| |
| |||||||
Log-Analyse und Auswertung: Windows 7 auf einmal langsam, Festplatte umformatiert, viele Malwarebytes FundeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
07.08.2014, 19:13
| #1 |
| |  Windows 7 auf einmal langsam, Festplatte umformatiert, viele Malwarebytes Funde Hallo zusammen, ich habe folgendes Problem: vorgestern habe ich abends meinen PC eingeschaltet und er hat ewig zum Booten gebraucht. Als er dann endlich gebootet hatte, war eine Partition einer Datenplatte auf einmal unformatiert (RAW). Sie ließ sich nicht anklicken und auch nicht neu formatieren. Nach dem Virenscanner, der nichts gefunden hat (Avira) habe ich Malwarebytes laufen lassen, das ca 90 Funde hatte. Ich habe die alle in die Quarantäne verschoben. Heute ließ sich die Platte formatieren und damit auch die Langsamkeit beseitigen (habe ich nicht verstanden) aber das ungute Gefühl wegen der Malware bleibt. Dann bin ich auf das Forum hier gestoßen und hab einmal brav alles gemacht, was man laut To-Do machen sollte. Vielleicht weiß hier ja jemand etwas dazu. Die Logfiles füge ich ein: GMER: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-08-07 19:54:46 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-4 SAMSUNG_SSD_830_Series rev.CXM03B1Q 238,47GB Running: Gmer-19357.exe; Driver: C:\Users\Max\AppData\Local\Temp\ufldypow.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002ff9000 65 bytes [00, 00, 15, 02, 46, 69, 6C, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff80002ff9042 4 bytes [00, 00, 00, 00] ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1700] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077da1465 2 bytes [DA, 77] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1700] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077da14bb 2 bytes [DA, 77] .text ... * 2 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077da1465 2 bytes [DA, 77] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077da14bb 2 bytes [DA, 77] .text ... * 2 ? C:\Windows\system32\mssprxy.dll [2408] entry point in ".rdata" section 00000000718371e6 .text C:\Users\Max\AppData\Local\Akamai\netsession_win.exe[2852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077da1465 2 bytes [DA, 77] .text C:\Users\Max\AppData\Local\Akamai\netsession_win.exe[2852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077da14bb 2 bytes [DA, 77] .text ... * 2 .text C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe[2912] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000077da1465 2 bytes [DA, 77] .text C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe[2912] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000077da14bb 2 bytes [DA, 77] .text ... * 2 .text C:\Users\Max\AppData\Local\Akamai\netsession_win.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077da1465 2 bytes [DA, 77] .text C:\Users\Max\AppData\Local\Akamai\netsession_win.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077da14bb 2 bytes [DA, 77] .text ... * 2 .text C:\Users\Max\Downloads\Defogger.exe[4448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077da1465 2 bytes [DA, 77] .text C:\Users\Max\Downloads\Defogger.exe[4448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077da14bb 2 bytes [DA, 77] .text ... * 2 ---- Processes - GMER 2.1 ---- Library C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [2476] (Copy Shell Extensions/Barracuda Networks, Inc.)(2014-03-12 06:46:22) 000007fef6400000 Library C:\Users\Max\AppData\Roaming\Copy\overlay\Brt.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [2476](2014-03-12 06:46:22) 000007fef4780000 Library C:\Users\Max\AppData\Roaming\Copy\Gui.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [2880](2014-02-04 14:27:02) 000007fef1180000 Library C:\Users\Max\AppData\Roaming\Copy\Brt.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [2880](2014-02-04 14:43:24) 000007feef500000 Library C:\Users\Max\AppData\Roaming\Copy\QtCore4.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [2880] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2013-08-05 22:47:16) 000000006fe40000 Library C:\Users\Max\AppData\Roaming\Copy\QtGui4.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [2880] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2013-08-05 22:47:16) 000000006f4b0000 Library C:\Users\Max\AppData\Roaming\Copy\AgentSync.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [2880](2014-02-0 000007feeea50000 Library C:\Users\Max\AppData\Roaming\Copy\CloudSync.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [2880](2014-02-0 000007feee4e0000 Library C:\Users\Max\AppData\Roaming\Copy\imageformats\qjpeg4.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [2880] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2013-08-05 22:47:50) 000007feed170000 Library C:\Users\Max\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912](2014-07-21 20:53:38) 00000000040a0000 Library c:\users\max\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprdpjlr.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912](2014-08-07 17:09:36) 00000000044e0000 Library C:\Users\Max\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912](2013-10-18 23:55:02) 000000006b270000 Library C:\Users\Max\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912] (ICU Data DLL/The ICU Project)(2013-10-18 23:55:00) 000000006d960000 ---- EOF - GMER 2.1 ---- Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014 Ran by Max (administrator) on MAX-PC on 07-08-2014 19:42:54 Running from C:\Users\Max\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Akamai Technologies, Inc.) C:\Users\Max\AppData\Local\Akamai\netsession_win.exe (Barracuda Networks, Inc.) C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe (Dropbox, Inc.) C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Akamai Technologies, Inc.) C:\Users\Max\AppData\Local\Akamai\netsession_win.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Users\Max\Downloads\Defogger.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKU\.DEFAULT\...\Run: [Copy] => C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [15367824 2014-08-04] (Barracuda Networks, Inc.) HKU\S-1-5-21-1865603631-1092788096-2546801250-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1865603631-1092788096-2546801250-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Max\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-1865603631-1092788096-2546801250-1001\...\Run: [SkyDrive] => C:\Users\Max\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-06] (Microsoft Corporation) HKU\S-1-5-21-1865603631-1092788096-2546801250-1001\...\Run: [Copy] => C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [15367824 2014-08-04] (Barracuda Networks, Inc.) HKU\S-1-5-21-1865603631-1092788096-2546801250-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1865603631-1092788096-2546801250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1865603631-1092788096-2546801250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Max\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-1865603631-1092788096-2546801250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SkyDrive] => C:\Users\Max\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-06] (Microsoft Corporation) HKU\S-1-5-21-1865603631-1092788096-2546801250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Copy] => C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [15367824 2014-08-04] (Barracuda Networks, Inc.) HKU\S-1-5-21-1865603631-1092788096-2546801250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1 AppInit_DLLs-x32: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll" File Not Found Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll No File ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll No File ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll No File ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: 1aCopyShExtError -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 2aCopyShExtSynced -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 3aCopyShExtSyncing -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 4aCopyShExtSyncingProg1 -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 5aCopyShExtSyncingProg2 -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 6aCopyShExtSyncingProg3 -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 7aCopyShExtSyncingProg4 -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 8aCopyShExtSyncingProg5 -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\Max\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll No File ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll No File ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x91CEEDA11709CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF SelectedSearchEngine: Google FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\user.js FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\searchplugins\11-suche.xml FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\ich@maltegoetz.de [2014-07-09] FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\sparpilot@sparpilot.com [2014-08-07] FF Extension: DownloadHelper - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25] FF Extension: ImageHost Grabber - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8} [2013-02-12] FF Extension: WEB.DE MailCheck - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\toolbar@web.de.xpi [2014-08-07] FF Extension: Google Translator for Firefox - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\translator@zoli.bod.xpi [2013-02-12] FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-12] FF Extension: Tab Mix Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-02-12] FF Extension: DownThemAll! - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\i1zg6oxg.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-02-12] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-07-30] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Max\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-06] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\RpcAgentSrv.exe [68760 2009-02-04] (SiSoftware) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-07] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.) S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R3 ysusb64; C:\Windows\System32\drivers\ysusb64.sys [110952 2012-09-27] (Yamaha Corporation) S3 BEHRINGER_2902; System32\Drivers\BUSB2902.sys [X] S3 BUSB_AUDIO_WDM; system32\drivers\busbwdm.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-07 19:42 - 2014-08-07 19:43 - 00018979 _____ () C:\Users\Max\Downloads\FRST.txt 2014-08-07 19:42 - 2014-08-07 19:42 - 02094080 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe 2014-08-07 19:42 - 2014-08-07 19:42 - 00000000 ____D () C:\FRST 2014-08-07 19:39 - 2014-08-07 19:39 - 00000468 _____ () C:\Users\Max\Downloads\defogger_disable.log 2014-08-07 19:39 - 2014-08-07 19:39 - 00000000 _____ () C:\Users\Max\defogger_reenable 2014-08-07 19:37 - 2014-08-07 19:37 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe 2014-08-07 18:43 - 2014-08-07 18:43 - 15395992 _____ () C:\Users\Max\Documents\Firefox 31.0 (x86 de) - 2014-08-07.pcv 2014-08-07 18:40 - 2014-08-07 18:42 - 859082644 _____ () C:\Users\Max\Documents\Thunderbird 24.6.0 (de) - 2014-08-07.pcv 2014-08-07 18:39 - 2014-08-07 18:39 - 00001038 _____ () C:\Users\Public\Desktop\MozBackup.lnk 2014-08-07 18:39 - 2014-08-07 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2014-08-07 18:39 - 2014-08-07 18:39 - 00000000 ____D () C:\Program Files (x86)\MozBackup 2014-08-07 18:38 - 2014-08-07 18:38 - 01101648 _____ () C:\Users\Max\Downloads\MozBackup - CHIP-Installer.exe 2014-08-07 18:34 - 2014-08-07 18:34 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList 2014-08-07 18:34 - 2014-08-07 18:34 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList 2014-08-07 18:34 - 2014-08-07 18:34 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp39cf8f633f2440044789837d05ee0239 2014-08-07 18:31 - 2014-08-07 18:31 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp1f9c7d65fab276adced4fc8d5b4dc46a_ 2014-08-07 18:30 - 2014-08-07 18:30 - 00000110 ___RH () C:\Users\Max\Downloads\Stinger.opt 2014-08-07 18:20 - 2014-08-07 18:30 - 00000000 ____D () C:\Program Files\stinger 2014-08-07 18:20 - 2014-08-07 18:24 - 00000858 _____ () C:\Users\Max\Downloads\Stinger_07082014_182019.html 2014-08-07 18:19 - 2014-08-07 18:19 - 12353896 _____ (McAfee Inc) C:\Users\Max\Downloads\stinger64_CB-DL-Manager [1].exe 2014-08-07 18:19 - 2014-08-07 18:19 - 00787392 _____ ( ) C:\Users\Max\Downloads\stinger64_CB-DL-Manager.exe 2014-08-07 07:23 - 2014-08-07 19:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-07 07:23 - 2014-08-07 07:23 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-07 07:23 - 2014-08-07 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-07 07:23 - 2014-08-07 07:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-07 07:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-07 07:23 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-06 23:40 - 2014-08-06 23:40 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp6408311ee7e6ba9fca037d7cfc7c84a8 2014-08-06 23:37 - 2014-08-07 18:31 - 00000183 _____ () C:\Users\Max\Desktop\Amazon.de.url 2014-08-06 23:37 - 2014-08-06 23:37 - 00000001 _____ () C:\Users\Max\AppData\Local\llftool.4.12.agreement 2014-08-06 23:37 - 2014-08-06 23:37 - 00000000 ____D () C:\Users\Max\ChromeExtensions 2014-08-06 23:37 - 2014-08-06 23:37 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp1f9c7d65fab276adced4fc8d5b4dc46a 2014-08-06 23:36 - 2014-08-06 23:36 - 01035152 _____ () C:\Users\Max\Downloads\HDD-Low-Level-Format-Tool-lnstall.exe 2014-08-06 23:09 - 2014-08-06 23:09 - 00000000 ____D () C:\Users\Max\Downloads\testdisk-7.0-WIP 2014-08-06 23:08 - 2014-08-06 23:09 - 09868751 _____ () C:\Users\Max\Downloads\testdisk-7.0-WIP.win64.zip 2014-08-03 09:46 - 2014-08-03 09:46 - 00000821 _____ () C:\Users\Max\Desktop\LatencyMon.lnk 2014-08-03 09:46 - 2014-08-03 09:46 - 00000809 _____ () C:\Users\Max\Desktop\In Depth Latency Tests.lnk 2014-08-03 09:46 - 2014-08-03 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon 2014-08-03 09:46 - 2014-08-03 09:46 - 00000000 ____D () C:\Program Files\LatencyMon 2014-08-03 09:46 - 2013-10-21 12:26 - 00025504 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys 2014-08-01 07:15 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-01 07:15 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-01 07:15 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-01 07:15 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-01 07:15 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-01 07:15 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-01 07:15 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-01 07:15 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-01 07:15 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-01 07:15 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-01 07:15 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-01 07:15 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-01 07:15 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-01 07:15 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-07-30 08:01 - 2014-07-30 08:01 - 00007605 _____ () C:\Users\Max\AppData\Local\Resmon.ResmonCfg 2014-07-30 07:54 - 2014-08-07 19:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-28 21:45 - 2014-07-28 21:45 - 00000000 ____D () C:\Users\Max\AppData\Local\Downloaded Installations 2014-07-28 21:45 - 2014-07-28 21:45 - 00000000 ____D () C:\Program Files (x86)\Yamaha 2014-07-28 21:45 - 2014-07-28 21:45 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information 2014-07-25 19:16 - 2014-07-25 19:16 - 00000000 ____D () C:\Users\Max\Downloads\Euthymia_Electronic_Organ 2014-07-25 19:08 - 2014-07-27 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-07-23 21:52 - 2014-07-23 22:25 - 00000000 ____D () C:\Users\Max\Downloads\Cubase Elements 7 2014-07-09 07:25 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 07:25 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 07:25 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 07:25 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 07:25 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 07:25 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 07:25 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 07:25 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 07:25 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 07:25 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 07:25 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 07:25 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 07:25 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 07:25 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 07:25 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 07:25 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 07:25 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 07:25 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 07:25 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 07:25 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 07:25 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 07:25 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 07:25 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 07:25 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 07:25 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 07:25 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 07:25 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 07:25 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 07:25 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 07:25 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 07:25 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 07:25 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 07:25 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 07:25 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 07:25 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 07:25 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 07:25 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 07:25 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 07:25 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 07:25 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 07:25 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 07:25 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 07:25 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 07:25 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 07:25 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 07:25 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 07:25 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 07:25 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 07:25 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 07:25 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 07:25 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 07:25 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 07:25 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 07:25 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 07:25 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 07:25 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 07:25 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 07:25 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 07:25 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 07:25 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 07:25 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 07:25 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 07:25 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 07:25 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 07:25 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-07 19:43 - 2014-08-07 19:42 - 00018979 _____ () C:\Users\Max\Downloads\FRST.txt 2014-08-07 19:42 - 2014-08-07 19:42 - 02094080 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe 2014-08-07 19:42 - 2014-08-07 19:42 - 00000000 ____D () C:\FRST 2014-08-07 19:39 - 2014-08-07 19:39 - 00000468 _____ () C:\Users\Max\Downloads\defogger_disable.log 2014-08-07 19:39 - 2014-08-07 19:39 - 00000000 _____ () C:\Users\Max\defogger_reenable 2014-08-07 19:39 - 2013-02-12 13:34 - 00000000 ____D () C:\Users\Max 2014-08-07 19:37 - 2014-08-07 19:37 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe 2014-08-07 19:31 - 2014-05-26 07:29 - 00005118 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Max-PC-Max Max-PC 2014-08-07 19:19 - 2014-08-07 07:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-07 19:18 - 2014-07-30 07:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-07 19:18 - 2009-07-14 06:45 - 00014608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-07 19:18 - 2009-07-14 06:45 - 00014608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-07 19:16 - 2009-07-14 19:58 - 00698688 _____ () C:\Windows\system32\perfh007.dat 2014-08-07 19:16 - 2009-07-14 19:58 - 00148828 _____ () C:\Windows\system32\perfc007.dat 2014-08-07 19:16 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-07 19:14 - 2013-02-12 13:30 - 01978306 _____ () C:\Windows\WindowsUpdate.log 2014-08-07 19:10 - 2014-03-12 08:46 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Copy 2014-08-07 19:10 - 2013-02-12 14:39 - 00000000 ___RD () C:\Users\Max\Dropbox 2014-08-07 19:10 - 2013-02-12 14:38 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Dropbox 2014-08-07 19:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-07 19:09 - 2009-07-14 06:51 - 00131116 _____ () C:\Windows\setupact.log 2014-08-07 18:53 - 2013-02-28 13:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-07 18:49 - 2013-02-12 15:07 - 00000000 ____D () C:\Users\Max\Downloads\JDownloader 2014-08-07 18:43 - 2014-08-07 18:43 - 15395992 _____ () C:\Users\Max\Documents\Firefox 31.0 (x86 de) - 2014-08-07.pcv 2014-08-07 18:42 - 2014-08-07 18:40 - 859082644 _____ () C:\Users\Max\Documents\Thunderbird 24.6.0 (de) - 2014-08-07.pcv 2014-08-07 18:39 - 2014-08-07 18:39 - 00001038 _____ () C:\Users\Public\Desktop\MozBackup.lnk 2014-08-07 18:39 - 2014-08-07 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2014-08-07 18:39 - 2014-08-07 18:39 - 00000000 ____D () C:\Program Files (x86)\MozBackup 2014-08-07 18:38 - 2014-08-07 18:38 - 01101648 _____ () C:\Users\Max\Downloads\MozBackup - CHIP-Installer.exe 2014-08-07 18:34 - 2014-08-07 18:34 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList 2014-08-07 18:34 - 2014-08-07 18:34 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList 2014-08-07 18:34 - 2014-08-07 18:34 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp39cf8f633f2440044789837d05ee0239 2014-08-07 18:31 - 2014-08-07 18:31 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp1f9c7d65fab276adced4fc8d5b4dc46a_ 2014-08-07 18:31 - 2014-08-06 23:37 - 00000183 _____ () C:\Users\Max\Desktop\Amazon.de.url 2014-08-07 18:30 - 2014-08-07 18:30 - 00000110 ___RH () C:\Users\Max\Downloads\Stinger.opt 2014-08-07 18:30 - 2014-08-07 18:20 - 00000000 ____D () C:\Program Files\stinger 2014-08-07 18:24 - 2014-08-07 18:20 - 00000858 _____ () C:\Users\Max\Downloads\Stinger_07082014_182019.html 2014-08-07 18:19 - 2014-08-07 18:19 - 12353896 _____ (McAfee Inc) C:\Users\Max\Downloads\stinger64_CB-DL-Manager [1].exe 2014-08-07 18:19 - 2014-08-07 18:19 - 00787392 _____ ( ) C:\Users\Max\Downloads\stinger64_CB-DL-Manager.exe 2014-08-07 18:13 - 2013-02-12 14:57 - 00093034 _____ () C:\Windows\PFRO.log 2014-08-07 07:23 - 2014-08-07 07:23 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-07 07:23 - 2014-08-07 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-07 07:23 - 2014-08-07 07:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-07 07:23 - 2013-02-13 13:27 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Malwarebytes 2014-08-07 07:23 - 2013-02-13 13:27 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-06 23:45 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-06 23:40 - 2014-08-06 23:40 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp6408311ee7e6ba9fca037d7cfc7c84a8 2014-08-06 23:37 - 2014-08-06 23:37 - 00000001 _____ () C:\Users\Max\AppData\Local\llftool.4.12.agreement 2014-08-06 23:37 - 2014-08-06 23:37 - 00000000 ____D () C:\Users\Max\ChromeExtensions 2014-08-06 23:37 - 2014-08-06 23:37 - 00000000 ____D () C:\Users\Max\AppData\Local\Temp1f9c7d65fab276adced4fc8d5b4dc46a 2014-08-06 23:36 - 2014-08-06 23:36 - 01035152 _____ () C:\Users\Max\Downloads\HDD-Low-Level-Format-Tool-lnstall.exe 2014-08-06 23:26 - 2013-12-20 15:05 - 13144064 _____ () C:\Users\Max\AppData\Roaming\Sandra.mdb 2014-08-06 23:09 - 2014-08-06 23:09 - 00000000 ____D () C:\Users\Max\Downloads\testdisk-7.0-WIP 2014-08-06 23:09 - 2014-08-06 23:08 - 09868751 _____ () C:\Users\Max\Downloads\testdisk-7.0-WIP.win64.zip 2014-08-06 22:45 - 2014-03-06 00:18 - 00000000 ___RD () C:\Users\Max\OneDrive 2014-08-06 22:45 - 2014-03-06 00:17 - 00002198 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-08-06 07:51 - 2013-02-13 11:30 - 00000000 ____D () C:\Users\Max\AppData\Roaming\vlc 2014-08-06 07:34 - 2013-02-12 15:06 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-08-05 07:29 - 2013-02-14 16:46 - 00000000 ____D () C:\Users\Max\Downloads\Musik 2014-08-03 09:46 - 2014-08-03 09:46 - 00000821 _____ () C:\Users\Max\Desktop\LatencyMon.lnk 2014-08-03 09:46 - 2014-08-03 09:46 - 00000809 _____ () C:\Users\Max\Desktop\In Depth Latency Tests.lnk 2014-08-03 09:46 - 2014-08-03 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon 2014-08-03 09:46 - 2014-08-03 09:46 - 00000000 ____D () C:\Program Files\LatencyMon 2014-08-01 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-30 22:23 - 2013-02-12 14:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-30 08:01 - 2014-07-30 08:01 - 00007605 _____ () C:\Users\Max\AppData\Local\Resmon.ResmonCfg 2014-07-28 21:45 - 2014-07-28 21:45 - 00000000 ____D () C:\Users\Max\AppData\Local\Downloaded Installations 2014-07-28 21:45 - 2014-07-28 21:45 - 00000000 ____D () C:\Program Files (x86)\Yamaha 2014-07-28 21:45 - 2014-07-28 21:45 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information 2014-07-27 20:20 - 2014-07-25 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-07-27 20:20 - 2014-05-01 07:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird.bak 2014-07-27 19:38 - 2013-03-04 13:17 - 00000000 ____D () C:\Users\Max\Downloads\ihg 2014-07-25 19:16 - 2014-07-25 19:16 - 00000000 ____D () C:\Users\Max\Downloads\Euthymia_Electronic_Organ 2014-07-24 16:18 - 2013-05-08 07:13 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-07-24 07:21 - 2013-04-13 15:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-24 07:21 - 2013-04-13 15:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-23 23:38 - 2013-04-13 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-23 22:25 - 2014-07-23 21:52 - 00000000 ____D () C:\Users\Max\Downloads\Cubase Elements 7 2014-07-23 21:13 - 2013-02-12 14:39 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-07-22 07:21 - 2014-07-05 15:43 - 00000000 ____D () C:\Users\Max\AppData\Local\Adobe 2014-07-09 17:45 - 2009-07-14 06:45 - 03056904 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 17:44 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 08:17 - 2013-08-14 08:20 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 08:16 - 2013-02-13 17:53 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-08 22:53 - 2013-02-28 13:37 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-08 22:53 - 2013-02-13 11:58 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 22:53 - 2013-02-13 11:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\Max\AppData\Local\Temp\amazonicon_v8.exe C:\Users\Max\AppData\Local\Temp\amazoninstallernircmdc.exe C:\Users\Max\AppData\Local\Temp\AskSLib.dll C:\Users\Max\AppData\Local\Temp\avgnt.exe C:\Users\Max\AppData\Local\Temp\drm_dyndata_7390005.dll C:\Users\Max\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprdpjlr.dll C:\Users\Max\AppData\Local\Temp\FoxySecurity_6.2_GIGA_FF_IE_Setup.exe C:\Users\Max\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe C:\Users\Max\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe C:\Users\Max\AppData\Local\Temp\HDDLLFsetup.4.12.exe C:\Users\Max\AppData\Local\Temp\MSETUP4.EXE C:\Users\Max\AppData\Local\Temp\OfficeSetup.exe C:\Users\Max\AppData\Local\Temp\sdanircmdc.exe C:\Users\Max\AppData\Local\Temp\sdapskill.exe C:\Users\Max\AppData\Local\Temp\sdaspwn.exe C:\Users\Max\AppData\Local\Temp\uninst1.exe C:\Users\Max\AppData\Local\Temp\uninstall.exe C:\Users\Max\AppData\Local\Temp\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-28 21:15 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Max at 2014-08-07 19:43:13
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Template Projects & Footage (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Production Premium (HKLM-x32\...\Adobe_36ac9dc8c9a94feb9e5886810012e78) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Production Premium (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CS4 French Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CS4 German Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CS4 International English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CS4 Italian Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CS4 Japanese Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CS4 Korean Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CS4 Spanish Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 Codecs (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 Library (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS4 (x32 Version: 14.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe OnLocation CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 Codecs (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS4 Server (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
ALDI Bestellsoftware 4.13 (HKLM-x32\...\ALDI Bestellsoftware) (Version: 4.13 - ORWO Net)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Brother P-touch Editor 5.0 (HKLM-x32\...\{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.2210 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{42036760-2DA4-43C4-A48A-9F90A0F1FA0E}) (Version: 1.0.0060 - Brother Industries, Ltd.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Copy (HKLM\...\{664279F5-676C-47F5-BCAE-736A4689980D}) (Version: 1.42.277.0 - Barracuda Networks, Inc.)
DigiTech RP350 ASIO (remove only) (HKLM-x32\...\DigiTech RP350 driver) (Version: - )
DigiTech X-Edit 2.3.1 (HKLM-x32\...\{2FEAEADA-1FBF-434D-8EE0-D136F5D21E75}) (Version: 2.3.1.2 - DigiTech)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05 - Electronic Arts, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
DVDFab 8.2.2.7 (06/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2138 - Steinberg Media Technologies GmbH)
EZdrummer Lite Edition 64 bit (HKLM\...\{3EE0A883-703C-44E1-B1E2-899E541B35F6}) (Version: 1.3.1 - Toontrack)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FreeFileSync 5.12 (HKLM-x32\...\FreeFileSync) (Version: 5.12 - Zenju)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
MAGIX Analogue Modelling Suite Plus (HKLM\...\MX.{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Analogue Modelling Suite Plus (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Burn routines (64-Bit) (HKLM\...\{49146694-5F5F-4B1F-AD15-6587F47A0FD7}) (Version: 9.0.0.212 - MAGIX AG)
MAGIX Burn routines (HKLM\...\{A64B679B-E591-4C74-B74A-147E0CCEDCE4}) (Version: 11.0.0.238 - MAGIX Software GmbH)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX essentialFX Suite (HKLM\...\MX.{CB7B17F4-3833-4699-890B-52C5D0AB926D}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX essentialFX Suite (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Independence Libraries Common Files (HKLM\...\MX.{34563DEE-79CD-4E2B-B41B-41A81B8188F0}) (Version: 3.2.0.0 - MAGIX AG)
MAGIX Independence Libraries Common Files (Version: 3.2.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\MX.{CE4E2B9B-9D8C-4857-8BD5-230CE6E24A3B}) (Version: 3.2.0.0 - MAGIX AG)
MAGIX Independence Pro 3.2 VST-Plugins (Version: 3.2.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro Software Suite 3.2 (HKLM-x32\...\MX.{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.2.0.91 - MAGIX AG)
MAGIX Independence Pro Software Suite 3.2 (Version: 3.2.0.91 - MAGIX AG) Hidden
MAGIX Low Latency Driver (64-Bit) (HKLM\...\{42976FDB-5756-4077-A491-095F228E99E2}) (Version: 2.10.2011.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{7A5D8D42-3688-47B3-B5BA-923B1DDFAA2B}) (Version: 20.0.0.28 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Version: 20.0.0.28 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium Update (Version: 20.0.3.45 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium Update (Version: 20.0.4.49 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium Update (Version: 20.0.5.56 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2014 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Studio 2 (HKLM-x32\...\MX.{B0A66D5D-A76E-4E9C-82F0-97211F0D0A66}) (Version: 20.0.0.10 - MAGIX AG)
MAGIX Music Studio 2 (Version: 20.0.0.10 - MAGIX AG) Hidden
Magix Music Studio 2 Update (Version: 20.0.2.16 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{CE49B99B-D42B-4F25-801A-5AA719CDA823}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Vandal VST-PlugIn (HKLM\...\MX.{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vandal VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX VariVerb II VST-PlugIn (HKLM\...\MX.{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX VariVerb II VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vintage Effects Suite (HKLM\...\MX.{48978B41-9CD5-4274-9519-B622DD89727D}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vintage Effects Suite (Version: 1.0.0.0 - MAGIX AG) Hidden
MailStore Home 7.1.0.7815 (HKLM-x32\...\MailStore Home_universal1) (Version: 7.1.0.7815 - MailStore Software GmbH)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Outlook 2013 - de-de (HKLM\...\OutlookRetail - de-de) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBee 2.0 (HKLM-x32\...\MusicBee) (Version: 2.0 - Steven Mayall)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NVIDIA PhysX (HKLM-x32\...\{506DDFBE-983F-4BC3-84B8-65F423B2D798}) (Version: 9.09.0209 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Outlook Backup Assistant 7 (Testversion) (HKLM-x32\...\812A5AC8-50DA-43D8-B36E-30CDD7FCCAA1_is1) (Version: 7.0 - Priotecs IT GmbH)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line)
RippMe (HKLM-x32\...\{D5E3232E-BE61-45FA-96BB-700349EFF048}) (Version: 3.04 - Lindy)
Sacred 2 (HKLM-x32\...\{1023383E-D9F6-478C-A965-23A4657B3C9A}) (Version: 2.40.0.0 - Ascaron Entertainment)
Samplitude Pro X Silver (HKLM-x32\...\MAGIX_{A7825894-390D-4BBB-9EDC-C829F8B2C271}) (Version: 12.0.2.115 - MAGIX AG)
Samplitude Pro X Silver (x32 Version: 12.0.2.115 - MAGIX AG) Hidden
Samplitude Pro X Silver 64-Bit Addon for Samplitude Pro X Silver (HKLM-x32\...\{DA120551-51CE-3195-8F9E-93D822F61597}) (Version: 1.3.0.0 - MAGIX AG)
Samplitude Pro X Silver Independence Free for Samplitude Pro X Silver (HKLM-x32\...\{E80D368A-7860-33B0-AD3C-4C94D8023141}) (Version: 1.3.0.0 - MAGIX AG)
Samplitude Pro X Silver Objekt-Synthesizer for Samplitude Pro X Silver (HKLM-x32\...\{D1B56A67-E132-39BB-8250-BE265061B712}) (Version: 1.0.0.0 - MAGIX AG)
Should I Remove It (HKCU\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SiSoftware Sandra Lite 2013.SP1a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.29.2013.3 - SiSoftware)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase LE 4 (HKLM-x32\...\{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}) (Version: 4.0.3.2233 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.5 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Syncrosoft Lizenz Kontrolle (HKLM-x32\...\Syncrosoft License Control) (Version: - SIA Syncrosoft)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Toontrack solo 64 bit (HKLM\...\{FA9D0D8C-FDD1-45C2-8291-079FBA72D2CB}) (Version: 1.3.1 - Toontrack)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VidCoder 1.3.4 (x64) (HKLM\...\VidCoder-x64_is1) (Version: 1.3.4 - RandomEngy)
Vita 2 (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita 2 Zusatzcontent (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Drum Engine (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Electric Piano (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Electric Piano Update (Version: 1.0.2.0 - MAGIX AG) Hidden
Vita Jazz Drums (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Pop Brass (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Power Guitar (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Vintage Organ (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Vintage Organ Update (Version: 1.0.1.0 - MAGIX AG) Hidden
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WiMP 2.5.0 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.5.0 - Aspiro AS)
WiMP 2.5.0 (x32 Version: 2.5.0 - Aspiro AS) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{BD21DB89-00D4-4D6D-9614-E35A5DE792C6}) (Version: 1.7.1 - Yamaha Corporation)
Yamaha Steinberg USB Driver (Version: 1.7.1 - Yamaha Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{6295A54D-BD2A-4CF7-A288-62B0D91F7879}\InprocServer32 -> C:\Program Files (x86)\Outlook Backup Assistant\AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{743035C6-FA33-39DF-A741-34A81649705C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{E3DF3DC0-3869-3CF6-9638-ACE5BFCF8341}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{E444D266-68C3-4748-91FC-49A65C606776}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll No File
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1865603631-1092788096-2546801250-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-07-2014 20:22:38 Windows Update
23-07-2014 21:36:55 Windows Update
28-07-2014 19:45:41 Installiert Yamaha Steinberg USB Driver
29-07-2014 20:26:22 Windows Update
01-08-2014 05:15:15 Windows Update
02-08-2014 04:12:46 Windows Update
06-08-2014 05:18:24 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {123B44FD-9C7A-46D5-98FF-B6FF20D67870} - System32\Tasks\ShouldIRemoveIt => C:\Users\Max\AppData\Roaming\Reason\Should I Remove It\ShouldIRemoveIt.exe [2013-02-08] (Reason Software Company Inc.)
Task: {1B7A9B73-03FB-4771-9EE8-F688E2B15095} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-06-19] (Microsoft Corporation)
Task: {27F2EFCA-EF48-4CDD-A9FD-135FB62E61DF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: {91C0971E-5FB1-45E4-853E-11532EF256C9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Max-PC-Max Max-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-19] (Microsoft Corporation)
Task: {A830CE69-F3FF-47F5-9AFD-6D42790EF177} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-06-19] (Microsoft Corporation)
Task: {B1084A38-5AD0-4DC3-817C-07B135AC267F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-04-16 08:13 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-12 08:46 - 2014-06-12 07:29 - 08212480 _____ () C:\Users\Max\AppData\Roaming\Copy\overlay\Brt.dll
2014-02-04 16:27 - 2014-08-04 21:13 - 02092544 _____ () C:\Users\Max\AppData\Roaming\Copy\Gui.dll
2014-02-04 16:43 - 2014-08-04 21:13 - 08212480 _____ () C:\Users\Max\AppData\Roaming\Copy\Brt.dll
2014-02-04 16:29 - 2014-08-04 21:13 - 09222656 _____ () C:\Users\Max\AppData\Roaming\Copy\AgentSync.dll
2014-02-04 16:27 - 2014-08-04 21:13 - 05329920 _____ () C:\Users\Max\AppData\Roaming\Copy\CloudSync.dll
2014-08-07 19:37 - 2014-08-07 19:37 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-07 19:09 - 2014-08-07 19:09 - 00043008 _____ () c:\users\max\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprdpjlr.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Max\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-30 07:54 - 2014-07-30 07:54 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0ENQBO => C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
==================== Faulty Device Manager Devices =============
Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: High Definition Audio-Gerät
Description: High Definition Audio-Gerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/07/2014 07:01:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9e4
Startzeit: 01cfb25a918d3b46
Endzeit: 12964
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 75d7fbee-1e54-11e4-9b47-e0cb4e197ea5
Error: (08/07/2014 07:42:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm sidebar.exe, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 874
Startzeit: 01cfb2024d03a44d
Endzeit: 0
Anwendungspfad: C:\Program Files\Windows Sidebar\sidebar.exe
Berichts-ID: 9111a705-1df5-11e4-8aca-e0cb4e197ea5
Error: (08/06/2014 10:48:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5f0
Startzeit: 01cfb1b750b2f796
Endzeit: 18237
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: fa621d46-1daa-11e4-bce2-e0cb4e197ea5
Error: (08/06/2014 10:37:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 978
Startzeit: 01cfb1b5e459c325
Endzeit: 0
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 6bf39194-1da9-11e4-8238-e0cb4e197ea5
Error: (08/04/2014 10:35:11 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (08/03/2014 10:03:42 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (08/02/2014 03:28:10 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (08/01/2014 05:29:07 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (07/31/2014 08:27:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (07/30/2014 08:26:50 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
System errors:
=============
Error: (08/07/2014 07:10:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Error: (08/07/2014 06:46:38 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (08/07/2014 06:34:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Hub Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/07/2014 06:20:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/07/2014 06:20:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/07/2014 06:19:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (08/07/2014 06:15:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (08/07/2014 06:11:27 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (08/07/2014 07:45:56 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (08/07/2014 07:41:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (08/07/2014 07:01:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175149e401cfb25a918d3b4612964C:\Windows\Explorer.EXE75d7fbee-1e54-11e4-9b47-e0cb4e197ea5
Error: (08/07/2014 07:42:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: sidebar.exe6.1.7601.1751487401cfb2024d03a44d0C:\Program Files\Windows Sidebar\sidebar.exe9111a705-1df5-11e4-8aca-e0cb4e197ea5
Error: (08/06/2014 10:48:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.175145f001cfb1b750b2f79618237C:\Windows\explorer.exefa621d46-1daa-11e4-bce2-e0cb4e197ea5
Error: (08/06/2014 10:37:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1751497801cfb1b5e459c3250C:\Windows\Explorer.EXE6bf39194-1da9-11e4-8238-e0cb4e197ea5
Error: (08/04/2014 10:35:11 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifestc:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifest2
Error: (08/03/2014 10:03:42 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifestc:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifest2
Error: (08/02/2014 03:28:10 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifestc:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifest2
Error: (08/01/2014 05:29:07 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifestc:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifest2
Error: (07/31/2014 08:27:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifestc:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifest2
Error: (07/30/2014 08:26:50 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifestc:\program files (x86)\outlook backup assistant\AddIn\adxloader.dll.Manifest2
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 6135.11 MB
Available physical RAM: 3798.9 MB
Total Pagefile: 12268.41 MB
Available Pagefile: 9775.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:238.47 GB) (Free:70.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:465.62 GB) NTFS
Drive e: (Backup) (Fixed) (Total:488.28 GB) (Free:254.52 GB) NTFS
Drive f: (Filme) (Fixed) (Total:465.75 GB) (Free:74.64 GB) NTFS
Drive g: (Stuff) (Fixed) (Total:443.23 GB) (Free:122.7 GB) NTFS
Drive h: (Storage) (Fixed) (Total:931.51 GB) (Free:302.5 GB) NTFS
Drive i: (YE968B0) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 28A1826A)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E1331ECC)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E1331ECD)
Partition 1: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1D86F4CE)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
So, das sollte es gewesen sein. Vielen, vielen Dank für die Hilfe! Grüße und einen schönen Abend, Max |
| Themen zu Windows 7 auf einmal langsam, Festplatte umformatiert, viele Malwarebytes Funde |
| akamai, antivir, antivirus, avira, booten, branding, browser, canon, cubase, desktop, festplatte, firefox, firefox 31.0, flash player, helper, home, homepage, hängen, langsam, langsamkeit, mozilla, newtab, outlook 2013, problem, programm, registry, scan, software, svchost.exe, system, updates, windows |
Baum-Darstellung