| |
| |||||||
Log-Analyse und Auswertung: zwei neue Tabs öffnen sich in Chrome automatischWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
09.02.2015, 11:33
| #1 |
| |  zwei neue Tabs öffnen sich in Chrome automatisch Soweit ich das sagen kann, zeigte sich das Verhalten von Chrome (öffnen zweier Seiten) erst nachdem ich "FVD & Scriptblock" installiert habe. Bin mir aber nicht wirklich Sicher.    Hier dann meien Log-Files. Ich hoffe ich habe das einigermaßen gut vorbereitet und ihr könnt mir helfen den Kram bald los zu werden. Der REVO uninstaller ist gerade installiert. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by horst (administrator) on ALIENWARE-PC on 09-02-2015 10:31:22
Running from H:\Download\Chrome_scantool
Loaded Profiles: horst & UpdatusUser (Available profiles: Alienware & horst & UpdatusUser & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
() C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\Dokan\DokanLibrary\mounter.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
( ) C:\Windows\System32\lmabcoms.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
() C:\Program Files (x86)\gateprotect\VPN Client\bin\Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
() C:\Program Files (x86)\eM Client\MailClient.exe
(Wisdom Software Inc. ) C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4756240 2012-02-26] (Intel(R) Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12616 2012-02-09] (Alienware)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2011-12-01] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [Sound Blaster Recon3Di Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [880640 2011-12-21] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2015-02-05] (AVAST Software)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [1636208 2011-12-01] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [23416869 2014-12-18] ()
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\...\MountPoints2: {6e62db59-c0ef-11e3-a26d-806e6f6e6963} - E:\autoRcd.exe
HKU\S-1-5-21-1653418148-1577307470-838468769-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1653418148-1577307470-838468769-1002\...\Run: [LMab1err] => C:\Program Files\Lexmark\ErrorApp\LMab1err.exe [582312 2010-03-26] ( )
HKU\S-1-5-21-1653418148-1577307470-838468769-1002\...\MountPoints2: {6e62db59-c0ef-11e3-a26d-806e6f6e6963} - E:\autoRcd.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll (ownCloud Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53742;https=127.0.0.1:53742
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP8Glf1wtGedhNebHmqJA,,&q={searchTerms}
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP8Glf1wtGedhNebHmqJA,,&q={searchTerms}
HKU\S-1-5-21-1653418148-1577307470-838468769-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP7yjE6JmEYiDOPnhYlsQ,,&q={searchTerms}
HKU\S-1-5-21-1653418148-1577307470-838468769-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5goOmlUCkFo_CcRTgLzOYCGL2oz9SVX5_Cg-iR1Lg9NoWuz-3VNhmXBImnoTBisoyj0hO1kPwdGSRX-VZpVt-mdva3wKJrNf0KJw,,
HKU\S-1-5-21-1653418148-1577307470-838468769-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP7yjE6JmEYiDOPnhYlsQ,,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {9F583CA9-4E69-489D-9BCA-D778B352BFE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {9F583CA9-4E69-489D-9BCA-D778B352BFE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP7yjE6JmEYiDOPnhYlsQ,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP7yjE6JmEYiDOPnhYlsQ,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {451C14FE-AB8C-47DB-90E1-EB8476589B11} URL = hxxp://search.igeared.com/dispatcher.aspx?i=66&tp=chrome&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1653418148-1577307470-838468769-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP8Glf1wtGedhNebHmqJA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1653418148-1577307470-838468769-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP8Glf1wtGedhNebHmqJA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1653418148-1577307470-838468769-1001 -> {99566F31-CAC4-4105-BC45-D4C2903C7146} URL = hxxp://search.igeared.com/dispatcher.aspx?i=66&tp=chrome&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1653418148-1577307470-838468769-1002 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP7yjE6JmEYiDOPnhYlsQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1653418148-1577307470-838468769-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP7yjE6JmEYiDOPnhYlsQ,,&q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKU\S-1-5-21-1653418148-1577307470-838468769-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1653418148-1577307470-838468769-1001 -> No Name - {837CC356-411E-4654-B2A2-ECA1F037979F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.45.1
FireFox:
========
FF ProfilePath: C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594
FF DefaultSearchEngine: Ixquick HTTPS - Deutsch
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\searchplugins\ixquick-https---deutsch.xml
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\artur.dubovoy@gmail.com [2015-02-09]
FF Extension: FlashFirebug - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\flashfirebug@o-minds.com [2014-12-11]
FF Extension: FireShot - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-01-30]
FF Extension: Flashblock - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-12-11]
FF Extension: ColorZilla - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2014-10-13]
FF Extension: Universal Downloader - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d} [2015-01-28]
FF Extension: DownloadHelper - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-13]
FF Extension: Flash and Video Download - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-01-28]
FF Extension: colorPicker - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\colorPicker@colorPicker.xpi [2014-10-13]
FF Extension: FacebookBlocker - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\facebookBlocker@webgraph.com.xpi [2014-10-13]
FF Extension: FireBreak - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\firebreak@filipjohansson.se.xpi [2014-10-13]
FF Extension: Firebug - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\firebug@software.joehewitt.com.xpi [2014-10-13]
FF Extension: FireCompass for Firebug - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\firecompass@stueckseln.de.xpi [2014-10-13]
FF Extension: Firefinder for Firebug - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\firefinder@robertnyman.com.xpi [2014-10-13]
FF Extension: FireFontFamily - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\firefontfamily@firebugextensions.org.xpi [2014-10-13]
FF Extension: FireFrame - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\fireframe@aptobits.com.xpi [2014-10-13]
FF Extension: Firepicker - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\firepicker@thedarkone.xpi [2014-10-13]
FF Extension: FireQuery - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\firequery@binaryage.com.xpi [2014-10-13]
FF Extension: FirePath - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\FireXPath@pierre.tholence.com.xpi [2014-10-13]
FF Extension: HTTP UserAgent cleaner - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\HTTPUserAgentcleaner@addons.8vs.ru.xpi [2014-10-13]
FF Extension: Remove Google Tracking - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\jid0-DpogclPgnN9OvqNntEBbPZxBinY@jetpack.xpi [2014-10-13]
FF Extension: IP Address and Domain Information - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2014-10-13]
FF Extension: Remove Google Tracking for Copy - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\jid1-9GSm3Xm1Wr6yyg@jetpack.xpi [2014-10-13]
FF Extension: Print Preview Button - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\mail@sindre.at.xpi [2014-10-13]
FF Extension: PageRank Client - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\pagerank-client@koeniglich.ch.xpi [2014-10-13]
FF Extension: Seitwert.de Plugin - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\plugin@seitwert.de.xpi [2014-10-13]
FF Extension: Status-4-Evar - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\status4evar@caligonstudios.com.xpi [2014-10-13]
FF Extension: Video WithOut Flash - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\vwof@drev.com.xpi [2014-10-18]
FF Extension: Capture & Print - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2014-10-13]
FF Extension: Print/Print Preview - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}.xpi [2014-10-13]
FF Extension: NoScript - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-13]
FF Extension: Firebug Autocompleter - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{9aad3da6-6c46-4ef0-9109-6df5eaaf597c}.xpi [2014-10-13]
FF Extension: Update Scanner - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}.xpi [2014-10-13]
FF Extension: Web Developer - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-10-13]
FF Extension: Toggle Web Developer Toolbar - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}.xpi [2014-10-13]
FF Extension: User Agent Switcher - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-10-13]
FF Extension: Google Privacy - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2014-10-13]
FF Extension: Open With Photoshop - C:\Users\horst\AppData\Roaming\Mozilla\Firefox\Profiles\o748zewf.default-1413207193594\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}.xpi [2014-10-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-04-26]
Chrome:
=======
CHR HomePage: Default -> hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5goOmlUCkFo_CcRTgLzOYCGL2oz9SVX5_Cg-iR1Lg9NoWuz-3VNhmXBImnoTBisoyj0hO1kPwdGSRX-VZpVt-mdva3wKJrNf0KJw,,
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSearchKeyword: Default -> search.yahoo.com
CHR DefaultSearchURL: Default -> hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxiS3ACJD5Aul-OxUXuVILXURTp3nNX63DceRLhoMtOujNlcZSwcgsxP3ZWShLGc4H5sTBgRWOF1QSlv6K9zhyDiqiNXsL_Sn1vPRmb0tkD34xnH6pVuQD8mLg-6CUBMuRo5L9JYJHxlZhlqWRP8Glf1wtGedhNebHmqJA,,&q={searchTerms}
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-17]
CHR Extension: (Web) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-05-01]
CHR Extension: (Web) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdbaimlghobbjcnedilbjalppkblik [2014-05-01]
CHR Extension: (YouTube) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-24]
CHR Extension: ( Youtube Video Downloader) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bollmjkmlabkhadjdpnachohngimjmlo [2014-12-04]
CHR Extension: (Web) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-24]
CHR Extension: (ScriptBlock) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2014-12-04]
CHR Extension: (FVD (Free Video Downloader)) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdmkgpohdgeldgoojpommaknjaecjnng [2014-12-04]
CHR Extension: (Web) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlbnpnlmfngmlcmkhjpbfokdphfehhjj [2014-05-01]
CHR Extension: (Baseflight - Configurator) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppkgnedeapfejgfimkdoninnofofigk [2015-01-17]
CHR Extension: (Web) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24]
CHR Extension: (ColorPick Eyedropper) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2014-05-01]
CHR Extension: (Web) - C:\Users\horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-24]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-05] (Avast Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-24] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-24] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [124928 2014-10-21] (Creative Technology Ltd)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [File not signed]
R2 DokanMounter; C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\Dokan\DokanLibrary\mounter.exe [22736 2014-08-25] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation)
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 lmab_device; C:\Windows\system32\LMabcoms.exe [1045504 2010-03-26] ( ) [File not signed]
R2 lmab_device; C:\Windows\SysWOW64\LMabcoms.exe [593920 2010-03-26] ( ) [File not signed]
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-02-25] ()
R2 VPNService; C:\Program Files (x86)\gateprotect\VPN Client\bin\Service.exe [180224 2014-04-11] () [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S3 w7Svc; C:\Program Files (x86)\webcam 7\wService.exe [4999680 2011-07-27] (Moonware Studios) [File not signed]
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel(R) Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-02-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-05] ()
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1066752 2014-10-21] (Creative Technology Ltd)
S3 DCamUSBVM; C:\Windows\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Vimicro Corporation)
S3 DCamUSBVM; C:\Windows\SysWOW64\Drivers\usbVM31b.sys [90581 2004-04-26] (VM) [File not signed]
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [121552 2014-08-25] (Windows (R) Win 7 DDK provider)
R2 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [771224 2014-08-26] (www.ext2fsd.com)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 lvsels64; C:\Windows\System32\DRIVERS\lvsels64.sys [67992 2009-10-07] (Logitech Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-10] (NVIDIA Corporation)
R2 ParagonLDM; C:\Windows\system32\drivers\biont_bs.sys [19208 2014-04-11] ()
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [131832 2013-03-14] (Ray Hinchliffe)
S3 SMIGrabber3E; C:\Windows\System32\Drivers\SmiUsbGrabber3E.sys [823040 2011-07-27] (Windows (R) Win 7 DDK provider)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-05] (Avast Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-09 10:30 - 2015-02-09 10:31 - 00000000 ____D () C:\FRST
2015-02-06 17:45 - 2015-02-06 17:45 - 00000197 _____ () C:\Windows\system32\2015-02-06-16-45-06.065-AvastVBoxSVC.exe-3620.log
2015-02-06 17:43 - 2015-02-06 17:43 - 00301400 _____ () C:\Windows\Minidump\020615-34039-01.dmp
2015-02-06 17:07 - 2015-02-06 17:07 - 00001226 _____ () C:\Users\Public\Desktop\DJI NAZAM Assistant_2.20.lnk
2015-02-06 17:07 - 2015-02-06 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJI Product
2015-02-05 19:26 - 2015-02-05 19:26 - 00000247 _____ () C:\Windows\system32\2015-02-05-18-26-36.008-aswFe.exe-7584.log
2015-02-05 19:24 - 2015-02-05 19:26 - 00000247 _____ () C:\Windows\system32\2015-02-05-18-24-48.057-aswFe.exe-4812.log
2015-02-05 19:24 - 2015-02-05 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-05-18-24-46.023-AvastVBoxSVC.exe-5788.log
2015-02-05 19:23 - 2015-02-05 19:23 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-02-05 19:23 - 2015-02-05 19:23 - 00000000 ____D () C:\Windows\system32\vbox
2015-02-05 18:39 - 2015-02-05 18:39 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-05 18:39 - 2015-02-05 18:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-05 17:19 - 2015-02-05 19:37 - 00002861 _____ () C:\Windows\system32\Drivers\etc\hosts_naza_backup
2015-02-05 11:23 - 2015-02-05 11:23 - 00000132 _____ () C:\Users\horst\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-02-04 18:33 - 2015-02-04 18:33 - 08836352 _____ () C:\Users\horst\Documents\ALIENWARE-PC.arn
2015-02-03 09:30 - 2015-02-07 13:46 - 00000000 ____D () C:\Users\horst\Desktop\Copter
2015-02-01 19:57 - 2015-02-01 19:57 - 00297560 _____ () C:\Windows\Minidump\020115-34117-01.dmp
2015-02-01 19:53 - 2015-02-01 19:53 - 00297656 _____ () C:\Windows\Minidump\020115-30498-01.dmp
2015-02-01 19:47 - 2015-02-01 19:47 - 00297656 _____ () C:\Windows\Minidump\020115-33228-01.dmp
2015-02-01 19:34 - 2015-02-06 17:42 - 818649275 ____N () C:\Windows\MEMORY.DMP
2015-02-01 19:34 - 2015-02-01 19:34 - 00303208 _____ () C:\Windows\Minidump\020115-34991-01.dmp
2015-02-01 19:33 - 2015-02-01 19:33 - 00000000 ____D () C:\Program Files (x86)\u-blox
2015-01-30 15:46 - 2015-01-30 15:46 - 00003292 _____ () C:\Windows\System32\Tasks\{BE0C694F-BC1C-40EB-90E0-7ED31433095F}
2015-01-30 15:36 - 2015-02-09 09:23 - 00000643 _____ () C:\Users\horst\mm.cfg
2015-01-30 14:41 - 2015-01-30 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AS-Soft
2015-01-30 14:41 - 2015-01-30 14:41 - 00000000 ____D () C:\Program Files (x86)\AS-Soft
2015-01-30 14:34 - 2014-04-11 22:56 - 00079360 _____ (Silicon Laboratories) C:\Windows\system32\Drivers\silabser.sys
2015-01-30 14:34 - 2014-04-11 22:56 - 00023552 _____ (Silicon Laboratories) C:\Windows\system32\Drivers\silabenm.sys
2015-01-29 19:18 - 2015-01-29 19:18 - 00002762 _____ () C:\Users\horst\Desktop\Baseflight - Configurator.lnk
2015-01-29 08:30 - 2015-01-29 08:30 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Vorlagen
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Startmenü
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Netzwerkumgebung
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Lokale Einstellungen
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Eigene Dateien
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Druckumgebung
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Eigene Musik
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Eigene Bilder
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 _SHDL () C:\Users\DefaultAppPool\Anwendungsdaten
2015-01-29 08:30 - 2015-01-29 08:30 - 00000000 ____D () C:\Users\DefaultAppPool
2015-01-29 08:30 - 2014-04-26 18:17 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2015-01-29 08:30 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-29 08:30 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-28 22:52 - 2015-02-06 17:07 - 00000000 ____D () C:\Program Files (x86)\DJI Product
2015-01-28 12:17 - 2015-01-28 12:17 - 33152739 _____ () C:\Users\horst\Downloads\Magnetische%20Störungen%20-%20Teil%202-SD.mp4
2015-01-28 12:03 - 2015-01-28 12:04 - 00000000 ____D () C:\Program Files (x86)\FVD Suite
2015-01-28 12:03 - 2015-01-28 12:03 - 00000000 ____D () C:\Users\horst\AppData\Roaming\FVD Suite
2015-01-28 12:03 - 2015-01-28 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FVD Suite
2015-01-28 12:02 - 2015-01-28 12:02 - 01003032 _____ () C:\Users\horst\Downloads\fvdsuite_installer.exe
2015-01-23 14:09 - 2015-01-23 12:12 - 00008356 ____N () C:\Users\horst\overlay.ini
2015-01-23 14:09 - 2015-01-23 12:12 - 00000000 ____N () C:\Users\horst\vorlagen.ini
2015-01-23 12:12 - 2015-01-23 14:09 - 00000243 _____ () C:\Users\horst\medcd.ini
2015-01-18 00:03 - 2015-01-18 00:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2015-01-17 20:13 - 2015-01-17 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STMicroelectronics
2015-01-17 20:13 - 2015-01-17 20:13 - 00000000 ____D () C:\Program Files (x86)\STMicroelectronics
2015-01-16 12:24 - 2015-01-16 12:24 - 00000072 _____ () C:\Autoconfig.ini
2015-01-16 12:24 - 2015-01-16 12:24 - 00000000 ____D () C:\ProgramData\Samsung
2015-01-15 12:34 - 2015-01-15 12:34 - 03365208 _____ (Dirk Jansen ) C:\Users\horst\Downloads\MailCheckSetup284Build395.exe
2015-01-15 09:47 - 2015-01-15 09:47 - 00000055 _____ () C:\ProgramData\lmab.log
2015-01-15 09:31 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 09:31 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 09:31 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 09:31 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-15 09:31 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-15 09:31 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-15 09:31 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-15 09:31 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-15 09:31 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-15 09:31 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 09:31 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 09:31 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-15 09:31 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-15 09:31 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-15 09:31 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 20:58 - 2015-01-13 20:58 - 02474490 _____ () C:\Users\horst\Downloads\Kerstin-Face.psd
2015-01-10 12:18 - 2015-01-10 12:18 - 00244264 _____ () C:\Users\horst\Downloads\Firefox Setup Stub 34.0.5.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-09 09:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-09 09:55 - 2014-04-10 22:42 - 01366928 _____ () C:\Windows\WindowsUpdate.log
2015-02-09 09:23 - 2014-04-24 10:29 - 00000000 ____D () C:\Users\horst
2015-02-09 09:20 - 2014-04-24 18:28 - 00000000 ____D () C:\Users\horst\AppData\Roaming\vlc
2015-02-08 23:41 - 2014-04-24 12:01 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-08 23:21 - 2014-04-24 18:15 - 00000000 ____D () C:\Users\horst\AppData\Roaming\BOM
2015-02-08 18:39 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 18:39 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 18:34 - 2014-05-08 16:30 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-07 11:39 - 2014-04-24 13:12 - 00000000 ____D () C:\Users\horst\Desktop\Screenshots
2015-02-07 09:14 - 2014-12-27 22:19 - 00000000 ____D () C:\Users\horst\AppData\Roaming\eM Client
2015-02-06 18:38 - 2014-05-08 10:41 - 00000000 ____D () C:\Users\horst\Documents\Outlook-Dateien
2015-02-06 17:47 - 2014-04-11 07:32 - 00738022 _____ () C:\Windows\system32\perfh007.dat
2015-02-06 17:47 - 2014-04-11 07:32 - 00160088 _____ () C:\Windows\system32\perfc007.dat
2015-02-06 17:47 - 2009-07-14 06:13 - 01710638 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 17:43 - 2014-04-24 22:25 - 00000000 ____D () C:\Windows\Minidump
2015-02-06 17:42 - 2014-09-30 20:15 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-06 17:42 - 2014-04-24 11:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-06 17:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-06 17:42 - 2009-07-14 05:51 - 00070489 _____ () C:\Windows\setupact.log
2015-02-05 20:03 - 2014-04-24 11:41 - 00076506 _____ () C:\Windows\DPINST.LOG
2015-02-05 19:21 - 2010-11-21 04:47 - 00102372 _____ () C:\Windows\PFRO.log
2015-02-05 18:39 - 2014-04-24 12:01 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-05 18:39 - 2014-04-24 12:01 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-02-05 18:39 - 2014-04-24 12:01 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-05 18:39 - 2014-04-24 12:01 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2015-02-05 18:39 - 2014-04-24 12:01 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-05 18:39 - 2014-04-24 12:01 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-02-05 18:39 - 2014-04-24 12:01 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-05 18:39 - 2014-04-24 12:01 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-03 09:31 - 2014-05-02 19:13 - 00000000 ____D () C:\Users\horst\Desktop\Ablage-Temp
2015-02-01 19:34 - 2014-04-24 12:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-01 19:33 - 2014-04-24 17:57 - 00000000 ____D () C:\Program Files\DIFX
2015-01-31 07:53 - 2014-11-12 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-30 15:27 - 2014-05-09 22:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 15:27 - 2014-05-09 22:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-28 19:46 - 2014-04-24 18:17 - 00000000 ____D () C:\Users\horst\Desktop\Tools
2015-01-17 20:13 - 2014-04-24 10:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-17 19:30 - 2014-04-24 12:01 - 00002293 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 12:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\spool
2015-01-16 09:02 - 2014-04-24 12:33 - 01684918 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-15 12:35 - 2014-11-12 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MailCheck
2015-01-15 12:35 - 2014-11-12 11:59 - 00000000 ____D () C:\Program Files (x86)\MailCheck
2015-01-15 09:36 - 2014-04-24 11:59 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 09:32 - 2014-04-24 11:59 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 21:04 - 2014-04-26 07:49 - 00000000 ____D () C:\Users\horst\AppData\Roaming\XnView
2015-01-10 12:20 - 2014-04-24 12:11 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-10 12:20 - 2014-04-24 12:11 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== Files in the root of some directories =======
2015-02-05 11:23 - 2015-02-05 11:23 - 0000132 _____ () C:\Users\horst\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-08-11 20:42 - 2014-08-22 09:08 - 0027737 _____ () C:\Users\horst\AppData\Roaming\net.telestream.wirecast.xml
2014-05-09 08:09 - 2014-05-09 08:09 - 0000392 _____ () C:\Users\horst\AppData\Roaming\usenetft
2014-05-09 08:09 - 2014-05-09 08:09 - 0000392 _____ () C:\Users\horst\AppData\Roaming\usenetft.lock
2014-06-02 13:48 - 2015-02-05 11:27 - 0001456 _____ () C:\Users\horst\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-10-27 09:23 - 2014-10-27 09:23 - 0000600 _____ () C:\Users\horst\AppData\Local\PUTTY.RND
2014-07-20 15:01 - 2014-07-20 15:01 - 0003973 _____ () C:\Users\horst\AppData\Local\recently-used.xbel
2014-07-12 09:56 - 2014-07-12 09:56 - 0000017 _____ () C:\Users\horst\AppData\Local\resmon.resmoncfg
2014-05-29 18:35 - 2015-02-09 09:16 - 409699328 _____ () C:\Users\horst\AppData\Local\SageThumbs.db3
2014-11-22 19:05 - 2014-11-22 19:05 - 0000085 ___SH () C:\ProgramData\.zreglib
2014-07-12 12:26 - 2014-07-12 12:26 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-01-15 09:47 - 2015-01-15 09:47 - 0000055 _____ () C:\ProgramData\lmab.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-03 09:25
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
Ran by horst at 2015-02-09 10:31:46
Running from H:\Download\Chrome_scantool
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2.0 (HKLM-x32\...\Free Video to GIF Converter_is1) (Version: 2.0 - www.video-gif-converter.com)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version: - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Alienware Command Center (HKLM-x32\...\InstallShield_{CD4B350A-9328-4C1F-91D3-255EF2DA58FA}) (Version: 2.7.28.0 - Alienware Corp.)
Alienware Command Center (Version: 2.7.28.0 - Alienware Corp.) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - )
Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden
AMD Catalyst Install Manager (HKLM\...\{993FE4D0-F7BB-F48A-9D70-E301142D282D}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Audacity 1.2.0 (HKLM-x32\...\Audacity_is1) (Version: - )
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
AutoFX Suites (HKLM-x32\...\AutoFX Suites) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-5 - Wacom Technology Corp.)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bitvise SSH Client 6.08 (remove only) (HKLM-x32\...\BvSshClient) (Version: - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}) (Version: 1.0.106 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.9.0 - Brother Industries, Ltd.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
cFos Outlook DAV v1.16 (HKLM-x32\...\cFos Outlook DAV) (Version: 1.16 - cFos Software GmbH, Bonn)
CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.1.1.0177 - Code Laboratories, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Contents64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Corel VideoStudio Pro X7 (HKLM-x32\...\_{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.1.0.22 - Corel Corporation)
CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World)
CS_Manager (HKLM-x32\...\CS_Manager_is1) (Version: - )
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
DJI driver version 2.02 (HKLM-x32\...\{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1) (Version: 2.02 - DJI)
DJI NAZAM Assistant version 2.20 (HKLM-x32\...\{407BF034-D1D3-4397-8887-72FE329100D8}_is1) (Version: 2.20 - DJI)
eM Client (HKLM-x32\...\{B3EBF7DE-2A5B-4E10-9438-931EE6B22C05}) (Version: 4.0.15145.0 - eM Client Inc.)
EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden
Ext2Fsd 0.53 (HKLM\...\Ext2Fsd_is1) (Version: 0.53 - Matt Wu)
FileMaker Pro 11 Advanced (HKLM-x32\...\{C53BECC0-C579-44F8-A995-E97FACB04DFC}_FileMaker) (Version: 11.0.3.0 - FileMaker, Inc.)
FileMaker Pro 11 Advanced (x32 Version: 11.0.3.0 - FileMaker, Inc.) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Flash Loader Demonstrator V2.4.0 (HKLM-x32\...\InstallShield_{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.4.0 - STMicroelectronics)
Flash Loader Demonstrator V2.4.0 (x32 Version: 2.4.0 - STMicroelectronics) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
FVD Suite 3.0.0 (HKLM-x32\...\{80E4B2D6-BFF2-402C-96C4-3942DF24CABB}_is1) (Version: - flashvideodownloader.org)
gateprotect VPN Client 4.0 (HKLM-x32\...\gateprotect VPN Client 4.0) (Version: - )
Genius (HKLM-x32\...\{BBBAAD3E-0B95-496E-A939-F54309F26856}_is1) (Version: 1.3.6 - A.Schmiedeberg)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
ICA (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
IcoFX 2.6 (HKLM-x32\...\IcoFX 2_is1) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.00.0000 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
IPM_VS_Pro64 (Version: 17.0 - Corel Corporation) Hidden
K-Lite Codec Pack 7.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Lexmark Software deinstallieren (HKLM\...\Lexmark_HostCD) (Version: - Lexmark International, Inc.)
LibreOffice 4.2 Help Pack (German) (HKLM-x32\...\{8C2E5023-6DD7-4AF2-BE6D-E4866DE3E8AC}) (Version: 4.2.3.3 - The Document Foundation)
LibreOffice 4.2.3.3 (HKLM-x32\...\{4117DF3C-6677-4A22-90B7-FF06923417E9}) (Version: 4.2.3.3 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{40D57CD4-BD8C-4FB8-9ACB-83525D0A2063}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video Pro X5 (HKLM-x32\...\MAGIX_{9624820E-108F-4854-B5A9-24EDCC24CC93}) (Version: 12.0.10.28 - MAGIX AG)
MAGIX Video Pro X5 (Version: 12.0.10.28 - MAGIX AG) Hidden
MailCheck 2 Version 2.84 (Build 395) (HKLM-x32\...\MailCheck_is1) (Version: 2.84 (Build 395) - Dirk Jansen)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi Webcam Video Recorder 2.2 (HKLM-x32\...\Multi Webcam Video Recorder_is1) (Version: - DGTSoft Inc.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
MysticThumbs (HKLM\...\{ED321628-843E-4319-8C6D-CB3C919323AC}) (Version: 1.9.8 - MysticCoder)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.7 - Google)
NirSoft Mail PassView (HKLM-x32\...\NirSoft Mail PassView) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - )
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.13.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
outlook_dav (HKU\S-1-5-21-1653418148-1577307470-838468769-1001\...\BD6B9EC7CF7AD0CFDA8AD98E4A649F10726F5B31) (Version: 1.20.0.1200 - cFos Software)
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.7.1.4382 - ownCloud)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Paragon ExtFS for Windows (HKLM-x32\...\ParagonExtFS) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pdf995 (HKLM-x32\...\Pdf995) (Version: - )
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pinnacle USB device drivers (HKLM-x32\...\{9C0ADF96-20E7-4671-88D2-39B5A307E2A2}) (Version: 2.0.19 - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RAW Shell Extender 0.4.0.0 (HKLM-x32\...\{569975C3-C149-4618-986C-6280B53FDC55}) (Version: 0.4.0.0 - idFox Holding BV)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28094 - Realtek Semiconductor Corp.)
SageThumbs 2.0.0.19 (HKLM\...\SageThumbs) (Version: 2.0.0.19 - Cherubic Software)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
Share64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Skype™ 5.2 (HKLM-x32\...\{5335DADB-34BA-4AE8-A519-648D78498846}) (Version: 5.2.113 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
SMI USB Grabber (HKLM-x32\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.0.02 - Somagic Inc)
Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics)
SuperViewer (HKLM-x32\...\{FF66B22F-F996-41BA-80A5-9D98CE5FB8E5}) (Version: 1.0.0.2 - Somagic Inc)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
Thrustmaster USB PC Camera (HKLM-x32\...\{45C6317C-2577-4BD6-93D3-617B741EB9D3}) (Version: - )
TM507 Webcam (HKLM-x32\...\{7F5A0E78-2B5A-4689-A91D-D60D83FC45E1}) (Version: - )
u-center_v8.13 (HKLM-x32\...\u-center_v8.13) (Version: 8.13 - u-blox)
UltraISO Premium V9.61 (HKLM-x32\...\UltraISO_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSClassic64 (Version: 17.0.0.249 - Corel Corporation) Hidden
VSPro64 (Version: 17.0.0.249 - Corel Corporation) Hidden
webcam 7 (HKLM-x32\...\webcam 7) (Version: 0.9.9.22 - Moonware Studios)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Windows 7 Codec Pack 3.0.0 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: - Windows 7 Codec Pack)
Windows Driver Package - Pololu Corporation CP2102 USB-to-Serial Bridge Driver (10/05/2012 6.6.0.0) (HKLM\...\CBDC7C39EE7C949A0CE5E2BAFB214055611003A7) (Version: 10/05/2012 6.6.0.0 - Pololu Corporation)
Windows Driver Package - Silicon Laboratories (silabenm) Ports (10/05/2012 6.6.0.0) (HKLM\...\5118100F6945E20FB40C6DEA7D3D348AFD9E43D7) (Version: 10/05/2012 6.6.0.0 - Silicon Laboratories)
Windows-Treiberpaket - dji-innovations inc. (usbser) Ports (12/06/2012 5.1.2600.5512) (HKLM\...\F731C4A8B354FB9B7579C5D98402D2F988E8B95C) (Version: 12/06/2012 5.1.2600.5512 - dji-innovations inc.)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Windows-Treiberpaket - u-blox AG (ubloxusb) Ports (07/03/2013 1.2.0.8) (HKLM\...\FD26D50F08971338088D01BEDED393EC9F9C4FA7) (Version: 07/03/2013 1.2.0.8 - u-blox AG)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wireshark 1.10.8 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, hxxp://www.wireshark.org)
Wisdom-soft AutoScreenRecorder 3.1 Free (HKLM-x32\...\Wisdom-soft AutoScreenRecorder 3.1 Free) (Version: - Wisdom Software Inc.)
Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.)
x64 Components v4.5.9 (HKLM\...\Advanced x64Components_is1) (Version: 4.5.9 - Shark007)
XMedia Recode Version 3.2.0.3 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.3 - XMedia Recode)
XnConvert 1.63 (HKLM\...\XnConvert_is1) (Version: 1.63 - Gougelet Pierre-e)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1653418148-1577307470-838468769-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
25-01-2015 11:55:46 Windows Update
28-01-2015 22:53:11 Gerätetreiber-Paketinstallation: dji-innovations inc. Anschlüsse (COM & LPT)
30-01-2015 09:46:43 Windows Update
03-02-2015 08:39:12 Windows Update
05-02-2015 18:38:24 avast! antivirus system restore point
06-02-2015 18:38:42 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-02-05 20:08 - 00002861 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 ood.opsource.net
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
There are 36 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1044902E-A7EE-4E67-933C-ABD4829FDAF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-24] (Google Inc.)
Task: {28C41845-C4A0-462D-AFEC-610CF1ECACB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-05] (AVAST Software)
Task: {2EACD7A5-CC76-4518-A97E-F62F76A00A14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-24] (Google Inc.)
Task: {4261685D-21C8-4D1A-A037-C5501C9B3C09} - System32\Tasks\{A0683C11-CC10-4BFB-941A-5C0BEE556958} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-03-08] (Skype Technologies S.A.)
Task: {4E0997C6-B503-46A1-870E-8166CD021ED0} - System32\Tasks\{182BA96C-017F-48C6-9D5C-997133A90F90} => pcalua.exe -a D:\Transfer\CAM-Drivers\Logitech-Quickcam-Sphere\qc1051enu_x64.exe -d D:\Transfer\CAM-Drivers\Logitech-Quickcam-Sphere
Task: {5DBACA50-E557-4DEA-9743-27693517696B} - System32\Tasks\{BE0C694F-BC1C-40EB-90E0-7ED31433095F} => pcalua.exe -a H:\Download\Graupner\MX-20\Graupner_PC_Software_DE_V1.182\Receiver_Setup.exe -d H:\Download\Graupner\MX-20\Graupner_PC_Software_DE_V1.182
Task: {7EBDF500-2F39-4978-99F1-42EA223036F5} - System32\Tasks\{3D8D27CD-1F15-48E5-8013-B22C37D00634} => pcalua.exe -a D:\Transfer\pdf995_9.5\ps2pdf995_converter_1.3.exe -d D:\Transfer\pdf995_9.5
Task: {A6B65DF5-7CB6-4981-8FF8-6DCD7F9F6C55} - System32\Tasks\AdobeAAMUpdater-1.0-Alienware-PC-horst => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {A8FFCA0B-B6BB-4F48-A2FF-BCB175D8F3E5} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-05-08] ()
Task: {AA9CDFF9-C0D0-46A5-969B-36DECE8E7AAA} - System32\Tasks\Paragon ExtFS for Windows => C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\Paragon ExtFS for Windows.exe [2014-10-01] ()
Task: {C11D6153-94E2-4B6F-ADDD-E3FFC65CB2B7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {CDC7F577-7BE3-4143-8030-9BC87C54DEF0} - System32\Tasks\{AC00FF05-9D72-4903-B2B1-757937F8C340} => pcalua.exe -a H:\Ralf\Backup_Ralf\Dazzle_Pinnacle\PCLEUSB.exe -d H:\Ralf\Backup_Ralf\Dazzle_Pinnacle
Task: {E2BA2F0C-ADAF-4B7C-9BB3-F133303BC6AC} - System32\Tasks\{C758B795-2FB7-4076-B051-D40687C1F8EE} => pcalua.exe -a E:\install.exe -d E:\
Task: {E77546B8-D541-40C5-9ED7-FF7BD52BD538} - System32\Tasks\{DCB1247C-B199-4659-B01E-FB299F387C64} => pcalua.exe -a H:\Ralf\Backup_Ralf\Dazzle_Pinnacle\PCLEUSB.exe -d H:\Ralf\Backup_Ralf\Dazzle_Pinnacle
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-04-24 11:47 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 22:52 - 2006-10-19 20:44 - 00047616 _____ () C:\Windows\System32\pdf995mon64.dll
2011-04-11 07:26 - 2011-04-11 06:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2013-03-18 16:16 - 2013-03-18 15:16 - 01353728 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\spe__du.dll
2014-08-25 12:15 - 2014-08-25 12:15 - 00022736 _____ () C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\Dokan\DokanLibrary\mounter.exe
2014-05-08 10:26 - 2003-04-18 18:06 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2014-05-08 10:26 - 2010-04-10 08:03 - 00077824 _____ () C:\Windows\KMService.exe
2014-04-24 19:47 - 2010-10-13 10:41 - 01182576 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-02-25 02:28 - 2014-02-25 02:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2014-04-11 12:35 - 2014-04-11 12:35 - 00180224 _____ () C:\Program Files (x86)\gateprotect\VPN Client\bin\Service.exe
2015-02-05 18:39 - 2015-02-05 18:39 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-05 18:39 - 2015-02-05 18:39 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-12-17 12:44 - 2014-12-17 12:44 - 00059904 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2014-12-18 12:53 - 2014-12-18 12:53 - 23416869 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2011-12-01 19:00 - 2011-12-01 19:00 - 01636208 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
2012-06-15 11:29 - 2012-06-15 11:29 - 13332480 _____ () C:\Program Files (x86)\eM Client\MailClient.exe
2014-04-24 11:58 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2015-02-05 23:22 - 2015-02-05 23:22 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020501\algo.dll
2015-02-05 18:39 - 2015-02-05 18:39 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-08 21:41 - 2015-02-08 21:41 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15020801\algo.dll
2014-10-16 10:46 - 2014-10-16 10:46 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2014-04-24 10:50 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-24 10:46 - 2012-02-01 13:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-18 12:53 - 2014-12-18 12:53 - 03044905 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2014-09-24 09:23 - 2014-09-24 09:23 - 00158048 _____ () C:\Program Files (x86)\ownCloud\libneon-27.dll
2014-09-21 23:32 - 2014-09-21 23:32 - 00084012 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2014-09-22 02:45 - 2014-09-22 02:45 - 00095790 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2014-09-22 02:13 - 2014-09-22 02:13 - 00172695 _____ () C:\Program Files (x86)\ownCloud\libproxy.dll
2014-09-22 02:11 - 2014-09-22 02:11 - 00042626 _____ () C:\Program Files (x86)\ownCloud\libmodman.dll
2014-09-22 02:45 - 2014-09-22 02:45 - 00847430 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2014-09-22 01:05 - 2014-09-22 01:05 - 01150984 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2014-09-22 01:10 - 2014-09-22 01:10 - 02164003 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2014-09-22 01:10 - 2014-09-22 01:10 - 01288240 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2014-09-22 01:10 - 2014-09-22 01:10 - 21540519 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2014-09-22 01:16 - 2014-09-22 01:16 - 00144533 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2014-09-22 01:15 - 2014-09-22 01:15 - 01345629 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2014-09-22 00:58 - 2014-09-22 00:58 - 00203567 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2014-12-18 12:53 - 2014-12-18 12:53 - 15901197 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2014-09-22 01:15 - 2014-09-22 01:15 - 00150916 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2014-09-22 01:08 - 2014-09-22 01:08 - 00197062 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2014-09-22 01:13 - 2014-09-22 01:13 - 00646511 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2014-09-22 02:28 - 2014-09-22 02:28 - 00247028 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2014-09-22 03:24 - 2014-09-22 03:24 - 00228655 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2014-09-24 08:38 - 2014-09-24 08:38 - 00052119 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00702136 _____ () C:\Program Files (x86)\ownCloud\platforms\qwindows.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00032568 _____ () C:\Program Files (x86)\ownCloud\imageformats\qgif.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00035173 _____ () C:\Program Files (x86)\ownCloud\imageformats\qico.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00048436 _____ () C:\Program Files (x86)\ownCloud\imageformats\qjpeg.dll
2011-12-22 16:31 - 2011-12-22 16:31 - 00593920 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\de-DE\SBRcni.resources.dll
2015-02-05 18:39 - 2015-02-05 18:39 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-12-18 10:07 - 2009-12-18 10:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
2014-09-04 13:51 - 2014-09-04 13:51 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2012-02-09 10:20 - 2012-02-09 10:20 - 00015176 _____ () C:\Program Files\Alienware\Command Center\Hook32.dll
2014-12-27 21:28 - 2014-12-27 21:28 - 00875520 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\HTMLEditorControl\a0d44324268c67dcb565296720c1f4f0\HTMLEditorControl.ni.dll
2014-12-27 21:28 - 2014-12-27 21:28 - 00494592 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MailClient.Mail\33510b71a2625ea8c5661d383939bbca\MailClient.Mail.ni.dll
2014-12-27 21:28 - 2014-12-27 21:28 - 00116224 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MailClient.Collecti#\59cdfda68ddb26a4b36b7a6cbfd1921f\MailClient.Collections.ni.dll
2014-12-27 21:29 - 2014-12-27 21:29 - 31366144 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MailClient\e4cb8d40a3ee99dc941ec1b6ad2e6792\MailClient.ni.exe
2014-12-27 21:28 - 2014-12-27 21:28 - 00024576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MailClient.Interop\a6ae6db58444e68f7d37fdcdb4594448\MailClient.Interop.ni.dll
2012-02-23 19:33 - 2012-02-23 19:33 - 00590336 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2012-06-15 11:30 - 2012-06-15 11:30 - 00098304 _____ () C:\Program Files (x86)\eM Client\MailClient.XmlSerializers.dll
2014-12-27 21:28 - 2014-12-27 21:28 - 00494080 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\LinqBridge\6747ea2a530d222c0a23503ec626fdcd\LinqBridge.ni.dll
2014-12-27 21:28 - 2014-12-27 21:28 - 00107008 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MailClient.Sasl\72f1bbb2efd8c848a0503b956c04f17d\MailClient.Sasl.ni.dll
2012-06-12 14:55 - 2012-06-12 14:55 - 00602112 _____ () C:\Program Files (x86)\eM Client\de\MailClient.resources.dll
2014-12-27 21:28 - 2014-12-27 21:28 - 00362496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\HtmlInterop\cbeb74043462795fa8cd1e1a3998e7c4\HtmlInterop.ni.dll
2014-12-27 21:28 - 2014-12-27 21:28 - 00239616 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MailClient.Imap.Base\021a4f0cbcfa043fa8ddf19be2538a77\MailClient.Imap.Base.ni.dll
2012-03-30 16:44 - 2012-03-30 16:44 - 00032768 _____ () C:\Program Files (x86)\eM Client\de\HTMLEditorControl.resources.dll
2011-02-07 19:00 - 2011-02-07 19:00 - 03669504 _____ () C:\Windows\SysWow64\ffdshow.ax
2009-08-11 22:19 - 2009-08-11 22:19 - 00797184 _____ () C:\Windows\SysWow64\ac3filter.ax
2009-08-11 22:21 - 2009-08-11 22:21 - 01021440 _____ () C:\Windows\SysWow64\ac3filter_intl.dll
2012-02-23 19:32 - 2012-02-23 19:32 - 00452096 _____ () C:\Program Files (x86)\eM Client\Hunspellx86.dll
2014-11-12 09:08 - 2015-01-31 07:53 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\horst\Lokale Einstellungen:2Epl4YIYrzju6HTMsVzhRsfc9vp
AlternateDataStreams: C:\Users\horst\Lokale Einstellungen:k8R4re0ao6eOQ4gJXbXqrgarTv
AlternateDataStreams: C:\Users\horst\AppData\Local:2Epl4YIYrzju6HTMsVzhRsfc9vp
AlternateDataStreams: C:\Users\horst\AppData\Local:k8R4re0ao6eOQ4gJXbXqrgarTv
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1653418148-1577307470-838468769-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\horst\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1653418148-1577307470-838468769-500 - Administrator - Disabled)
Alienware (S-1-5-21-1653418148-1577307470-838468769-1000 - Administrator - Enabled) => C:\Users\Alienware
Gast (S-1-5-21-1653418148-1577307470-838468769-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1653418148-1577307470-838468769-1004 - Limited - Enabled)
horst (S-1-5-21-1653418148-1577307470-838468769-1001 - Administrator - Enabled) => C:\Users\horst
rbrs4 (S-1-5-21-1653418148-1577307470-838468769-1006 - Limited - Enabled)
UpdatusUser (S-1-5-21-1653418148-1577307470-838468769-1002 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/09/2015 10:30:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:31 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:31 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:31 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 09:18:59 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 09:18:59 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 09:18:59 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 09:17:05 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
System errors:
=============
Error: (02/09/2015 10:30:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 77 Mal passiert.
Error: (02/09/2015 10:30:41 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.
Error: (02/09/2015 10:30:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 76 Mal passiert.
Error: (02/09/2015 10:30:31 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.
Error: (02/09/2015 09:56:07 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (02/09/2015 09:18:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 75 Mal passiert.
Error: (02/09/2015 09:18:59 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.
Error: (02/09/2015 09:17:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 74 Mal passiert.
Error: (02/09/2015 09:17:05 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.
Error: (02/09/2015 09:16:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 73 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (02/09/2015 10:30:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:31 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:31 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 10:30:31 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 09:18:59 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 09:18:59 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 09:18:59 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
Error: (02/09/2015 09:17:05 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 47%
Total physical RAM: 8074.36 MB
Available physical RAM: 4243.19 MB
Total Pagefile: 16146.89 MB
Available Pagefile: 12133.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:24.21 GB) NTFS
Drive h: (WD-blue) (Fixed) (Total:912.99 GB) (Free:368.01 GB) NTFS
Drive r: (RECOVERY) (Fixed) (Total:18.45 GB) (Free:17.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive x: (NIKON D90) (Removable) (Total:7.39 GB) (Free:7.39 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7EC106BF)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Active) - (Size=18.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 5910E06F)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
09.02.2015, 11:52
| #2 | |
| /// the machine /// TB-Ausbilder    | zwei neue Tabs öffnen sich in Chrome automatisch hi,
__________________Zitat:
__________________ |
|
16.02.2015, 15:23
| #3 |
| | zwei neue Tabs öffnen sich in Chrome automatisch Bin noch dabei, die "Fremd-Software" auszutauschen...dauert noch was.
__________________ |
|
17.02.2015, 07:07
| #4 |
| /// the machine /// TB-Ausbilder | zwei neue Tabs öffnen sich in Chrome automatisch ok.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu zwei neue Tabs öffnen sich in Chrome automatisch |
| adware, antivirus, bonjour, browser, converter, cpu, desktop, downloader, fehler, firefox, flash player, home, homepage, install.exe, installation, mozilla, realtek, registry, revo uninstaller, rundll, scan, security, services.exe, software, störungen, svchost.exe, synology, system, tablet, virtualbox, windows |
Linear-Darstellung
