MultiPlug-FVQ
 

Hallo zusammen,

ich bin nicht mehr der Jüngste (66) und habe eine Frage:
Ich habe McAfee Internet Security auf meinem PC und der hat mich vor: MultiPlug-FVQ
gewarnt.
Was ist das und kann ich das "Ding" zulassen, oder soll ich es isolieren?

Vielen Dank schon mal im Voraus.

Xorrie

:hallo:

Bei dieser Meldung handelt es sich vermutlich um Adware. Z.B. Malware scan of 0594fd5f291.exe ca878341459ad0f4c2b9099a76b83192af4501b7 - herdProtect

Das ist jetzt nichts "schlimmes" aber dennoch "unerwünscht". Also "Blockieren" oder in "Quarantäne" verschieben wählen.

Wenn Du möchtest, dass Dein PC genauer untersucht wird, lasse es mich bitte wissen. ;)

MultiPlug-FVQ
 

Herzlichen Dank für Deine Information und Deine Mühe.
Ich habe MultiPlug-FVQ durch McAfee isolieren lassen.
Wie kann ich den PC genauer untersuchen lassen?

Besten Gruß und nochmals vielen Dank:party:

Xorrie

Nochmals ein Hallo!
Ich habe mal AdwCleaner suchen lassen und das ist dabei, siehe Anhang, heraus gekommen.

C:\Program Files\SereneScreen ist ein Aquarium-Bildschirmschoner.

Mit freundlichen Grüßen

Xorrie

Hi,
da sollten wir schon eine Bereinigung durchziehen.

:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:

• Bitte arbeite alle Schritte der Reihe nach ab.
• Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
• Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
• Bitte kein Crossposting (posten in mehreren Foren).
• Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
• Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
• Poste die Logfiles direkt in Deinen Thread in Code-Tags.
• Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

MultiPlug-FVQ
 

Hallo Jürgen,
vielen Dank schon mal im Voraus.
Ich hoffe, dass ich alles richtig gemacht habe.
Mein Name ist Franz-Xaver, deshalb mein Spitzname "Xorrie" als Benutzername.[CODE][/CO
FRST Logfile:
--- --- ---
[CODE][/COAdditional scan result of Farbar Recovery Scan Tool (x86) Version: 04-03-2015
Ran by Franz-Xaver at 2015-03-04 19:52:54
Running from C:\Users\Franz-Xaver\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader OCR Engine für ScanWizard (HKLM\...\{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}) (Version: - )
Adblock Plus für IE (32-Bit) (HKLM\...\{654F389B-E402-4F7B-BA6D-DA732BB57ACB}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{DE7D695C-2EC7-AFDF-F786-6E938DE83175}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM\...\{91B33C97-D47B-F71A-455D-533CD6C3DC09}_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
CardRecovery 6.10 (HKLM\...\{88D68A69-D247-466B-90DD-575F6BE16230}_is1) (Version: - WinRecovery Software)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1708056501-3709124106-2672143446-1001\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{71F4FC17-1942-48E6-BC9F-56271AE74755}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Hilfe (HKLM\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kalenderchen 5 (HKLM\...\{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1) (Version: - Daniel Manger)
Lingoes 2.9.2 (HKLM\...\Lingoes Translator_is1) (Version: 2.9.2 - Lingoes Project)
McAfee Internet Security Suite (HKLM\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Virtual Technician (HKLM\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1708056501-3709124106-2672143446-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0 (x86 de) (HKLM\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
MyDriveConnect 3.3.0.1812 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
MyKeyFinder (HKLM\...\MyKeyFinder_is1) (Version: 2014 - Abelssoft)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RealDownloader (Version: 17.0.12 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.12 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - )
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SereneScreen Marine Aquarium 2.6 (HKLM\...\SereneScreen Marine Aquarium 2.6_is1) (Version: 2.6 - Prolific Publishing, Inc.)
SereneScreen Marine Aquarium 3 (HKLM\...\SereneScreen Marine Aquarium 3_is1) (Version: 3.0 - Prolific Publishing, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Studie zur Verbesserung von HP Deskjet 1000 J110 series Produkten (HKLM\...\{2F8EFDA0-1160-4484-B575-B24279DED5F4}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
swix (HKLM\...\{DAE0C545-FEFE-49C5-9474-670051E3CBA9}_is1) (Version: 4.2 - Daniel Reust)
TapinRadio 1.60.1 (HKLM\...\TapinRadio_is1) (Version: - Raimersoft)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.340 - TuneUp Software) Hidden
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Vista Shortcut Manager (HKLM\...\{47609E69-4C5E-48B1-A889-24C6B82B5C04}) (Version: 2.0 - Frameworkx)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points =========================

27-02-2015 14:48:23 McAfee Vulnerability Scanner
27-02-2015 21:03:51 Wiederherstellungsvorgang
27-02-2015 21:38:36 Revo Uninstaller's restore point - Google Chrome
27-02-2015 21:40:40 Revo Uninstaller's restore point - Google Chrome
27-02-2015 21:41:23 Revo Uninstaller's restore point - Google Chrome
27-02-2015 21:42:10 Revo Uninstaller's restore point - Google+ Auto Backup
27-02-2015 22:18:53 Windows Update
27-02-2015 22:43:06 Revo Uninstaller's restore point - RealPlayer Cloud
27-02-2015 22:46:57 Revo Uninstaller's restore point - RealPlayer Cloud
02-03-2015 00:28:44 Wiederherstellungsvorgang
02-03-2015 00:43:39 Revo Uninstaller's restore point - JetDrive
02-03-2015 00:46:03 Revo Uninstaller's restore point - Spybot - Search & Destroy
02-03-2015 00:48:06 Revo Uninstaller's restore point - Spybot - Search & Destroy
02-03-2015 00:51:34 Revo Uninstaller's restore point - CCleaner
02-03-2015 00:54:16 Revo Uninstaller's restore point - Secunia PSI (3.0.0.10004)
02-03-2015 01:01:59 Windows Update
02-03-2015 01:33:37 Revo Uninstaller's restore point - RealPlayer Cloud
02-03-2015 01:37:02 Revo Uninstaller's restore point - RealPlayer Cloud
02-03-2015 08:50:17 Revo Uninstaller's restore point - MyDriveConnect 3.3.0.1756
02-03-2015 08:56:23 Wiederherstellungsvorgang
02-03-2015 09:21:41 Windows Update
02-03-2015 09:37:59 Installed Adblock Plus for IE (32-bit)
02-03-2015 09:51:22 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.0.4.1028
02-03-2015 10:44:57 Alles läuft
02-03-2015 20:05:29 Windows-Sicherung
04-03-2015 17:24:05 Revo Uninstaller's restore point - Google Chrome
04-03-2015 17:37:02 Revo Uninstaller's restore point - JetDrive
04-03-2015 17:40:29 Revo Uninstaller's restore point - Spybot - Search & Destroy
04-03-2015 17:41:41 Revo Uninstaller's restore point - CCleaner
04-03-2015 18:08:31 Revo Uninstaller's restore point - Aquamarin Haushaltsbuch 2.9.2 b
04-03-2015 18:31:35 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09255380-7327-4480-B91D-89A8CE8B614E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {129A7EEF-6DF8-4824-97C4-AC11E0E8713E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1708056501-3709124106-2672143446-1001UA => C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-21] (Google Inc.)
Task: {1FCFC5BD-4D7E-4F1D-825E-383D44086EBD} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-24] (RealNetworks, Inc.)
Task: {2DA867B0-7ED8-435D-9F56-0D6C7EF01811} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-07-24] (RealNetworks, Inc.)
Task: {2DF7EC4F-8233-4152-9F18-A7920FEB4149} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2E32999F-7743-4104-88C1-2391AA4D8B06} - System32\Tasks\{DC14020A-4F8C-4DC3-B81B-E5AB812FED78} => pcalua.exe -a "C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe" -d C:\Users\Franz-Xaver\Desktop\Icons
Task: {4A475CED-BF82-4518-AFCB-BDE670AA0269} - System32\Tasks\ReclaimerUpdateXML_Franz-Xaver => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe [2015-02-08] (RealNetworks, Inc.)
Task: {70874997-D9FA-4106-80E3-61D49776BFFB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {72578D24-B841-4D47-81AC-F9E2203EC1C3} - System32\Tasks\RNUpgradeHelperLogonPrompt_Franz-Xaver => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe [2015-02-08] (RealNetworks, Inc.)
Task: {786CCA5B-3C99-46BB-B0C7-F226211EEBCD} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {79A8BAAD-8F2A-471C-8037-8B117A027613} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {7C054148-0A95-4C45-B19F-99F04C8BFAD0} - System32\Tasks\{7F423AD6-73BE-4378-9935-21303B0F6712} => pcalua.exe -a C:\Users\Franz-Xaver\Downloads\irfanview_plugins_438_setup(1).exe -d C:\Users\Franz-Xaver\Downloads
Task: {81ED74FA-89C3-4CE6-8A30-3DF6697DA6DA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-24] (RealNetworks, Inc.)
Task: {8450E2FE-D8F9-4702-B404-BBC188C6792A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {8C6B1131-6FED-4108-9452-824F3FE6407B} - System32\Tasks\{512A0E43-8380-45B2-A6FB-82AEA58C28F6} => pcalua.exe -a C:\Users\Franz-Xaver\Downloads\pantsoff(1).exe -d C:\Users\Franz-Xaver\Downloads
Task: {8DD99137-62A4-4A78-9C62-9C4D76E5419E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {95424444-AFF8-4071-AB94-E025DC863AEC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {A69EFA21-4D51-47EA-96CB-5D4C2DE0DDB9} - System32\Tasks\RNUpgradeHelperResumePrompt_Franz-Xaver => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe [2015-02-08] (RealNetworks, Inc.)
Task: {B4927734-B506-4644-9C29-DDF7A9ADF950} - System32\Tasks\SUSSXGQ => C:\ProgramData\ff8e396d4c654c0eaab0bc98beb6cf02\ff8e396d4c654c0eaab0bc98beb6cf02.exe
Task: {BE59BFB8-0193-444A-B10A-22664AC3F56C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1708056501-3709124106-2672143446-1001Core => C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-21] (Google Inc.)
Task: {C02A339B-CE32-4786-B54E-9EC9298D845B} - System32\Tasks\JetDrive => C:\Program Files\JetDrive\JetDrive.exe
Task: {C58EFEC2-592A-4741-BDCB-F39AE77F6DF5} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ASTERIX-Franz-Xaver ASTERIX => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
Task: {C6421B43-189F-4198-BD5F-916FBBEECA5C} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {C712A019-562C-49B3-92C3-15AD7CDA93C2} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {D3C57CB6-2780-4456-B09A-D59B4F1265A5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-07-24] (RealNetworks, Inc.)
Task: {DDB7CD3A-8E87-4B77-BD6D-DFEB952F3180} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe
Task: {E7972BC0-177E-4610-905C-F9065ABC892A} - System32\Tasks\ReclaimerUpdateFiles_Franz-Xaver => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe [2015-02-08] (RealNetworks, Inc.)
Task: {E863073C-BDC4-4468-A728-F0F98A1AB90D} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-07-24] (RealNetworks, Inc.)
Task: {EC2413E2-7B15-4D4A-AAA1-51BE04867C03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EED16CA5-DDAA-4323-BD5E-2F9EDF2C30D5} - System32\Tasks\PhotoProduct.exe => C:\Program Files\HP Photo Creations\PhotoProduct.exe [2010-07-01] (Visan / RocketLife)
Task: {F449E389-E5F0-40CC-9C43-13F4538A2339} - System32\Tasks\{D9630860-E8D5-4EB5-AAB3-38A7FF8AA0BC} => pcalua.exe -a C:\Users\Franz-Xaver\Downloads\irfanview_plugins_438_setup.exe -d C:\Users\Franz-Xaver\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708056501-3709124106-2672143446-1001Core.job => C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708056501-3709124106-2672143446-1001UA.job => C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\JetDrive.job => C:\Program Files\JetDrive\JetDrive.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Franz-Xaver.job => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Franz-Xaver.job => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Franz-Xaver.job => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) ==============

2014-07-24 11:47 - 2014-07-24 11:47 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-09-20 16:48 - 2014-09-20 16:48 - 00861784 _____ () c:\program files\real\realplayer\RPDS\Plugins\cldplin.dll
2014-07-24 14:06 - 2014-07-24 14:06 - 00023552 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-01-12 11:23 - 2012-01-12 11:23 - 00018432 _____ () C:\Users\Franz-Xaver\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2014-10-03 13:04 - 2014-10-03 13:04 - 00026488 _____ () C:\Program Files\MyDrive Connect\DeviceDetection.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00087416 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00398712 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll
2015-02-05 17:06 - 2015-02-05 17:06 - 16852144 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1708056501-3709124106-2672143446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Franz-Xaver\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\Windows\pss\Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Franz-Xaver^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OptimizerPro.lnk => C:\Windows\pss\OptimizerPro.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_D2C13C9444C4943518BADCD59958BD86 => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Lingoes => C:\Program Files\Lingoes\Translator2\Lingoes.exe -minimize
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot

==================== Accounts: =============================

Administrator (S-1-5-21-1708056501-3709124106-2672143446-500 - Administrator - Disabled)
Franz-Xaver (S-1-5-21-1708056501-3709124106-2672143446-1001 - Administrator - Enabled) => C:\Users\Franz-Xaver
Gast (S-1-5-21-1708056501-3709124106-2672143446-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1708056501-3709124106-2672143446-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Coprozessor
Description: Coprozessor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2015 07:30:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/04/2015 07:30:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/04/2015 07:29:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/04/2015 07:29:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/04/2015 06:38:49 PM) (Source: Service1) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Security Center Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Updating Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Scanner Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/04/2015 06:08:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Security Center Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/04/2015 06:08:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Updating Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (03/04/2015 06:42:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (03/04/2015 05:17:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (03/04/2015 05:13:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (03/04/2015 05:10:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎03.‎2015 um 01:16:08 unerwartet heruntergefahren.

Error: (03/04/2015 00:42:20 AM) (Source: DCOM) (EventID: 10016) (User: ASTERIX)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}ASTERIXFranz-XaverS-1-5-21-1708056501-3709124106-2672143446-1001LocalHost (unter Verwendung von LRPC)

Error: (03/04/2015 00:41:56 AM) (Source: DCOM) (EventID: 10016) (User: ASTERIX)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}ASTERIXFranz-XaverS-1-5-21-1708056501-3709124106-2672143446-1001LocalHost (unter Verwendung von LRPC)

Error: (03/04/2015 00:41:51 AM) (Source: DCOM) (EventID: 10016) (User: ASTERIX)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}ASTERIXFranz-XaverS-1-5-21-1708056501-3709124106-2672143446-1001LocalHost (unter Verwendung von LRPC)

Error: (03/04/2015 00:41:51 AM) (Source: DCOM) (EventID: 10016) (User: ASTERIX)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}ASTERIXFranz-XaverS-1-5-21-1708056501-3709124106-2672143446-1001LocalHost (unter Verwendung von LRPC)

Error: (03/04/2015 00:16:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ehRecvr erreicht.

Error: (03/04/2015 00:15:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ehRecvr erreicht.


Microsoft Office Sessions:
=========================
Error: (03/04/2015 07:30:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files\tapinradio\CrashReport.exe

Error: (03/04/2015 07:30:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\AMD\ATI.ACE\core-static\SLSTaskbar64.exe

Error: (03/04/2015 07:29:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1000 J110 series\DriverStore\Pipeline\amd64\hpinkins8811.exe

Error: (03/04/2015 07:29:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{7722483A-5FB8-4A2E-9422-6DA527A9173F}\recordingmanager.exe

Error: (03/04/2015 06:38:49 PM) (Source: Service1) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Security Center Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Updating Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Scanner Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/04/2015 06:08:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Security Center Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/04/2015 06:08:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Updating Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 50%
Total physical RAM: 3071.3 MB
Available physical RAM: 1521.16 MB
Total Pagefile: 6440.9 MB
Available Pagefile: 4598.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1869.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:471.91 GB) (Free:416.22 GB) NTFS
Drive h: (Volume) (Fixed) (Total:459.5 GB) (Free:457.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 009CCE01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=471.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=459.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================DE]DE]

Hi Xorrie,
mach mal bitte folgenden Fix:


Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...st/frstfix.png

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

• Starte FRST und drücke auf den Fix-Button.
• Das Tool erstellt eine "Fixlog.txt" -Datei.
• Poste mir bitte deren Inhalt.

Nach dem Reboot:

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Hallo Jürgen,
wenn ich den Fix-Button anklicke erscheint:
No fixlist.txt found.
The fixlist.txt should be in the same folder/directory the tool is located.

Speichere die Fixlist auch hier:

[COAdditional scan result of Farbar Recovery Scan Tool (x86) Version: 04-03-2015
Ran by Franz-Xaver at 2015-03-04 22:33:03
Running from C:\Users\Franz-Xaver\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader OCR Engine für ScanWizard (HKLM\...\{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}) (Version: - )
Adblock Plus für IE (32-Bit) (HKLM\...\{654F389B-E402-4F7B-BA6D-DA732BB57ACB}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{DE7D695C-2EC7-AFDF-F786-6E938DE83175}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM\...\{91B33C97-D47B-F71A-455D-533CD6C3DC09}_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
CardRecovery 6.10 (HKLM\...\{88D68A69-D247-466B-90DD-575F6BE16230}_is1) (Version: - WinRecovery Software)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1708056501-3709124106-2672143446-1001\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{71F4FC17-1942-48E6-BC9F-56271AE74755}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Hilfe (HKLM\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kalenderchen 5 (HKLM\...\{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1) (Version: - Daniel Manger)
Lingoes 2.9.2 (HKLM\...\Lingoes Translator_is1) (Version: 2.9.2 - Lingoes Project)
McAfee Internet Security Suite (HKLM\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Virtual Technician (HKLM\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1708056501-3709124106-2672143446-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0 (x86 de) (HKLM\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
MyDriveConnect 3.3.0.1812 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
MyKeyFinder (HKLM\...\MyKeyFinder_is1) (Version: 2014 - Abelssoft)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RealDownloader (Version: 17.0.12 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.12 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - )
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SereneScreen Marine Aquarium 2.6 (HKLM\...\SereneScreen Marine Aquarium 2.6_is1) (Version: 2.6 - Prolific Publishing, Inc.)
SereneScreen Marine Aquarium 3 (HKLM\...\SereneScreen Marine Aquarium 3_is1) (Version: 3.0 - Prolific Publishing, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Studie zur Verbesserung von HP Deskjet 1000 J110 series Produkten (HKLM\...\{2F8EFDA0-1160-4484-B575-B24279DED5F4}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
swix (HKLM\...\{DAE0C545-FEFE-49C5-9474-670051E3CBA9}_is1) (Version: 4.2 - Daniel Reust)
TapinRadio 1.60.1 (HKLM\...\TapinRadio_is1) (Version: - Raimersoft)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.340 - TuneUp Software) Hidden
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Vista Shortcut Manager (HKLM\...\{47609E69-4C5E-48B1-A889-24C6B82B5C04}) (Version: 2.0 - Frameworkx)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Google\Update\1.3.22.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1708056501-3709124106-2672143446-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Franz-Xaver\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points =========================

27-02-2015 14:48:23 McAfee Vulnerability Scanner
27-02-2015 21:03:51 Wiederherstellungsvorgang
27-02-2015 21:38:36 Revo Uninstaller's restore point - Google Chrome
27-02-2015 21:40:40 Revo Uninstaller's restore point - Google Chrome
27-02-2015 21:41:23 Revo Uninstaller's restore point - Google Chrome
27-02-2015 21:42:10 Revo Uninstaller's restore point - Google+ Auto Backup
27-02-2015 22:18:53 Windows Update
27-02-2015 22:43:06 Revo Uninstaller's restore point - RealPlayer Cloud
27-02-2015 22:46:57 Revo Uninstaller's restore point - RealPlayer Cloud
02-03-2015 00:28:44 Wiederherstellungsvorgang
02-03-2015 00:43:39 Revo Uninstaller's restore point - JetDrive
02-03-2015 00:46:03 Revo Uninstaller's restore point - Spybot - Search & Destroy
02-03-2015 00:48:06 Revo Uninstaller's restore point - Spybot - Search & Destroy
02-03-2015 00:51:34 Revo Uninstaller's restore point - CCleaner
02-03-2015 00:54:16 Revo Uninstaller's restore point - Secunia PSI (3.0.0.10004)
02-03-2015 01:01:59 Windows Update
02-03-2015 01:33:37 Revo Uninstaller's restore point - RealPlayer Cloud
02-03-2015 01:37:02 Revo Uninstaller's restore point - RealPlayer Cloud
02-03-2015 08:50:17 Revo Uninstaller's restore point - MyDriveConnect 3.3.0.1756
02-03-2015 08:56:23 Wiederherstellungsvorgang
02-03-2015 09:21:41 Windows Update
02-03-2015 09:37:59 Installed Adblock Plus for IE (32-bit)
02-03-2015 09:51:22 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.0.4.1028
02-03-2015 10:44:57 Alles läuft
02-03-2015 20:05:29 Windows-Sicherung
04-03-2015 17:24:05 Revo Uninstaller's restore point - Google Chrome
04-03-2015 17:37:02 Revo Uninstaller's restore point - JetDrive
04-03-2015 17:40:29 Revo Uninstaller's restore point - Spybot - Search & Destroy
04-03-2015 17:41:41 Revo Uninstaller's restore point - CCleaner
04-03-2015 18:08:31 Revo Uninstaller's restore point - Aquamarin Haushaltsbuch 2.9.2 b
04-03-2015 18:31:35 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09255380-7327-4480-B91D-89A8CE8B614E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {129A7EEF-6DF8-4824-97C4-AC11E0E8713E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1708056501-3709124106-2672143446-1001UA => C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-21] (Google Inc.)
Task: {1FCFC5BD-4D7E-4F1D-825E-383D44086EBD} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-24] (RealNetworks, Inc.)
Task: {2DA867B0-7ED8-435D-9F56-0D6C7EF01811} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-07-24] (RealNetworks, Inc.)
Task: {2DF7EC4F-8233-4152-9F18-A7920FEB4149} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2E32999F-7743-4104-88C1-2391AA4D8B06} - System32\Tasks\{DC14020A-4F8C-4DC3-B81B-E5AB812FED78} => pcalua.exe -a "C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe" -d C:\Users\Franz-Xaver\Desktop\Icons
Task: {4A475CED-BF82-4518-AFCB-BDE670AA0269} - System32\Tasks\ReclaimerUpdateXML_Franz-Xaver => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe [2015-02-08] (RealNetworks, Inc.)
Task: {70874997-D9FA-4106-80E3-61D49776BFFB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {72578D24-B841-4D47-81AC-F9E2203EC1C3} - System32\Tasks\RNUpgradeHelperLogonPrompt_Franz-Xaver => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe [2015-02-08] (RealNetworks, Inc.)
Task: {786CCA5B-3C99-46BB-B0C7-F226211EEBCD} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {79A8BAAD-8F2A-471C-8037-8B117A027613} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {7C054148-0A95-4C45-B19F-99F04C8BFAD0} - System32\Tasks\{7F423AD6-73BE-4378-9935-21303B0F6712} => pcalua.exe -a C:\Users\Franz-Xaver\Downloads\irfanview_plugins_438_setup(1).exe -d C:\Users\Franz-Xaver\Downloads
Task: {81ED74FA-89C3-4CE6-8A30-3DF6697DA6DA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-24] (RealNetworks, Inc.)
Task: {8450E2FE-D8F9-4702-B404-BBC188C6792A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {8C6B1131-6FED-4108-9452-824F3FE6407B} - System32\Tasks\{512A0E43-8380-45B2-A6FB-82AEA58C28F6} => pcalua.exe -a C:\Users\Franz-Xaver\Downloads\pantsoff(1).exe -d C:\Users\Franz-Xaver\Downloads
Task: {8DD99137-62A4-4A78-9C62-9C4D76E5419E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {95424444-AFF8-4071-AB94-E025DC863AEC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {A69EFA21-4D51-47EA-96CB-5D4C2DE0DDB9} - System32\Tasks\RNUpgradeHelperResumePrompt_Franz-Xaver => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe [2015-02-08] (RealNetworks, Inc.)
Task: {B4927734-B506-4644-9C29-DDF7A9ADF950} - System32\Tasks\SUSSXGQ => C:\ProgramData\ff8e396d4c654c0eaab0bc98beb6cf02\ff8e396d4c654c0eaab0bc98beb6cf02.exe
Task: {BE59BFB8-0193-444A-B10A-22664AC3F56C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1708056501-3709124106-2672143446-1001Core => C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-21] (Google Inc.)
Task: {C02A339B-CE32-4786-B54E-9EC9298D845B} - System32\Tasks\JetDrive => C:\Program Files\JetDrive\JetDrive.exe
Task: {C58EFEC2-592A-4741-BDCB-F39AE77F6DF5} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ASTERIX-Franz-Xaver ASTERIX => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
Task: {C6421B43-189F-4198-BD5F-916FBBEECA5C} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {C712A019-562C-49B3-92C3-15AD7CDA93C2} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {D3C57CB6-2780-4456-B09A-D59B4F1265A5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-07-24] (RealNetworks, Inc.)
Task: {DDB7CD3A-8E87-4B77-BD6D-DFEB952F3180} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe
Task: {E7972BC0-177E-4610-905C-F9065ABC892A} - System32\Tasks\ReclaimerUpdateFiles_Franz-Xaver => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe [2015-02-08] (RealNetworks, Inc.)
Task: {E863073C-BDC4-4468-A728-F0F98A1AB90D} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1708056501-3709124106-2672143446-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-07-24] (RealNetworks, Inc.)
Task: {EC2413E2-7B15-4D4A-AAA1-51BE04867C03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EED16CA5-DDAA-4323-BD5E-2F9EDF2C30D5} - System32\Tasks\PhotoProduct.exe => C:\Program Files\HP Photo Creations\PhotoProduct.exe [2010-07-01] (Visan / RocketLife)
Task: {F449E389-E5F0-40CC-9C43-13F4538A2339} - System32\Tasks\{D9630860-E8D5-4EB5-AAB3-38A7FF8AA0BC} => pcalua.exe -a C:\Users\Franz-Xaver\Downloads\irfanview_plugins_438_setup.exe -d C:\Users\Franz-Xaver\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708056501-3709124106-2672143446-1001Core.job => C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708056501-3709124106-2672143446-1001UA.job => C:\Users\Franz-Xaver\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\JetDrive.job => C:\Program Files\JetDrive\JetDrive.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Franz-Xaver.job => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Franz-Xaver.job => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Franz-Xaver.job => C:\Users\Franz-Xaver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.04\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) ==============

2014-07-24 11:47 - 2014-07-24 11:47 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-09-20 16:48 - 2014-09-20 16:48 - 00861784 _____ () c:\program files\real\realplayer\RPDS\Plugins\cldplin.dll
2014-07-24 14:06 - 2014-07-24 14:06 - 00023552 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-01-12 11:23 - 2012-01-12 11:23 - 00018432 _____ () C:\Users\Franz-Xaver\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2014-10-03 13:04 - 2014-10-03 13:04 - 00026488 _____ () C:\Program Files\MyDrive Connect\DeviceDetection.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00087416 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00398712 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll
2015-02-05 17:06 - 2015-02-05 17:06 - 16852144 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1708056501-3709124106-2672143446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Franz-Xaver\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\Windows\pss\Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Franz-Xaver^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OptimizerPro.lnk => C:\Windows\pss\OptimizerPro.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_D2C13C9444C4943518BADCD59958BD86 => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Lingoes => C:\Program Files\Lingoes\Translator2\Lingoes.exe -minimize
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot

==================== Accounts: =============================

Administrator (S-1-5-21-1708056501-3709124106-2672143446-500 - Administrator - Disabled)
Franz-Xaver (S-1-5-21-1708056501-3709124106-2672143446-1001 - Administrator - Enabled) => C:\Users\Franz-Xaver
Gast (S-1-5-21-1708056501-3709124106-2672143446-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1708056501-3709124106-2672143446-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Coprozessor
Description: Coprozessor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2015 07:30:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/04/2015 07:30:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/04/2015 07:29:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/04/2015 07:29:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/04/2015 06:38:49 PM) (Source: Service1) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Security Center Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Updating Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Scanner Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/04/2015 06:08:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Security Center Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/04/2015 06:08:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Updating Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (03/04/2015 06:42:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (03/04/2015 05:17:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (03/04/2015 05:13:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126

Error: (03/04/2015 05:10:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎03.‎2015 um 01:16:08 unerwartet heruntergefahren.

Error: (03/04/2015 00:42:20 AM) (Source: DCOM) (EventID: 10016) (User: ASTERIX)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}ASTERIXFranz-XaverS-1-5-21-1708056501-3709124106-2672143446-1001LocalHost (unter Verwendung von LRPC)

Error: (03/04/2015 00:41:56 AM) (Source: DCOM) (EventID: 10016) (User: ASTERIX)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}ASTERIXFranz-XaverS-1-5-21-1708056501-3709124106-2672143446-1001LocalHost (unter Verwendung von LRPC)

Error: (03/04/2015 00:41:51 AM) (Source: DCOM) (EventID: 10016) (User: ASTERIX)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}ASTERIXFranz-XaverS-1-5-21-1708056501-3709124106-2672143446-1001LocalHost (unter Verwendung von LRPC)

Error: (03/04/2015 00:41:51 AM) (Source: DCOM) (EventID: 10016) (User: ASTERIX)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}ASTERIXFranz-XaverS-1-5-21-1708056501-3709124106-2672143446-1001LocalHost (unter Verwendung von LRPC)

Error: (03/04/2015 00:16:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ehRecvr erreicht.

Error: (03/04/2015 00:15:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ehRecvr erreicht.


Microsoft Office Sessions:
=========================
Error: (03/04/2015 07:30:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files\tapinradio\CrashReport.exe

Error: (03/04/2015 07:30:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\AMD\ATI.ACE\core-static\SLSTaskbar64.exe

Error: (03/04/2015 07:29:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1000 J110 series\DriverStore\Pipeline\amd64\hpinkins8811.exe

Error: (03/04/2015 07:29:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{7722483A-5FB8-4A2E-9422-6DA527A9173F}\recordingmanager.exe

Error: (03/04/2015 06:38:49 PM) (Source: Service1) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Security Center Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Updating Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/04/2015 06:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Scanner Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/04/2015 06:08:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Security Center Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/04/2015 06:08:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Spybot-S&D 2 Updating Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 53%
Total physical RAM: 3071.3 MB
Available physical RAM: 1421.71 MB
Total Pagefile: 6440.9 MB
Available Pagefile: 4445.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1889.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:471.91 GB) (Free:414.89 GB) NTFS
Drive h: (Volume) (Fixed) (Total:459.5 GB) (Free:457.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 009CCE01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=471.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=459.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Bist Du sicher dass Du auch den Fix ausgeführt hast?

Nochmal: Bitte lade die angehängte Datei ins Downloadsverzeichnis. Starte FRST, drücke den FIX Button. Warte bis der Fix durchgelaufen ist, starte den PC neu. Poste das Fixlog.txt (auch im Downloadverzeichnis) und dann wiederhole den Scan und poste die beiden Logs.

Ich habe FRST gestartet, Fix angeklickt und es tut sich nichts, es erscheint nur:

No fixlist.txt found.

The fixlist.txt should be in the same folder/directory the tool is located.

Die FRST.exe liegt hier:

Dort muss auch die Fixlist.txt gespeichert werden damit der Fix funktioniert.

Nicht ohne Grund weisen wir die User an, alles auf den Desktop zu speichern... ;)

Ich hoffe, dass das richtig ist.?

[COD
FRST Logfile:
--- --- ---
E][/CODE]

Hast Du auf den Fix-Button geklickt? Wo ist das Fixlog....:)