StoneCraX | 30.01.2015 12:47 | Hallo
und danke nochmal für deine Hilfe.
Ich habe jetzt soweit alles gelöscht, die von dir genannten Programme und auch alles weitere wie Toolbars usw das mir unwichtig erschien.
Hoffentlich habe ich alles erwischt.
Hier sind die neuen Logfiles:
Danke,
Stonecrax
FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2015 01
Ran by Vroni (administrator) on VAIO_NOTEBOOK on 30-01-2015 12:43:52
Running from C:\Users\Vroni\Desktop
Loaded Profiles: Vroni (Available profiles: Vroni)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(globalUpdate) C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\FastPlayer\FPUpdaterService.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\Vroni\AppData\Local\Temp\Shuka\UACGetter.exe
() C:\Program Files\FastPlayer\WebBrowser.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe
() C:\Users\Vroni\AppData\Local\RGMService\RGMUpdater.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
() C:\Users\Vroni\AppData\Local\RGMService\RGMLoader.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [mbot_de_154] => [X]
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [Google Update] => C:\Users\Vroni\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-21] (Google Inc.)
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [GoogleChromeAutoLaunch_45191224BF4F697402CEEF6853EA9D19] => C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Run: [cmd] => C:\Users\Vroni\AppData\Local\Temp\Shuka\PackerV2.exe [5113856 2014-12-08] (Packer Framework) <===== ATTENTION
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\MountPoints2: {254fc985-3669-11e3-ad42-806e6f6e6963} - D:\shelexec.exe .\starter.html
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserFastPlayer.lnk
ShortcutTarget: WebBrowserFastPlayer.lnk -> C:\Program Files\FastPlayer\WebBrowser.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGps3182xY2a1NdTJWekBtEYhW4L2qQ_8uef-WJUDiBt68mbtqS04HHB5wy09kVgkaCL8i31x6z8d0DrpySaetdI4nIk144svg,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms}
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-zQISKvGtvH6WDh1A8w,,&q={searchTerms}
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV=
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-zQISKvGtvH6WDh1A8w,,&q={searchTerms}
HKU\S-1-5-21-533857234-3230724435-3058745666-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms}
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-yiuYODb1ojD3SUhUDA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-533857234-3230724435-3058745666-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-CcWC99o5zUNfNlf4Ib2BHaH8eYHjEiX70IAy0PSrfM8JuMf98pBrQ8PkLo6ogGpgdtOmcO_BuJvfqdPfXf8swYrhWdYSjMCjI448myNuMf7xIixs33RRms5b1j5hxqeEPKfKQU2WvF7-zQISKvGtvH6WDh1A8w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-533857234-3230724435-3058745666-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504&q={searchTerms}
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKU\S-1-5-21-533857234-3230724435-3058745666-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.121.128.10 212.121.128.11
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504
FireFox:
========
FF ProfilePath: C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default
FF DefaultSearchEngine: mystartsearch
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV=
FF SelectedSearchEngine: Trovi search
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-533857234-3230724435-3058745666-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-533857234-3230724435-3058745666-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\user.js
FF SearchPlugin: C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF Extension: Radio Canyon - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [2014-10-14]
FF Extension: videos_MediaPlayers_v1.1 - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\975af956-6d8c-4897-837a-25c267d2cec1@gmail.com [2014-10-14]
FF Extension: Fast Start - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\faststartff@gmail.com [2014-10-14]
FF Extension: remotexulmanagerxulforgecom - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\remotexulmanager@xulforge.com [2014-10-24]
FF Extension: WEB.DE MailCheck - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\Extensions\toolbar@web.de.xpi [2014-09-20]
FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-09-20]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Vroni\AppData\Roaming\Mozilla\Firefox\Profiles\z06qvz7y.default\extensions\faststartff@gmail.com
FF Extension: No Name - C:\Program Files\ver5SpeedChecker\180.xpi [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV=", "chrome://newtab/?source=home", "hxxp://www.mystartsearch.com/?type=hp&ts=1413317456&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0XZNEAC706504", "hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=55&CUI=&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M64CF35CC-251B-472E-BF7E-3A2B61099B12&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=6&UP=SP97E46BA3-2AAB-4E25-8EFD-3CC3FF5DDF3C&SAT=CNTS
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (almhciamckkbjlmapgjalcpciigohefi) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\almhciamckkbjlmapgjalcpciigohefi [2014-10-25]
CHR Extension: (Google Docs) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-21]
CHR Extension: (Google Drive) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-21]
CHR Extension: (Adblock Plus) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-21]
CHR Extension: (Google-Suche) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-21]
CHR Extension: (Blöcke Deluxe) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpeikjapgbmncgiaijjfondlfflajnlb [2014-06-21]
CHR Extension: (CHIP Online) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjmdobefakhdbfdpnnopoaldabldbgd [2014-06-21]
CHR Extension: (The QR Code Generator) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2014-06-21]
CHR Extension: (AdBlock) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-21]
CHR Extension: (Dropbox) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-06-21]
CHR Extension: (View Plug-ins) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjpifmjicccpbkfjdkehimhgklfkbanh [2014-10-24]
CHR Extension: (Google Wallet) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
CHR Extension: (Google Mail) - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-21]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx [2014-10-14]
StartMenuInternet: Google Chrome.BFEL4LOH3ZTRW2USQVE3O2GWV4 - C:\Users\Vroni\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 FastPlayerUpdaterService; C:\Program Files\FastPlayer\FPUpdaterService.exe [382464 2015-01-22] () [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-14] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-14] (globalUpdate) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 RGMUpdater; C:\Users\Vroni\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [202112 2005-10-18] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [998656 2005-10-18] (Conexant Systems, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R3 Mvc25U870_VID_1262&PID_25FD; C:\Windows\System32\Drivers\Mvc25U870.sys [55680 2005-12-29] (Micro Vision Co.,Ltd)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)
R3 SPI; C:\Windows\System32\DRIVERS\SonyPI.sys [14720 2007-08-03] (Sony Corporation)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1076472 2005-11-17] (SigmaTel, Inc.)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [217472 2005-10-04] (Texas Instruments)
S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [3712 2005-07-11] (TOSHIBA Corporation.) [File not signed]
R3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [46592 2005-09-16] (TOSHIBA Corporation) [File not signed]
S3 Tosrfbd; C:\Windows\System32\Drivers\tosrfbd.sys [108672 2005-10-07] (TOSHIBA CORPORATION) [File not signed]
S3 Tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36480 2005-09-15] (TOSHIBA Corporation) [File not signed]
R1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [62848 2005-10-07] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\Windows\System32\drivers\TosRfSnd.sys [52864 2005-11-11] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\Windows\System32\Drivers\tosrfusb.sys [36736 2005-11-15] (TOSHIBA CORPORATION) [File not signed]
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [587176 2012-11-13] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [551208 2012-11-13] (eMPIA Technology, Inc.)
R1 {6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}Gw; C:\Windows\System32\drivers\{6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}Gw.sys [43152 2014-10-18] (StdLib)
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x86\Sandra.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-30 12:29 - 2015-01-30 12:33 - 00001118 _____ () C:\Users\Vroni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-30 12:18 - 2015-01-30 12:18 - 00000000 ____D () C:\adobeTemp
2015-01-30 11:09 - 2015-01-30 11:10 - 00040420 _____ () C:\Users\Vroni\Desktop\Addition.txt
2015-01-30 11:08 - 2015-01-30 12:44 - 00022489 _____ () C:\Users\Vroni\Desktop\FRST.txt
2015-01-30 11:08 - 2015-01-30 12:43 - 00000000 ____D () C:\FRST
2015-01-30 11:06 - 2015-01-30 11:00 - 02130432 _____ (Farbar) C:\Users\Vroni\Desktop\FRST64.exe
2015-01-30 11:06 - 2015-01-30 11:00 - 01121792 _____ (Farbar) C:\Users\Vroni\Desktop\FRST.exe
2015-01-02 15:34 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-30 12:42 - 2013-10-16 15:18 - 01252446 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 12:40 - 2014-12-11 13:15 - 00000000 ____D () C:\Users\Vroni\AppData\Local\RGMService
2015-01-30 12:39 - 2014-10-14 21:11 - 00000886 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-30 12:39 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 12:39 - 2009-07-14 05:39 - 00045414 _____ () C:\Windows\setupact.log
2015-01-30 12:39 - 2009-07-14 05:34 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 12:39 - 2009-07-14 05:34 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 12:34 - 2013-10-17 10:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 12:33 - 2014-10-14 21:05 - 00002056 _____ () C:\Users\Vroni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-30 12:33 - 2014-10-14 21:05 - 00001994 _____ () C:\Users\Vroni\Desktop\Search.lnk
2015-01-30 12:33 - 2013-10-17 08:52 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-30 12:33 - 2013-10-17 08:52 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-30 12:33 - 2013-10-16 15:18 - 00001409 _____ () C:\Users\Vroni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-30 12:28 - 2010-11-20 22:01 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 12:23 - 2014-10-25 09:55 - 00000000 ____D () C:\ProgramData\Norton
2015-01-30 12:23 - 2013-10-17 08:24 - 00058824 _____ () C:\Users\Vroni\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-30 12:23 - 2010-11-20 22:48 - 00696924 _____ () C:\Windows\PFRO.log
2015-01-30 12:23 - 2009-07-14 05:33 - 03770680 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-30 12:21 - 2013-10-18 14:50 - 00000000 ____D () C:\Program Files\Adobe
2015-01-30 12:20 - 2013-10-18 14:48 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-30 12:20 - 2013-10-18 14:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-30 12:16 - 2013-10-16 15:18 - 00000000 ____D () C:\Users\Vroni
2015-01-30 11:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-30 11:07 - 2013-10-17 10:28 - 00000000 ____D () C:\Users\Vroni\AppData\Local\Adobe
2015-01-30 10:57 - 2014-09-20 16:44 - 00000000 ____D () C:\Users\Vroni\AppData\Roaming\Skype
2015-01-29 14:02 - 2014-12-11 13:13 - 00001779 _____ () C:\Users\Vroni\Desktop\FastPlayer.lnk
2015-01-29 14:02 - 2014-10-14 21:10 - 00000000 ____D () C:\Program Files\FastPlayer
2015-01-02 15:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-02 15:33 - 2013-10-17 08:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-02 15:28 - 2013-10-17 08:28 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2014-10-14 21:14 - 2014-10-14 21:14 - 1484176 _____ (enter) C:\Users\Vroni\AppData\Roaming\RKJ.exe
2014-10-14 21:13 - 2014-10-14 21:13 - 1971088 _____ (enter) C:\Users\Vroni\AppData\Roaming\SLOBCEOV.exe
2014-07-19 17:43 - 2014-07-19 17:44 - 0001456 _____ () C:\Users\Vroni\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-08-05 10:49 - 2014-08-05 10:49 - 0007605 _____ () C:\Users\Vroni\AppData\Local\Resmon.ResmonCfg
Files to move or delete:
====================
C:\Users\Vroni\AppData\Local\Temp\Shuka\PackerV2.exe
Some content of TEMP:
====================
C:\Users\Vroni\AppData\Local\Temp\asrla0gc.dll
C:\Users\Vroni\AppData\Local\Temp\CLmt3.exe
C:\Users\Vroni\AppData\Local\Temp\cu7dz7vs.dll
C:\Users\Vroni\AppData\Local\Temp\d8ry5sp4.dll
C:\Users\Vroni\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Vroni\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Vroni\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Vroni\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Vroni\AppData\Local\Temp\jyjben87.dll
C:\Users\Vroni\AppData\Local\Temp\KUIU.EXE
C:\Users\Vroni\AppData\Local\Temp\mjakizdc.dll
C:\Users\Vroni\AppData\Local\Temp\optprosetup.exe
C:\Users\Vroni\AppData\Local\Temp\rlrkfmt9.dll
C:\Users\Vroni\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Vroni\AppData\Local\Temp\setup_337.exe
C:\Users\Vroni\AppData\Local\Temp\sytcuyo8.dll
C:\Users\Vroni\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Vroni\AppData\Local\Temp\zVHI6.dll
C:\Users\Vroni\AppData\Local\Temp\zVHI6.exe
C:\Users\Vroni\AppData\Local\Temp\~dl51A0.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-27 10:45
==================== End Of Log ============================ --- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-01-2015 01
Ran by Vroni at 2015-01-30 12:44:22
Running from C:\Users\Vroni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtRage 4 Demo (HKLM\...\ArtRage 4 Demo 4.0.4.0) (Version: 4.0.4.0 - Ambient Design)
ArtRage 4 Demo (Version: 4.0.4.0 - Ambient Design) Hidden
bl (Version: 1.0.0 - Your Company Name) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v4.00.20(SO) - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
FastPlayer (HKLM\...\FastPlayer) (Version: v1.0.0.6 - SoftForce LLC) <==== ATTENTION
Google Chrome (HKU\S-1-5-21-533857234-3230724435-3058745666-1000\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - )
ph (Version: 1.0.0 - Your Company Name) Hidden
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4511.0 - SigmaTel)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
TERRATEC Cinergy Hybrid T USB XS FM (32 Bit) (HKLM\...\{271D6941-5F6C-4258-AD43-23839D46DC00}) (Version: 5.09.1202.00 - TERRATEC)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows-Treiberpaket - TerraTec (USB28xxBGA) Media (12/02/2009 5.09.1202.00) (HKLM\...\BB2E2D0714CC6BBEFC9CD54767EBB829C39EADEB) (Version: 12/02/2009 5.09.1202.00 - TerraTec )
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Chrome\Application\38.0.2125.111\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-533857234-3230724435-3058745666-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Vroni\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
==================== Restore Points =========================
14-10-2014 21:11:52 Uniblue SpeedUpMyPC installation
14-10-2014 21:53:23 Windows Update
18-10-2014 16:00:39 Windows Update
24-10-2014 21:02:12 Windows Update
27-10-2014 22:35:55 Windows Update
03-11-2014 21:41:44 Windows Update
19-11-2014 21:35:31 Windows Update
19-11-2014 22:43:43 Windows Update
11-12-2014 13:18:05 Windows Update
02-01-2015 15:28:01 Windows Update
30-01-2015 12:10:15 TuneUp Utilities 2014 wird entfernt
30-01-2015 12:11:20 TuneUp Utilities 2014 (de-DE) wird entfernt
30-01-2015 12:20:53 Removed Adobe Widget Browser
30-01-2015 12:21:07 Removed Adobe Help Manager
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2013-10-18 15:14 - 00000889 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {24A81D2E-DED1-40E6-9B84-A68F0A531872} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-10-14] (globalUpdate) <==== ATTENTION
Task: {5FD6F9A4-36BD-47CC-98AD-0BBCFBEDAD89} - System32\Tasks\{30A31F06-EBED-40F7-A45F-CA73290DA860} => pcalua.exe -a C:\Users\Vroni\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=tugs
Task: {A89E4C46-91F4-4E40-A223-747A7FDC39FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B437AB69-C2A7-4EF9-9F66-BD2C7A76F443} - System32\Tasks\{F2F7615B-BBF4-44EB-870F-C631BF87AC03} => pcalua.exe -a C:\Users\Vroni\Downloads\SP32899\setup.exe -d C:\Users\Vroni\Downloads\SP32899
Task: {D26CBCDB-F271-4609-AC5B-70208743AEE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)
Task: {D6E6E73D-3FC8-433C-ADD8-6F0DF62361FF} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2004-07-20 16:04 - 2004-07-20 16:04 - 00094208 _____ () C:\Windows\System32\TosBtHcrpAPI.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-22 11:49 - 2015-01-22 11:49 - 00382464 _____ () C:\Program Files\FastPlayer\FPUpdaterService.exe
2013-10-17 10:21 - 2005-11-10 13:48 - 00094208 _____ () C:\Windows\system32\Mv25U870Prp.ax
2014-12-09 09:28 - 2014-12-09 09:28 - 00192512 _____ () C:\Users\Vroni\AppData\Local\Temp\Shuka\UACGetter.exe
2015-01-21 16:54 - 2015-01-21 16:54 - 00134656 _____ () C:\Program Files\FastPlayer\WebBrowser.exe
2005-07-22 20:30 - 2005-07-22 20:30 - 00065536 _____ () C:\Windows\system32\TosCommAPI.dll
2014-10-27 16:04 - 2014-10-27 16:04 - 00028160 _____ () C:\Users\Vroni\AppData\Local\RGMService\RGMUpdater.exe
2014-10-27 23:19 - 2014-10-22 05:04 - 08910664 _____ () C:\Users\Vroni\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-27 23:19 - 2014-10-22 05:04 - 01681224 _____ () C:\Users\Vroni\AppData\Local\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-12-01 17:01 - 2014-12-01 17:01 - 00974848 _____ () C:\Users\Vroni\AppData\Local\RGMService\RGMLoader.exe
2014-12-01 17:01 - 2014-12-01 17:01 - 01686016 _____ () C:\Users\Vroni\AppData\Local\RGMService\RGMHost.dll
2014-12-01 17:01 - 2014-12-01 17:01 - 02745856 _____ () C:\Users\Vroni\AppData\Local\RGMService\MonetizationToolsManager.dll
2014-12-01 17:02 - 2014-12-01 17:02 - 01592832 _____ () C:\Users\Vroni\AppData\Local\RGMService\ProtectorsManager.dll
2014-06-21 06:47 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-06-21 06:47 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Vroni\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-533857234-3230724435-3058745666-500 - Administrator - Disabled)
Gast (S-1-5-21-533857234-3230724435-3058745666-501 - Limited - Disabled)
Vroni (S-1-5-21-533857234-3230724435-3058745666-1000 - Administrator - Enabled) => C:\Users\Vroni
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/30/2015 00:42:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/30/2015 00:41:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2015 00:37:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2015 00:31:02 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Vaio_Notebook)
Description: Die Anwendung oder der Dienst "linmsl" konnte nicht heruntergefahren werden.
Error: (01/30/2015 00:24:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2015 00:21:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/30/2015 00:21:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/30/2015 00:21:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary EraserUtilRebootDrv.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/30/2015 00:21:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/30/2015 00:20:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (01/30/2015 00:40:11 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 113.40.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:40:11 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.189.1901.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:40:11 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.189.1901.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:40:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.189.1901.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:36:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 113.40.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:36:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.189.1901.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:36:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.189.1901.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:36:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.189.1901.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:33:44 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 113.40.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/30/2015 00:33:44 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.189.1901.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Microsoft Office Sessions:
=========================
Error: (01/30/2015 00:42:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\Vroni\AppData\Local\Temp\Shuka\64.exe
Error: (01/30/2015 00:41:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2015 00:37:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2015 00:31:02 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Vaio_Notebook)
Description: 1C:\Program Files\LPT\linmsl.exelinmsl0511751200
Error: (01/30/2015 00:24:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2015 00:21:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/30/2015 00:21:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/30/2015 00:21:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary EraserUtilRebootDrv.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/30/2015 00:21:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/30/2015 00:20:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
==================== Memory info ===========================
Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz
Percentage of memory in use: 47%
Total physical RAM: 3070.05 MB
Available physical RAM: 1608.45 MB
Total Pagefile: 6138.4 MB
Available Pagefile: 4645.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.55 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.37 GB) (Free:199.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 162EBCA0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |