009-02-26 12:46 - 2009-02-26 12:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2013-12-21 07:05 - 2013-12-21 07:05 - 00131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2013-12-21 07:04 - 2013-12-21 07:04 - 03989888 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-12-21 07:05 - 2013-12-21 07:05 - 01446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2011-06-22 10:46 - 2011-06-22 10:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2012-09-23 19:43 - 2012-09-23 19:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\sqlite.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^t@x aktuell.lnk => C:\Windows\pss\t@x aktuell.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Wolfgang^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PPort11reminder => "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: TVPro Control => C:\Program Files (x86)\TV IR\TV IR.EXE
MSCONFIG\startupreg: TVPro Task => C:\Program Files (x86)\TV IR\shutTask.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-3729097478-2049141933-32761983-500 - Administrator - Disabled)
Gast (S-1-5-21-3729097478-2049141933-32761983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3729097478-2049141933-32761983-1002 - Limited - Enabled)
Wolfgang (S-1-5-21-3729097478-2049141933-32761983-1001 - Administrator - Enabled) => C:\Users\Wolfgang
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/20/2014 06:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/20/2014 05:54:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/20/2014 11:32:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17207, Zeitstempel: 0x53a20c50
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x05ce4b71
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (11/20/2014 10:07:47 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/20 10:07:47.644]: [00004620]: Read S-Key information failed!
Error: (11/20/2014 10:06:14 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/20 10:06:14.817]: [00004620]: Read S-Key information failed!
Error: (11/20/2014 10:05:01 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/20 10:05:01.764]: [00004620]: Read S-Key information failed!
Error: (11/20/2014 10:03:33 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/20 10:03:33.187]: [00004620]: Read S-Key information failed!
Error: (11/20/2014 08:40:59 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/20 08:40:59.427]: [00004620]: Read S-Key information failed!
Error: (11/20/2014 08:39:07 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/11/20 08:39:07.236]: [00004620]: Read S-Key information failed!
Error: (11/20/2014 08:22:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (11/20/2014 06:29:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/20/2014 06:29:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/20/2014 06:29:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/20/2014 06:29:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/20/2014 06:29:52 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (11/20/2014 06:29:52 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (11/20/2014 06:29:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/20/2014 06:29:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/20/2014 06:29:42 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (11/20/2014 06:26:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Microsoft Office Sessions:
=========================
Error: (11/17/2014 03:57:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8831 seconds with 1380 seconds of active time. This session ended with a crash.
Error: (11/06/2014 09:12:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 48890 seconds with 5940 seconds of active time. This session ended with a crash.
Error: (10/13/2014 07:17:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 39258 seconds with 1440 seconds of active time. This session ended with a crash.
Error: (09/17/2014 08:41:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 44883 seconds with 4500 seconds of active time. This session ended with a crash.
Error: (09/08/2014 07:54:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 43718 seconds with 1320 seconds of active time. This session ended with a crash.
Error: (07/28/2014 09:22:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17101 seconds with 1260 seconds of active time. This session ended with a crash.
Error: (07/23/2014 09:06:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 49305 seconds with 4020 seconds of active time. This session ended with a crash.
Error: (06/14/2014 04:19:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (06/14/2014 03:48:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/19/2014 09:50:04 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5776 seconds with 840 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-10-09 19:26:42.556
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:42.514
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:40.467
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:40.426
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:38.378
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:38.337
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:36.290
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:36.248
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:34.167
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-09 19:26:34.126
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 30%
Total physical RAM: 8125.47 MB
Available physical RAM: 5622.09 MB
Total Pagefile: 16249.12 MB
Available Pagefile: 12210.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:97.37 GB) (Free:4.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:232 GB) NTFS
Drive g: () (Removable) (Total:0.47 GB) (Free:0.28 GB) FAT
Drive h: () (Removable) (Total:14.54 GB) (Free:12.84 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 107.1 GB) (Disk ID: 05C705C7)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=97.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 22A391AF)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 480 MB) (Disk ID: 6F20736B)
No partition Table on disk 3.
Disk 3 is a removable device.
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 14.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=0C)
==================== End Of Log ============================
LG
#push
Tut mir leid, dass ich pushe aber das Problem ist echt dringend... |