Marvel333 | 05.05.2015 18:15 | log von ESET Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=99ef06235290b14fa4b095ab1c5ddd1b
# engine=23702
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-05 02:53:40
# local_time=2015-05-05 04:53:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 22678 268370348 0 0
# scanned=208521
# found=1
# cleaned=0
# scan_time=7686
sh=1658A2A3C75D44161B2D1A185447A88D7F656E37 ft=1 fh=67c324132214aaee vn="MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir" Code:
Results of screen317's Security Check version 1.001
Windows Vista Service Pack 1 x86 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java(TM) 6 Update 4
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader 10.1.13 Adobe Reader out of Date!
Mozilla Firefox (37.0.2)
Mozilla Thunderbird (31.6.0)
Google Chrome (42.0.2311.135)
Google Chrome (42.0.2311.90) ````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
Results of screen317's Security Check version 1.001
Windows Vista Service Pack 1 x86 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java(TM) 6 Update 4
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader 10.1.13 Adobe Reader out of Date!
Mozilla Firefox (37.0.2)
Mozilla Thunderbird (31.6.0)
Google Chrome (42.0.2311.135)
Google Chrome (42.0.2311.90) ````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-05-2015
Ran by Marvin (administrator) on MARVIN-PC on 05-05-2015 19:03:57
Running from C:\Users\Marvin\Downloads
Loaded Profiles: Marvin (Available profiles: Marvin)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\ProgramData\MobileBrServ\mbbService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Clarus, Inc.) C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
(Creative Technology Ltd.) C:\Windows\V0420Mon.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(DT Soft Ltd.) C:\Program Files\DAEMON Tools\daemon.exe
(Clarus, Inc.) C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Clarus, Inc.) C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Clarus, Inc.) C:\Program Files\Clarus\Samsung Drive Manager\SZDrvMon.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Farbar) C:\Users\Marvin\Downloads\FRST(3).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [144784 2007-12-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [C:\Windows\system32\V0420Cvw.dll] => C:\Windows\system32\RegSvr32.exe /s C:\Windows\system32\V0420Cvw.dll
HKLM\...\Run: [V0420Mon.exe] => C:\Windows\V0420Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3812302364-2943708330-2316275247-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3812302364-2943708330-2316275247-1003\...\Run: [DAEMON Tools] => C:\Program Files\DAEMON Tools\daemon.exe [171464 2007-09-18] (DT Soft Ltd.)
HKU\S-1-5-21-3812302364-2943708330-2316275247-1003\...\Run: [Samsung Drive Manager] => C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe [5797496 2011-05-26] (Clarus, Inc.)
HKU\S-1-5-21-3812302364-2943708330-2316275247-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3812302364-2943708330-2316275247-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [221184 2008-01-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk [2012-12-28]
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk [2008-09-28]
ShortcutTarget: OpenOffice.org 2.4.lnk -> C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3812302364-2943708330-2316275247-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3812302364-2943708330-2316275247-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003 -> {BE9654C9-9D79-42ec-B55A-3CAEB12DBF58} URL =
SearchScopes: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14] (Sun Microsystems, Inc.)
BHO: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} -> No File
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
BHO: Windows Live Toolbar Helper -> {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -> C:\Program Files\Windows Live Toolbar\msntb.dll No File
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll No File
Toolbar: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003 -> Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [2007-10-18] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [2007-10-18] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\wezz5qey.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\wezz5qey.default\searchplugins\heinzelnisse.xml [2009-11-20]
FF SearchPlugin: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\wezz5qey.default\searchplugins\web-search-powered-by-google.xml [2014-09-02]
FF SearchPlugin: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\wezz5qey.default\searchplugins\youtube-videosuche.xml [2010-10-13]
FF Extension: Ebank2 Plugin - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\wezz5qey.default\Extensions\npebank2@kh.hu [2013-03-08]
FF Extension: ProxTube - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\wezz5qey.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-08-03]
FF Extension: LEO Search - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\wezz5qey.default\Extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi [2012-10-23]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-08]
Chrome:
=======
CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-09-19]
CHR HKLM\...\Chrome\Extension: [${CHROME_KEY}] - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibar.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2004-07-15] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 SZDrvSvc; C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe [19456 2011-05-26] (Clarus, Inc.) [File not signed]
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-07-11] (SAMSUNG ELECTRONICS CO., LTD.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 mdf16; C:\Program Files\Clarus\Samsung Drive Manager\mdf16.sys [18288 2011-03-11] ()
R3 mvd23; C:\Program Files\Clarus\Samsung Drive Manager\mvd23.sys [90944 2011-05-19] ()
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2010-03-27] () [File not signed]
S3 V0420VID; C:\Windows\System32\DRIVERS\V0420Vid.sys [99648 2007-05-31] (Creative Technology Ltd.)
U3 asiqry5l; C:\Windows\system32\Drivers\asiqry5l.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\Users\Marvin\AppData\Local\Temp\catchme.sys [X]
S3 dsNcAdpt; system32\DRIVERS\dsNcAdpt.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-05 19:03 - 2015-05-05 19:03 - 01140736 _____ (Farbar) C:\Users\Marvin\Downloads\FRST(3).exe
2015-05-05 19:01 - 2015-05-05 19:03 - 00001253 _____ () C:\Users\Marvin\Desktop\checkup.txt
2015-05-05 18:21 - 2015-05-05 18:21 - 00852630 _____ () C:\Users\Marvin\Downloads\SecurityCheck.exe
2015-05-05 14:40 - 2015-05-05 14:40 - 02347384 _____ (ESET) C:\Users\Marvin\Downloads\esetsmartinstaller_deu.exe
2015-05-04 17:33 - 2015-05-04 17:33 - 00050925 _____ () C:\Users\Marvin\Desktop\Addition2.txt
2015-05-04 17:26 - 2015-05-04 17:26 - 00023567 _____ () C:\Users\Marvin\Desktop\FRST2.txt
2015-05-04 17:21 - 2015-05-04 17:21 - 01140736 _____ (Farbar) C:\Users\Marvin\Downloads\FRST(2).exe
2015-05-04 17:15 - 2015-05-04 17:15 - 00002064 _____ () C:\Users\Marvin\Desktop\JRT.txt
2015-05-04 17:11 - 2015-05-04 17:11 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MARVIN-PC-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-05-04 17:10 - 2015-05-04 17:10 - 00000000 ____D () C:\RegBackup
2015-05-04 17:09 - 2015-05-04 17:10 - 02716306 _____ (Thisisu) C:\Users\Marvin\Downloads\JRT.exe
2015-05-04 16:57 - 2015-05-04 16:57 - 00016967 _____ () C:\Users\Marvin\Desktop\AdwCleaner[S0].txt
2015-05-04 15:21 - 2015-05-04 15:23 - 02204160 _____ () C:\Users\Marvin\Desktop\AdwCleaner_4.203(1).exe
2015-05-04 15:02 - 2015-05-04 16:51 - 00000000 ____D () C:\AdwCleaner
2015-05-04 15:01 - 2015-05-04 15:02 - 02204160 _____ () C:\Users\Marvin\Downloads\AdwCleaner_4.203.exe
2015-05-04 14:33 - 2015-05-04 14:33 - 00001222 _____ () C:\Users\Marvin\Desktop\mbma.txt
2015-05-04 13:39 - 2015-05-05 15:30 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-04 13:35 - 2015-05-04 13:35 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-04 13:35 - 2015-05-04 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-04 13:35 - 2015-05-04 13:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-04 13:35 - 2015-05-04 13:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-04 13:35 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-04 13:35 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-04 13:35 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-04 13:33 - 2015-05-04 13:33 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Marvin\Downloads\mbam-setup-2.1.6.1022(1).exe
2015-05-04 13:32 - 2015-05-04 13:32 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Marvin\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-03 15:10 - 2015-05-03 15:10 - 00010743 _____ () C:\ComboFix.txt
2015-05-03 14:54 - 2015-05-03 15:10 - 00000000 ____D () C:\ComboFix
2015-05-03 14:51 - 2015-05-03 14:53 - 05619691 _____ (Swearware) C:\Users\Marvin\Downloads\ComboFix(2).exe
2015-05-03 14:34 - 2015-05-03 14:34 - 05619691 _____ (Swearware) C:\Users\Marvin\Downloads\ComboFix(1).exe
2015-05-03 14:30 - 2015-05-04 16:53 - 00054558 _____ () C:\Windows\PFRO.log
2015-05-03 11:11 - 2015-05-03 15:10 - 00000000 ____D () C:\Qoobox
2015-05-03 11:11 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-03 11:11 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-03 11:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-03 11:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-03 11:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-03 11:11 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-03 11:11 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-03 11:11 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-03 11:10 - 2015-05-03 11:27 - 00000000 ____D () C:\Windows\erdnt
2015-05-03 11:08 - 2015-05-03 14:50 - 05619691 ____R (Swearware) C:\Users\Marvin\Downloads\ComboFix.exe
2015-05-03 10:27 - 2015-05-03 10:27 - 00001057 _____ () C:\Users\Marvin\Desktop\Revo Uninstaller.lnk
2015-05-03 10:26 - 2015-05-03 10:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Marvin\Downloads\revosetup95.exe
2015-05-03 10:26 - 2015-05-03 10:26 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-05-02 12:38 - 2015-05-02 12:38 - 00051696 _____ () C:\Users\Marvin\Desktop\Addition.txt
2015-05-02 12:01 - 2015-05-02 12:01 - 01140736 _____ (Farbar) C:\Users\Marvin\Downloads\FRST(1).exe
2015-05-02 00:44 - 2015-05-04 17:32 - 00050925 _____ () C:\Users\Marvin\Downloads\Addition.txt
2015-05-02 00:36 - 2015-05-05 19:03 - 00016081 _____ () C:\Users\Marvin\Downloads\FRST.txt
2015-05-02 00:35 - 2015-05-05 19:04 - 00000000 ____D () C:\FRST
2015-05-02 00:35 - 2015-05-02 00:35 - 01140736 _____ (Farbar) C:\Users\Marvin\Downloads\FRST.exe
2015-05-02 00:33 - 2015-05-02 00:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-02 00:33 - 2015-05-02 00:33 - 00000000 _____ () C:\Windows\setupact.log
2015-04-21 11:54 - 2015-04-21 11:55 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-08 16:01 - 2015-04-08 16:01 - 00015918 _____ () C:\Users\Marvin\Documents\Bewerbung_Ketchum Pleon_ Trainee für den Bereich Internationale Consumer- und Lifestyle PR_Marvin Woltering.mht
2015-04-08 08:34 - 2015-04-08 08:52 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-05 19:01 - 2008-12-05 01:15 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Skype
2015-05-05 18:58 - 2009-09-20 11:54 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-05 18:56 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 18:56 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 18:25 - 2012-05-02 15:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 18:13 - 2012-02-12 15:26 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\MediaMonkey
2015-05-05 17:11 - 2007-09-09 20:58 - 00000420 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{9EAB2C29-4772-4909-93A0-861FD4D7901E}.job
2015-05-05 14:38 - 2006-11-02 12:33 - 01504342 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-05 13:58 - 2009-09-20 11:54 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-05 13:58 - 2007-07-11 01:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-05 13:27 - 2007-08-14 10:32 - 02060686 _____ () C:\Windows\WindowsUpdate.log
2015-05-05 13:00 - 2008-09-28 21:19 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\OpenOffice.org2
2015-05-05 12:56 - 2013-08-06 22:02 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-05-05 12:56 - 2006-11-02 15:01 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-05 12:56 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 12:42 - 2007-07-11 00:17 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-05-04 16:37 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\tracing
2015-05-04 16:07 - 2012-02-12 14:12 - 00000000 ____D () C:\ProgramData\InstallMate
2015-05-04 14:31 - 2013-11-16 22:01 - 00000000 ____D () C:\temp
2015-05-04 10:55 - 2015-01-21 17:17 - 00000000 ____D () C:\Users\Marvin\Desktop\Bewerbungsmappe
2015-05-03 15:06 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2015-05-03 11:30 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2015-05-03 11:30 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2015-05-01 11:05 - 2009-09-20 11:58 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-23 07:48 - 2012-10-23 10:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-20 07:57 - 2010-01-11 15:25 - 00000000 ___RD () C:\Program Files\Skype
2015-04-20 07:57 - 2008-12-05 01:13 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 12:27 - 2012-05-02 15:30 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 12:27 - 2011-12-07 12:51 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2013-09-11 17:29 - 2013-09-11 17:29 - 0024206 _____ () C:\Users\Marvin\AppData\Roaming\UserTile.png
2007-09-17 15:37 - 2012-12-08 16:19 - 0068608 _____ () C:\Users\Marvin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-12-20 12:56 - 2007-12-20 12:56 - 0000094 _____ () C:\Users\Marvin\AppData\Local\fusioncache.dat
2010-03-29 16:54 - 2011-11-04 18:45 - 0004096 ____H () C:\Users\Marvin\AppData\Local\keyfile3.drm
2007-10-16 19:35 - 2013-04-06 21:58 - 0026578 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Marvin\AppData\Local\Temp\Quarantine.exe
C:\Users\Marvin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-05 13:03
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-05-2015
Ran by Marvin at 2015-05-05 19:13:51
Running from C:\Users\Marvin\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3812302364-2943708330-2316275247-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3812302364-2943708330-2316275247-1020 - Limited - Enabled)
Gast (S-1-5-21-3812302364-2943708330-2316275247-501 - Limited - Disabled)
Marvin (S-1-5-21-3812302364-2943708330-2316275247-1003 - Administrator - Enabled) => C:\Users\Marvin
SophosSAUMARVIN-PC0 (S-1-5-21-3812302364-2943708330-2316275247-1008 - Limited - Enabled)
SophosSAUMARVIN-PC1 (S-1-5-21-3812302364-2943708330-2316275247-1013 - Limited - Enabled)
SophosSAUMARVIN-PC2 (S-1-5-21-3812302364-2943708330-2316275247-1018 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
ATI Catalyst Install Manager (HKLM\...\{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}) (Version: 3.0.641.0 - ATI Technologies, Inc.)
ccc-core-static (Version: 2007.0621.1715.28924 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Creative Live! Cam Vista IM Driver (1.00.03.0000) (HKLM\...\Creative VF0420) (Version: - )
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.1 - )
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hervorhebe-Funktion (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
imagine digital freedom - Samsung (HKLM\...\{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}) (Version: 1.0.2.0 - Samsung Electronics Co., LTD)
Java(TM) 6 Update 4 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160040}) (Version: 1.6.0.40 - Sun Microsystems, Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MediaMonkey 4.0 (HKLM\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2416447) (HKLM\...\M2416447) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office PowerPoint Viewer 2003 (HKLM\...\{90AF0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8305.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FDE96E86-7780-431C-92F7-679C6A7CEC51}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 2.4 (HKLM\...\{43721D86-16D1-46BF-8353-37CD82333BC3}) (Version: 2.4.9310 - OpenOffice.org)
PDF24 Creator 6.0.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Drive Manager (HKLM\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.140 - Clarus)
Skins (Version: 2007.0621.1715.28924 - ATI) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VideoLAN VLC media player 0.8.6c (HKLM\...\VLC media player) (Version: 0.8.6c - VideoLAN Team)
Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Favorites für Windows Live Toolbar (HKLM\...\{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}) (Version: 03.01.0146 - Microsoft Corporation)
Windows Live installer (HKLM\...\{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}) (Version: 12.0.1471.1025 - Microsoft Corporation)
Windows Live Messenger (HKLM\...\{2B091530-69AA-442E-AB09-39ED06B58220}) (Version: 8.5.1302.1018 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\Marvin\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3812302364-2943708330-2316275247-1003_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2015-05-03 11:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {3E7F004C-952E-4326-B764-AE0FCA2ED570} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {66262128-77BC-4C4D-9ABD-DDB3A4A314EC} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
Task: {7C78DD48-01AB-425E-A4F1-3E87451B3C7A} - System32\Tasks\{6706F336-7BA5-4370-A82C-A7AC9F055872} => pcalua.exe -a "C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe" -c -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
Task: {B2E3BFF5-D5AC-4835-9E58-BFCCA72C2984} - System32\Tasks\{E436749C-18B2-4202-9AEC-D4745F416333} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.104/en/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;systemlevelpresent
Task: {D78CEBD1-F971-4FA5-AD71-1DB08426EC06} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2007-06-01] (SAMSUNG Electronics)
Task: {DA5EC99D-4C71-4DD4-B5C0-6001FBFA4D03} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-25] (Google Inc.)
Task: {DB0E9DA4-B43A-484D-B076-26F9FC5BDD94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-25] (Google Inc.)
Task: {E35C91ED-18E1-4F0B-AD6D-DAA78317DD43} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2007-06-29] (SAMSUNG Electronics co., LTD.)
Task: {E652F474-AD61-4358-8EBA-5A46108F89B8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{9EAB2C29-4772-4909-93A0-861FD4D7901E}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) ==============
2015-01-02 20:39 - 2014-02-15 08:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2009-09-17 20:01 - 2009-08-16 17:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll
2006-11-02 12:25 - 2007-06-13 17:11 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2007-07-11 00:49 - 2007-02-23 11:32 - 00065536 _____ () C:\Program Files\Samsung\EBM\ChkSec.dll
2007-07-11 00:45 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2007-07-11 00:45 - 2006-09-19 02:52 - 00028672 _____ () C:\Program Files\Samsung\Easy Display Manager\WinMove.dll
2007-07-16 09:59 - 2007-07-16 09:59 - 00007680 _____ () C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll
2008-06-12 23:51 - 2008-01-19 09:35 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2007-12-19 15:04 - 2007-12-19 15:04 - 00828416 _____ () C:\Program Files\OpenOffice.org 2.4\program\libxml2.dll
2015-04-15 12:27 - 2015-04-15 12:27 - 16863920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3812302364-2943708330-2316275247-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{B5257111-868D-4D62-8D67-ED79580751EA}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe
FirewallRules: [{C296273D-2D11-46EF-A8D7-1B7FB5B25603}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe
FirewallRules: [TCP Query User{E225BE6B-04AB-4BBF-AB10-22202D423515}C:\program files\icq6\icq.exe] => (Allow) C:\program files\icq6\icq.exe
FirewallRules: [UDP Query User{B530DFE8-A759-4035-A882-120E540E6590}C:\program files\icq6\icq.exe] => (Allow) C:\program files\icq6\icq.exe
FirewallRules: [{2CEF263C-8BA0-42E3-8CCA-C313204E42C0}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6010843B-93E2-4DCD-9BD2-AE79105C42E0}] => (Allow) svchost.exe
FirewallRules: [{368988DD-952B-41AC-B1EF-56C68B1469B9}] => (Allow) C:\Program Files\Windows Live\Messenger\livecall.exe
FirewallRules: [TCP Query User{3CF7BA38-B514-4224-BE56-FA964C528B43}C:\program files\icq6\icq.exe] => (Block) C:\program files\icq6\icq.exe
FirewallRules: [UDP Query User{9F722EDA-A541-42D9-9781-959C0CD3713B}C:\program files\icq6\icq.exe] => (Block) C:\program files\icq6\icq.exe
FirewallRules: [TCP Query User{E5F8B51E-D693-441E-B706-53B404E39B4E}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5CA16B04-49F2-4A4F-A3E9-40E5870A26E9}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{8818E1D2-F265-41C7-A8ED-25513C124895}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{D675D461-3D2D-4291-93FE-9BABABE1B137}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{CB66578F-A59D-40B5-A77F-2267897411C6}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{D678793D-1252-45B4-8104-27F0032F7970}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{75E5D634-7E57-4100-A4B6-27B008D73F86}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B096C300-DC47-43E2-BEE5-79DB8D4BE6BE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{9EDFC4B2-36E9-4933-861A-81B4B5471B7E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C47735F3-B242-426E-80A2-599419DEC517}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{19129BFF-6538-4B8A-8CE5-D9A3AAE18E41}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{64D93662-F765-4682-BB58-872C074C8901}] => (Allow) C:\Program Files\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{3A86E1CD-C4F1-41C2-AFAA-CFE2D0121900}] => (Allow) C:\Program Files\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{7C5B0686-4816-4094-9F4D-5EF45EBABC29}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{703E1ADC-9BDB-4D7E-A719-4BD24CB934AF}] => (Allow) C:\Program Files\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{7BCCE7B8-1341-4AB0-8427-32F627DB80EE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6F814957-2CAE-48B1-B51A-560A762092A5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{47BF6113-61BB-41A6-907B-691A6BAF6E04}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{87AE2AC7-EEF8-469B-97E3-E6D6A78C1614}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{6359B130-51D5-4261-85F3-DD9BC34D11B5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{34868F23-94D1-4302-9DAF-DE3BD5DB5463}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{37B67640-DF03-49EC-8810-9711F427ABAD}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E4F47131-20F6-485C-80E7-55762F764D89}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6139CC02-1041-4DFE-8D7F-29254950F5AC}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A81CADE0-01C2-4E4C-BD5F-F98B3BBB8E8A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{EFA1050B-CA56-4C32-B9F0-FE7C254C1CB0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0B2F250A-A068-49A0-A83A-2ACA4DA01227}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{28BFDD2B-C164-40B0-B67C-F66A21E5CD0B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BE611FAE-1791-45A8-875B-39BE5542B92E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{89830041-858E-47B9-B91A-EF6C30FE9D6D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{976EC848-6C38-4562-80DB-156A0E4E2922}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{1A89D743-9670-4959-8AF5-4C0E33D31A92}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CE869513-76C0-4BEC-9B8B-4E6661932013}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{86ACA73B-2EF8-427E-A46E-E7296155B7AD}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CB9A8E6C-95B4-4A7A-8E18-7722CB8F9CA2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CAA017D3-1702-4A80-8231-6D96A9B2AEAE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{1D1B32D3-63FA-49F0-8801-835032D1C51E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F40EEAA2-AFB0-4399-A8D2-0655F2AC5182}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B2940BC9-B9F6-4866-8F7A-F85332FAF905}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{34A08910-D8AA-407E-AFB5-6A0317DA3BCB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B36567A8-6AA2-44AD-89A0-3B9AF3B83146}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{38DCE8B3-D66A-4171-8799-8CAD70BFFA4B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FBE6465B-6FFF-4A63-BA8D-D437351F96F3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8CDB4996-573D-4CDB-B275-220328462482}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AE6CAA14-EEC1-447D-969C-76FEFF3A3E2A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{35D1EF9E-20E9-4AD1-AF4A-E3B434642196}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{D0DBB451-AEC8-46D4-AB07-CECB596D79DE}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{39321C03-0771-42C3-B085-544657699A6E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E79C6DB8-D253-44F3-8315-5B9ADFE306B2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{72A2F584-EC79-4C61-B904-099F5EBFBC1B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0CFF4983-422B-4042-A80A-A30997BCBB78}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6CB214B6-2C89-43B2-8327-566DDC06B3D7}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{84BB018A-9B91-4886-BB67-34E87A741535}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{611D69FF-ABBA-4C25-B8C0-4607D762EFAD}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{81D9FE78-20F9-4AFA-9B62-4BAEF735F4D6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F987F91E-9B1A-4056-AFF6-5D491B232C2C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{054003A9-AF9C-4211-B910-EC8A5CD3337C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C5FF4EFB-F07D-4BC9-AB4E-B87BAB0C65B6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0E211616-B438-46DD-A3F4-ED2544801B53}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5708F15D-F639-4790-9849-93C4BFA2E64D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{94BD14FA-DB1F-43D3-8557-7B96E028CF8B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{7B4B2305-37F7-406E-BDE7-0203245A69F0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{64327D6D-49A7-4DA3-8E29-BD8D24094AC8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A0EECE74-1FE5-424A-94E2-A26E90FAE065}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B21A698E-5F4F-4E76-A6DE-C5EA80867249}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{86639027-D023-4917-AD9B-70CF3E6ADD21}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B386548A-F289-408A-9F6B-AD04D86D530D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2370DE8E-8AF5-4E43-88C1-B966A5A522BE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{9C311DA9-84DC-46E4-9C8D-34D6224082B8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{54345FA1-5B6E-4B24-BA21-392D0271B1A3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{ED81BD4C-DA2A-4CA5-AE48-5CAD1E1A4191}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F2746A99-E766-44D2-9341-0557C704F5F4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5E10FE83-361E-4C15-A0E2-E021CBEC2321}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E2C92F4F-8A07-41BD-B2AF-A41208697039}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6FDE4CBD-F7BD-42F2-BC21-A0BE8004A35A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6FE571A5-E656-4CF8-B7EA-74F296CB9FC2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{1801917C-0F17-4DA5-BB57-31985C6328ED}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{DB967964-BC0C-480A-BB69-CB3C130287B3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{95AB9B7F-9B1C-4B04-B91E-0B98F052C94F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CEBC32C8-F651-4D12-A7CE-4C6161F14CA6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C4830912-2AC5-4633-A6D7-54EC16D68F84}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F2EBDDC9-9ED8-41B7-8039-BB9C68755B5B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{154ABE5E-2E77-4A9E-99FE-220F2157D6EA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{41824C85-27D9-4B01-B1E1-10F325AE7971}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5351DD0F-8272-44EA-B947-F5A6D31FC414}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{1EFC7098-1B7C-4E99-832A-D017FAE18671}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B2F0916E-20BA-4C8C-A32B-EBC23C4553C7}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{9671C386-786E-4FCC-AB7F-FBB9EE22BA77}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5454263E-F2D9-4191-A268-29F6952FCDB8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{4D8BF7A2-4057-45B1-B6EA-9D7540F0F820}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2ECE2EF9-FF6E-42CE-9FEB-6750CBFA0ADA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{196ACCE6-0F43-468B-89AB-8C152D84BA6A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{DD8B365E-CBE3-4294-858E-E22B6898BCD0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B853B8B7-0DBD-4BD1-BCD7-54E8AC10717B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{DD31FD69-4C82-4C0D-A8B7-B23F0BAACCB7}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5951DBA5-F10C-49A1-9635-518658758148}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{05B555D3-AFC1-4BD9-94BF-8912190547D4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{4245B582-FA58-4DAD-BE9F-7FE8931C496C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8521EC5F-7452-4191-B5FD-EE7504691819}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{D35036B8-BC08-45D5-8C45-2554970374E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{9341E89C-96E4-491F-A796-10E8DD671E99}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E2C218E7-BB2F-4560-B737-29D45C8DCDAB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0B3C172B-F5A7-4EBA-94E8-BA57DA59AC79}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{76D91789-7A53-43CC-93BC-5BD3A857ED1A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{61BD345B-F086-488A-BC07-033BC9D6C9CA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AD7B366B-9036-4682-ABF3-14F77610FA84}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5AFBF59A-0559-4355-8DA6-613BBF89B288}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{7D6F7EF1-9A7E-4D89-96A4-2E6E5853994E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0EECE648-DB37-4FAB-8BC7-8B7F711FB75F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B70044C9-9A7A-40AB-93D2-5DF66E3C31D3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{71A902E0-5551-4435-822A-5D13DA24321F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2B28E96A-8925-4B3D-9ECD-55CE22C43663}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6B3E77DF-A5D1-4487-8CAD-7FBCB55A9E34}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0FFFE0ED-A813-46CD-BC52-55450E9FD57D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F48E1533-70A2-453B-B8F9-F48322FE8B1D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{528AEDBA-F331-4673-A9BB-E4EF85AE1D6E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{293096AA-1EE5-432A-9103-2811C5665EB7}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8FF113C1-6B50-4C87-9430-78DC366AB710}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5C49C3EE-BBF0-4585-8F6D-A62D54E53B18}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FE0F5186-757D-4714-9D7E-E4D2DB31EC6A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CB22DBF8-B83A-44FB-B69B-33E5A4216050}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{4811B849-54EB-4F78-94A7-9D04E5754BFE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{38224223-8372-4497-9766-450A8CE63792}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{3A2EB6BE-4E20-417C-9082-A4539A4F5205}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{EB452C2C-9ACC-4208-93D9-6015B2112A7A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{32A31042-800C-4487-BF78-67B070D4D269}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{76488EF3-B300-4AC3-920D-3EC18F632BD9}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{3720310F-95AE-42C1-8308-23F979747DB5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A7780551-3293-4227-8B3D-A37AC7DE506A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{D3481C11-8019-48C4-8F9A-FAF2B13043EE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FE6961D1-54A0-428C-837D-A21716B57BC1}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BE5D7EEA-7690-4248-9968-5C0CC2F5149B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{4BC3EE08-57D2-4245-A200-C5D7BCC0DA8C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{DD012C33-915E-48AA-AF68-68534F2FDA98}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{30EFDDCB-C947-49AC-BB63-CE04964F40EB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{89FB1CF4-ED23-46FB-9716-EF2F5884E165}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5495D57D-DEBD-4BEB-B0F5-2EF28280D271}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B84C87A4-AC74-42E7-BB80-3903367E6117}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6A64CE74-7B22-4730-93FC-9C5417BB5020}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{84D10A7B-23F5-4CC6-8E9A-722A4249AC28}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{8E22A4BF-4CF0-4195-B39D-065855C2A3FA}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{F699E274-E216-40A4-9B5E-19816BD33E2F}] => (Allow) LPort=80
FirewallRules: [{39329EA3-CA58-4F8D-8CDD-AED45BF6C320}] => (Allow) LPort=80
FirewallRules: [{5B13E757-6D0A-4EBA-82B5-33F843CE0742}] => (Allow) LPort=80
FirewallRules: [TCP Query User{729370D6-DFFC-4AF2-827C-1969C9008EF5}C:\program files\google\google earth\plugin\geplugin.exe] => (Block) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{B92523FF-B1B6-4A20-B230-82073DE9761F}C:\program files\google\google earth\plugin\geplugin.exe] => (Block) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{2CB2620E-CC80-44C4-9779-E3AEE7910C8C}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{870DE890-B10E-4402-AD1A-11A58E81C656}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{115D733B-4DE3-4B4C-BBAA-304916AEB338}] => (Allow) D:\Silent Hunter 5\sh5.exe
FirewallRules: [{55FCCFB2-10ED-4B76-AE95-E03747C76FB9}] => (Allow) D:\Silent Hunter 5\sh5.exe
FirewallRules: [{35BB37B6-18C5-42BF-B9B9-A71EF6A21C06}] => (Allow) C:\Ubisoft\Silent Hunter 5\sh5.exe
FirewallRules: [{5ED769C8-F9D0-470F-892A-148998258F31}] => (Allow) C:\Ubisoft\Silent Hunter 5\sh5.exe
FirewallRules: [{50116C54-866B-4585-9BED-78BC6C9F21D2}] => (Allow) C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{CACDC56B-169B-4C9A-8760-7CC018967557}] => (Allow) C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{9DD268BD-B01D-4C25-8063-38C5642EE2C4}] => (Allow) C:\Users\Marvin\AppData\Local\Temp\Addons\4AA3210B\incredibar_install.exe
FirewallRules: [{DE762570-18CA-4EC4-8472-CBDEE39E624B}] => (Allow) C:\Users\Marvin\AppData\Local\Temp\Addons\4AA3210B\incredibar_install.exe
FirewallRules: [TCP Query User{C44D2269-5F92-4237-88BA-96E881CE3DF2}C:\program files\mediamonkey\mediamonkey.exe] => (Allow) C:\program files\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{8D473C12-EBE7-4FDA-A4B0-8058F5D71FB1}C:\program files\mediamonkey\mediamonkey.exe] => (Allow) C:\program files\mediamonkey\mediamonkey.exe
FirewallRules: [TCP Query User{90F7C6E0-A70C-4321-BE68-99D85E80D91E}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{C09C030D-0A18-4EB0-AB96-4E83F3B7B363}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{27DF5034-E580-4C38-B2EF-122202B88E4D}C:\program files\mediamonkey\mediamonkey.exe] => (Block) C:\program files\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{AF55D7D6-0FBA-40DB-8EF0-A74D3BC55733}C:\program files\mediamonkey\mediamonkey.exe] => (Block) C:\program files\mediamonkey\mediamonkey.exe
FirewallRules: [{7572CA8F-A29C-4742-A092-34CE091CA6C5}] => (Allow) C:\Users\Marvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{71EEC049-2885-4629-A89C-9E41F3B05E21}] => (Allow) C:\Users\Marvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4B5386CD-90A4-4BDD-AB17-EE3F8362D151}] => (Allow) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{42F959D9-259B-4DD2-9C61-2538A23F1E58}] => (Allow) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{AB3EBD70-2014-4C35-A299-D431720BCF0A}] => (Allow) C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{9B23E987-6587-4EA8-A72F-72D73DCF6072}] => (Allow) C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{67519EDB-B551-45CD-A6E2-31D2EE878E4D}] => (Allow) C:\Program Files\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [{8596F5B2-6145-4551-97E8-4B1225022852}] => (Allow) C:\Program Files\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [TCP Query User{E2CFAA99-0018-4B8B-A656-F8830D908770}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{494F8839-64B8-4324-9BAD-9FA61F6DFB71}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [{4B90A65E-51FD-4681-AD6C-2B1852ABFE10}] => (Allow) %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{33B67600-100C-4478-BF3F-5C8E9FEC4ECC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E8360B15-0C9F-46B5-B73A-CCE3CEF8707B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E8F76942-0CDF-49A6-B9B4-81709A0267D0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (05/05/2015 01:52:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {c6fd1a95-d04b-4cdb-8cf4-41c87e4c0951}
Error: (05/04/2015 10:03:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {e64846b9-05b7-44e7-aa14-827957e9100c}
Error: (05/04/2015 10:42:28 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {efc6245f-c2d7-4fb7-b861-41d8d7bfaa73}
Error: (05/03/2015 11:18:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung PEV.exe, Version 0.0.0.0, Zeitstempel 0x4e06cfe8, fehlerhaftes Modul PEV.exe, Version 0.0.0.0, Zeitstempel 0x4e06cfe8, Ausnahmecode 0x40000015, Fehleroffset 0x0008d1c0,
Prozess-ID 0x159c, Anwendungsstartzeit PEV.exe0.
Error: (05/03/2015 10:58:27 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {d156484b-fbd3-491c-a173-5610a066d5b3}
Error: (05/03/2015 10:45:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {d156484b-fbd3-491c-a173-5610a066d5b3}
Error: (05/03/2015 10:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung update_checker.exe, Version 4.3.0.0, Zeitstempel 0x525d9c67, fehlerhaftes Modul ntdll.dll, Version 6.0.6001.18538, Zeitstempel 0x4cb733dc, Ausnahmecode 0xc0000005, Fehleroffset 0x00065803,
Prozess-ID 0x418, Anwendungsstartzeit update_checker.exe0.
Error: (05/03/2015 10:41:28 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {d156484b-fbd3-491c-a173-5610a066d5b3}
Error: (05/03/2015 10:29:35 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {d156484b-fbd3-491c-a173-5610a066d5b3}
Error: (05/01/2015 06:45:03 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Dateisicherung ist fehlgeschlagen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und die Hardwarekonfiguration. (0x81000006)
System errors:
=============
Error: (05/05/2015 03:21:24 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/05/2015 01:03:59 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/05/2015 00:58:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WerSvc
Error: (05/05/2015 00:58:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Spooler
Error: (05/05/2015 00:58:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000MBAMService
Error: (05/05/2015 00:58:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: SQL Server VSS Writer1
Error: (05/05/2015 00:58:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/05/2015 00:56:26 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (05/05/2015 00:56:25 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.8.100 für die Netzwerkkarte mit der Netzwerkadresse 001E101F0000 wurde durch den DHCP-Server 192.168.8.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (05/04/2015 05:12:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Samsung Drive Manager Service1
Microsoft Office Sessions:
=========================
Error: (08/01/2012 02:45:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/15/2009 02:06:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4061 seconds with 900 seconds of active time. This session ended with a crash.
Error: (04/24/2009 10:33:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 52 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-05-05 19:13:36.776
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:13:36.158
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:13:35.635
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:13:35.070
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:13:34.103
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:13:33.559
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:13:32.994
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:13:32.357
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:12:53.659
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-05 19:12:53.282
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Genuine Intel(R) CPU T2130 @ 1.86GHz
Percentage of memory in use: 66%
Total physical RAM: 1789.45 MB
Available physical RAM: 607.5 MB
Total Pagefile: 3828.45 MB
Available Pagefile: 2220.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:69.05 GB) (Free:0.84 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:70 GB) (Free:6.01 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 05393231)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=69 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=70 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |