| |  Anhang Mahn E-Mail geöffnet und mit AVira gelöscht
 Hallo zusammen,
ich habe heute Abend versehentlich den Anhang einer Mahn E-Mail geöffnet (Pay24... AG) - Mein AntiVirus Programm Avira hat die Datei gleich geblockt und in die Quarantäne eingestellt. Daraufhin habe ich in Avira die Quarantäne gelöscht.
Nun habe ich trotzdem noch bedenken, ob der Trojaner noch drauf ist. Mein Antivirus Programm zeigt vollständige Sicherheit an und sonst habe ich auch noch keine Veränderungen bemerkt.
Meine Frage ist, muss ich nun noch weitere Schritte einleiten?
Ich hoffe ihr könnt mir helfen! Zitat:
Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 24. Februar 2016 22:10
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 8.1 Pro N
Windowsversion : (plain) [6.3.9600]
Boot Modus : Normal gebootet
Benutzername : Windows8
Computername : WIN8
Versionsinformationen:
build.dat : 15.0.15.141 93076 Bytes 2/17/2016 08:41:00
AVSCAN.EXE : 15.0.15.133 1202864 Bytes 2/18/2016 21:18:15
AVSCANRC.DLL : 15.0.15.137 66208 Bytes 2/18/2016 21:18:16
LUKE.DLL : 15.0.15.133 69248 Bytes 2/18/2016 21:18:55
AVSCPLR.DLL : 15.0.15.133 106352 Bytes 2/18/2016 21:18:17
REPAIR.DLL : 15.0.15.133 493608 Bytes 2/18/2016 21:18:11
repair.rdf : 1.0.14.76 1534339 Bytes 2/24/2016 19:41:55
AVREG.DLL : 15.0.15.133 345344 Bytes 2/18/2016 21:18:10
avlode.dll : 15.0.15.133 700712 Bytes 2/18/2016 21:18:06
avlode.rdf : 14.0.5.24 89481 Bytes 2/10/2016 17:44:29
XBV00005.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:33
XBV00006.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00007.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00008.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00009.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00010.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00011.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00012.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00013.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00014.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00015.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00016.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00017.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00018.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00019.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00020.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00021.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00022.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00023.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00024.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00025.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00026.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:34
XBV00027.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00028.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00029.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00030.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00031.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00032.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00033.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00034.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00035.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00036.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00037.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00038.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00039.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00040.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00041.VDF : 8.12.37.66 2048 Bytes 12/17/2015 10:17:35
XBV00237.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:21
XBV00238.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:22
XBV00239.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:22
XBV00240.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:22
XBV00241.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:22
XBV00242.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:22
XBV00243.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:22
XBV00244.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:22
XBV00245.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00246.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00247.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00248.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00249.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00250.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00251.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00252.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00253.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00254.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00255.VDF : 8.12.52.208 2048 Bytes 2/2/2016 18:53:23
XBV00000.VDF : 7.11.70.0 66736640 Bytes 4/4/2013 18:58:25
XBV00001.VDF : 7.11.237.0 48041984 Bytes 6/2/2015 10:16:56
XBV00002.VDF : 7.12.37.36 16452096 Bytes 12/17/2015 10:17:33
XBV00003.VDF : 8.12.44.142 3948032 Bytes 1/9/2016 09:47:37
XBV00004.VDF : 8.12.52.208 4036096 Bytes 2/2/2016 18:52:56
XBV00042.VDF : 8.12.52.214 2048 Bytes 2/2/2016 18:52:57
XBV00043.VDF : 8.12.52.226 43520 Bytes 2/2/2016 18:52:57
XBV00044.VDF : 8.12.52.232 2048 Bytes 2/2/2016 18:52:57
XBV00045.VDF : 8.12.52.238 15360 Bytes 2/2/2016 18:52:57
XBV00046.VDF : 8.12.52.240 2048 Bytes 2/2/2016 18:52:57
XBV00047.VDF : 8.12.52.242 18432 Bytes 2/2/2016 18:52:58
XBV00048.VDF : 8.12.52.252 36352 Bytes 2/3/2016 18:52:58
XBV00049.VDF : 8.12.53.2 12800 Bytes 2/3/2016 18:52:58
XBV00050.VDF : 8.12.53.8 16896 Bytes 2/3/2016 18:52:58
XBV00051.VDF : 8.12.53.30 43008 Bytes 2/3/2016 18:52:58
XBV00052.VDF : 8.12.53.38 2048 Bytes 2/3/2016 18:52:58
XBV00053.VDF : 8.12.53.46 13824 Bytes 2/3/2016 18:52:58
XBV00054.VDF : 8.12.53.54 7680 Bytes 2/3/2016 18:52:59
XBV00055.VDF : 8.12.53.62 7680 Bytes 2/3/2016 18:52:59
XBV00056.VDF : 8.12.53.70 10240 Bytes 2/3/2016 18:52:59
XBV00057.VDF : 8.12.53.86 28672 Bytes 2/4/2016 18:52:59
XBV00058.VDF : 8.12.53.94 21504 Bytes 2/4/2016 18:52:59
XBV00059.VDF : 8.12.53.102 10240 Bytes 2/4/2016 18:52:59
XBV00060.VDF : 8.12.53.104 5632 Bytes 2/4/2016 18:52:59
XBV00061.VDF : 8.12.53.108 34304 Bytes 2/4/2016 18:53:00
XBV00062.VDF : 8.12.53.110 11264 Bytes 2/4/2016 18:53:00
XBV00063.VDF : 8.12.53.112 10240 Bytes 2/4/2016 18:53:00
XBV00064.VDF : 8.12.53.114 11776 Bytes 2/4/2016 18:53:00
XBV00065.VDF : 8.12.53.116 2048 Bytes 2/4/2016 18:53:01
XBV00066.VDF : 8.12.53.118 10240 Bytes 2/4/2016 18:53:01
XBV00067.VDF : 8.12.53.120 7168 Bytes 2/4/2016 18:53:01
XBV00068.VDF : 8.12.53.128 31744 Bytes 2/5/2016 18:53:01
XBV00069.VDF : 8.12.53.132 22528 Bytes 2/5/2016 18:53:01
XBV00070.VDF : 8.12.53.156 16384 Bytes 2/5/2016 18:53:01
XBV00071.VDF : 8.12.53.174 10240 Bytes 2/5/2016 18:53:01
XBV00072.VDF : 8.12.53.186 40448 Bytes 2/5/2016 18:53:02
XBV00073.VDF : 8.12.53.196 8704 Bytes 2/5/2016 18:53:02
XBV00074.VDF : 8.12.53.206 8192 Bytes 2/5/2016 18:53:02
XBV00075.VDF : 8.12.53.216 7680 Bytes 2/5/2016 18:53:02
XBV00076.VDF : 8.12.53.218 9216 Bytes 2/5/2016 18:53:02
XBV00077.VDF : 8.12.53.220 7680 Bytes 2/5/2016 18:53:02
XBV00078.VDF : 8.12.53.224 61440 Bytes 2/6/2016 18:53:02
XBV00079.VDF : 8.12.53.234 9216 Bytes 2/6/2016 18:53:03
XBV00080.VDF : 8.12.53.244 2048 Bytes 2/6/2016 18:53:03
XBV00081.VDF : 8.12.53.254 16896 Bytes 2/6/2016 18:53:03
XBV00082.VDF : 8.12.54.18 130560 Bytes 2/7/2016 18:53:03
XBV00083.VDF : 8.12.54.28 2048 Bytes 2/7/2016 18:53:03
XBV00084.VDF : 8.12.54.46 20992 Bytes 2/7/2016 18:53:03
XBV00085.VDF : 8.12.54.78 85504 Bytes 2/8/2016 18:53:04
XBV00086.VDF : 8.12.54.98 2048 Bytes 2/8/2016 18:53:04
XBV00087.VDF : 8.12.54.112 2048 Bytes 2/8/2016 18:53:04
XBV00088.VDF : 8.12.54.126 17408 Bytes 2/8/2016 18:53:04
XBV00089.VDF : 8.12.54.138 8704 Bytes 2/8/2016 18:53:04
XBV00090.VDF : 8.12.54.158 18432 Bytes 2/8/2016 18:53:04
XBV00091.VDF : 8.12.54.168 30720 Bytes 2/8/2016 18:53:05
XBV00092.VDF : 8.12.54.170 7168 Bytes 2/8/2016 18:53:05
XBV00093.VDF : 8.12.54.172 6656 Bytes 2/8/2016 18:53:05
XBV00094.VDF : 8.12.54.174 9216 Bytes 2/8/2016 18:53:05
XBV00095.VDF : 8.12.54.176 9216 Bytes 2/8/2016 18:53:05
XBV00096.VDF : 8.12.54.178 7680 Bytes 2/8/2016 18:53:05
XBV00097.VDF : 8.12.54.180 5632 Bytes 2/8/2016 18:53:06
XBV00098.VDF : 8.12.54.184 24064 Bytes 2/9/2016 18:53:06
XBV00099.VDF : 8.12.54.186 7168 Bytes 2/9/2016 18:53:06
XBV00100.VDF : 8.12.54.188 24064 Bytes 2/9/2016 18:53:06
XBV00101.VDF : 8.12.54.190 2048 Bytes 2/9/2016 18:53:06
XBV00102.VDF : 8.12.54.194 43520 Bytes 2/9/2016 18:53:06
XBV00103.VDF : 8.12.54.202 9216 Bytes 2/9/2016 20:52:52
XBV00104.VDF : 8.12.54.208 6144 Bytes 2/9/2016 20:52:52
XBV00105.VDF : 8.12.54.210 2048 Bytes 2/9/2016 20:52:52
XBV00106.VDF : 8.12.54.216 10752 Bytes 2/9/2016 17:44:29
XBV00107.VDF : 8.12.54.222 6144 Bytes 2/9/2016 17:44:30
XBV00108.VDF : 8.12.54.224 20480 Bytes 2/9/2016 17:44:30
XBV00109.VDF : 8.12.54.226 36864 Bytes 2/10/2016 17:44:30
XBV00110.VDF : 8.12.54.228 24064 Bytes 2/10/2016 17:44:30
XBV00111.VDF : 8.12.54.236 7680 Bytes 2/10/2016 17:44:30
XBV00112.VDF : 8.12.55.16 75776 Bytes 2/10/2016 17:44:30
XBV00113.VDF : 8.12.55.86 57856 Bytes 2/10/2016 09:10:41
XBV00114.VDF : 8.12.55.118 9728 Bytes 2/10/2016 09:10:41
XBV00115.VDF : 8.12.55.122 9728 Bytes 2/10/2016 09:10:42
XBV00116.VDF : 8.12.55.152 11776 Bytes 2/10/2016 09:10:42
XBV00117.VDF : 8.12.55.182 7168 Bytes 2/10/2016 09:10:42
XBV00118.VDF : 8.12.55.186 7680 Bytes 2/10/2016 09:10:42
XBV00119.VDF : 8.12.55.188 2048 Bytes 2/10/2016 09:10:42
XBV00120.VDF : 8.12.55.212 45056 Bytes 2/11/2016 19:16:00
XBV00121.VDF : 8.12.55.246 2048 Bytes 2/11/2016 19:16:00
XBV00122.VDF : 8.12.56.10 31744 Bytes 2/11/2016 19:16:01
XBV00123.VDF : 8.12.56.74 52224 Bytes 2/11/2016 19:16:01
XBV00124.VDF : 8.12.56.94 2048 Bytes 2/11/2016 19:16:01
XBV00125.VDF : 8.12.56.150 22016 Bytes 2/11/2016 19:16:01
XBV00126.VDF : 8.12.56.190 46592 Bytes 2/12/2016 19:16:01
XBV00127.VDF : 8.12.56.210 2048 Bytes 2/12/2016 19:16:01
XBV00128.VDF : 8.12.56.230 27136 Bytes 2/12/2016 19:16:01
XBV00129.VDF : 8.12.56.248 2048 Bytes 2/12/2016 19:16:01
XBV00130.VDF : 8.12.57.10 13312 Bytes 2/12/2016 19:16:02
XBV00131.VDF : 8.12.57.12 12288 Bytes 2/12/2016 19:16:02
XBV00132.VDF : 8.12.57.32 49152 Bytes 2/12/2016 19:16:02
XBV00133.VDF : 8.12.57.48 2048 Bytes 2/12/2016 19:16:02
XBV00134.VDF : 8.12.57.66 27648 Bytes 2/12/2016 09:14:31
XBV00135.VDF : 8.12.57.82 14848 Bytes 2/12/2016 09:14:31
XBV00136.VDF : 8.12.57.98 7168 Bytes 2/12/2016 09:14:32
XBV00137.VDF : 8.12.57.130 56832 Bytes 2/13/2016 09:14:32
XBV00138.VDF : 8.12.57.148 43008 Bytes 2/13/2016 09:14:32
XBV00139.VDF : 8.12.57.178 65536 Bytes 2/14/2016 09:14:32
XBV00140.VDF : 8.12.57.194 8192 Bytes 2/14/2016 09:14:32
XBV00141.VDF : 8.12.57.210 10752 Bytes 2/14/2016 18:45:26
XBV00142.VDF : 8.12.57.224 8192 Bytes 2/14/2016 18:45:26
XBV00143.VDF : 8.12.57.226 9216 Bytes 2/14/2016 18:45:26
XBV00144.VDF : 8.12.57.240 2048 Bytes 2/14/2016 18:45:26
XBV00145.VDF : 8.12.57.254 58880 Bytes 2/15/2016 18:45:27
XBV00146.VDF : 8.12.58.12 2048 Bytes 2/15/2016 18:45:27
XBV00147.VDF : 8.12.58.26 14336 Bytes 2/15/2016 18:45:27
XBV00148.VDF : 8.12.58.40 2048 Bytes 2/15/2016 18:45:27
XBV00149.VDF : 8.12.58.54 11776 Bytes 2/15/2016 18:45:27
XBV00150.VDF : 8.12.58.58 48128 Bytes 2/15/2016 19:46:21
XBV00151.VDF : 8.12.58.74 2048 Bytes 2/15/2016 19:46:21
XBV00152.VDF : 8.12.58.86 19968 Bytes 2/15/2016 19:46:21
XBV00153.VDF : 8.12.58.98 17920 Bytes 2/15/2016 19:46:22
XBV00154.VDF : 8.12.58.114 14848 Bytes 2/15/2016 19:46:22
XBV00155.VDF : 8.12.58.118 2048 Bytes 2/16/2016 19:46:22
XBV00156.VDF : 8.12.58.132 43520 Bytes 2/16/2016 19:46:22
XBV00157.VDF : 8.12.58.144 9728 Bytes 2/16/2016 19:46:22
XBV00158.VDF : 8.12.58.156 11264 Bytes 2/16/2016 19:46:22
XBV00159.VDF : 8.12.58.168 9728 Bytes 2/16/2016 19:46:22
XBV00160.VDF : 8.12.58.194 65536 Bytes 2/16/2016 19:46:23
XBV00161.VDF : 8.12.58.204 13824 Bytes 2/16/2016 19:46:23
XBV00162.VDF : 8.12.58.216 12288 Bytes 2/16/2016 19:46:23
XBV00163.VDF : 8.12.58.226 9216 Bytes 2/16/2016 19:46:23
XBV00164.VDF : 8.12.58.228 10752 Bytes 2/16/2016 19:46:23
XBV00165.VDF : 8.12.58.230 7680 Bytes 2/16/2016 19:46:23
XBV00166.VDF : 8.12.58.234 31232 Bytes 2/17/2016 19:46:23
XBV00167.VDF : 8.12.58.244 25600 Bytes 2/17/2016 19:46:24
XBV00168.VDF : 8.12.58.254 10752 Bytes 2/17/2016 19:46:24
XBV00169.VDF : 8.12.59.8 11776 Bytes 2/17/2016 19:46:24
XBV00170.VDF : 8.12.59.14 2048 Bytes 2/17/2016 19:46:24
XBV00171.VDF : 8.12.59.24 19456 Bytes 2/17/2016 19:46:24
XBV00172.VDF : 8.12.59.26 18944 Bytes 2/17/2016 19:46:24
XBV00173.VDF : 8.12.59.28 2560 Bytes 2/17/2016 19:46:24
XBV00174.VDF : 8.12.59.30 9728 Bytes 2/17/2016 19:46:24
XBV00175.VDF : 8.12.59.32 2048 Bytes 2/17/2016 19:46:25
XBV00176.VDF : 8.12.59.34 14336 Bytes 2/17/2016 21:46:19
XBV00177.VDF : 8.12.59.36 11264 Bytes 2/17/2016 21:46:19
XBV00178.VDF : 8.12.59.40 44032 Bytes 2/18/2016 21:19:06
XBV00179.VDF : 8.12.59.42 11264 Bytes 2/18/2016 21:19:07
XBV00180.VDF : 8.12.59.72 25088 Bytes 2/18/2016 21:19:07
XBV00181.VDF : 8.12.59.80 17920 Bytes 2/18/2016 21:19:08
XBV00182.VDF : 8.12.59.94 26624 Bytes 2/18/2016 21:19:08
XBV00183.VDF : 8.12.59.104 17920 Bytes 2/18/2016 18:38:06
XBV00184.VDF : 8.12.59.118 31744 Bytes 2/18/2016 18:38:06
XBV00185.VDF : 8.12.59.140 45056 Bytes 2/19/2016 18:38:06
XBV00186.VDF : 8.12.59.148 32768 Bytes 2/19/2016 18:38:06
XBV00187.VDF : 8.12.59.160 8192 Bytes 2/19/2016 18:38:06
XBV00188.VDF : 8.12.59.168 12288 Bytes 2/19/2016 18:38:06
XBV00189.VDF : 8.12.59.176 2048 Bytes 2/19/2016 18:38:06
XBV00190.VDF : 8.12.59.184 24576 Bytes 2/19/2016 18:38:07
XBV00191.VDF : 8.12.59.190 2048 Bytes 2/19/2016 18:38:07
XBV00192.VDF : 8.12.59.196 16384 Bytes 2/19/2016 18:38:07
XBV00193.VDF : 8.12.59.202 11264 Bytes 2/19/2016 18:38:07
XBV00194.VDF : 8.12.59.208 12288 Bytes 2/19/2016 21:30:09
XBV00195.VDF : 8.12.59.212 10240 Bytes 2/19/2016 21:30:09
XBV00196.VDF : 8.12.59.216 9728 Bytes 2/19/2016 21:30:09
XBV00197.VDF : 8.12.59.220 17408 Bytes 2/20/2016 21:30:10
XBV00198.VDF : 8.12.59.224 2048 Bytes 2/20/2016 21:30:10
XBV00199.VDF : 8.12.59.228 50688 Bytes 2/20/2016 21:30:10
XBV00200.VDF : 8.12.60.18 18432 Bytes 2/20/2016 21:30:10
XBV00201.VDF : 8.12.60.38 21504 Bytes 2/20/2016 21:30:10
XBV00202.VDF : 8.12.60.58 9728 Bytes 2/20/2016 21:30:10
XBV00203.VDF : 8.12.60.78 72704 Bytes 2/21/2016 20:21:20
XBV00204.VDF : 8.12.60.116 7680 Bytes 2/21/2016 20:21:20
XBV00205.VDF : 8.12.60.134 10752 Bytes 2/21/2016 20:21:20
XBV00206.VDF : 8.12.60.156 12288 Bytes 2/21/2016 20:21:20
XBV00207.VDF : 8.12.60.174 49664 Bytes 2/22/2016 20:21:20
XBV00208.VDF : 8.12.60.194 17408 Bytes 2/22/2016 20:21:20
XBV00209.VDF : 8.12.60.196 8704 Bytes 2/22/2016 20:21:20
XBV00210.VDF : 8.12.60.198 6656 Bytes 2/22/2016 20:21:20
XBV00211.VDF : 8.12.60.200 14848 Bytes 2/22/2016 20:21:20
XBV00212.VDF : 8.12.60.202 11776 Bytes 2/22/2016 20:21:20
XBV00213.VDF : 8.12.60.220 10240 Bytes 2/22/2016 20:21:21
XBV00214.VDF : 8.12.60.240 12288 Bytes 2/22/2016 20:21:21
XBV00215.VDF : 8.12.61.2 2048 Bytes 2/22/2016 20:21:21
XBV00216.VDF : 8.12.61.20 15872 Bytes 2/22/2016 20:21:21
XBV00217.VDF : 8.12.61.38 2048 Bytes 2/22/2016 20:21:21
XBV00218.VDF : 8.12.61.56 14336 Bytes 2/22/2016 20:21:21
XBV00219.VDF : 8.12.61.58 13312 Bytes 2/22/2016 20:21:21
XBV00220.VDF : 8.12.61.74 2048 Bytes 2/23/2016 20:21:21
XBV00221.VDF : 8.12.61.78 52736 Bytes 2/23/2016 20:21:21
XBV00222.VDF : 8.12.61.80 18432 Bytes 2/23/2016 20:21:21
XBV00223.VDF : 8.12.61.82 9216 Bytes 2/23/2016 20:21:21
XBV00224.VDF : 8.12.61.84 8704 Bytes 2/23/2016 20:21:21
XBV00225.VDF : 8.12.61.86 10240 Bytes 2/23/2016 20:21:21
XBV00226.VDF : 8.12.61.100 33792 Bytes 2/23/2016 20:21:21
XBV00227.VDF : 8.12.61.118 25600 Bytes 2/23/2016 22:21:21
XBV00228.VDF : 8.12.61.146 17920 Bytes 2/23/2016 19:41:54
XBV00229.VDF : 8.12.61.166 34304 Bytes 2/24/2016 19:41:54
XBV00230.VDF : 8.12.61.182 17920 Bytes 2/24/2016 19:41:54
XBV00231.VDF : 8.12.61.198 15872 Bytes 2/24/2016 19:41:54
XBV00232.VDF : 8.12.61.214 8192 Bytes 2/24/2016 19:41:54
XBV00233.VDF : 8.12.61.216 8704 Bytes 2/24/2016 19:41:54
XBV00234.VDF : 8.12.61.218 8704 Bytes 2/24/2016 19:41:54
XBV00235.VDF : 8.12.61.226 13312 Bytes 2/24/2016 19:41:54
XBV00236.VDF : 8.12.61.228 19968 Bytes 2/24/2016 19:41:54
LOCAL000.VDF : 8.12.61.228 143943168 Bytes 2/24/2016 19:42:37
Engineversion : 8.3.36.24
AEBB.DLL : 8.1.3.0 59296 Bytes 11/21/2015 15:54:19
AECORE.DLL : 8.3.9.0 249920 Bytes 11/12/2015 20:00:45
AEDROID.DLL : 8.4.3.348 1800104 Bytes 11/6/2015 12:13:30
AEEMU.DLL : 8.1.3.6 404328 Bytes 11/21/2015 15:54:19
AEEXP.DLL : 8.4.2.144 289920 Bytes 12/23/2015 08:22:04
AEGEN.DLL : 8.1.8.28 493472 Bytes 2/23/2016 20:21:19
AEHELP.DLL : 8.3.2.10 284584 Bytes 2/15/2016 18:45:26
AEHEUR.DLL : 8.1.4.2180 10115952 Bytes 2/19/2016 18:38:05
AEMOBILE.DLL : 8.1.8.10 301936 Bytes 11/30/2015 17:10:37
AEOFFICE.DLL : 8.3.1.98 440232 Bytes 2/23/2016 20:21:19
AEPACK.DLL : 8.4.2.8 804776 Bytes 2/23/2016 20:21:20
AERDL.DLL : 8.2.1.38 813928 Bytes 11/6/2015 12:13:29
AESBX.DLL : 8.2.21.2 1629032 Bytes 11/6/2015 12:13:30
AESCN.DLL : 8.3.4.2 142184 Bytes 1/22/2016 12:52:47
AESCRIPT.DLL : 8.3.0.34 559016 Bytes 2/23/2016 20:21:20
AEVDF.DLL : 8.3.3.2 141216 Bytes 2/9/2016 18:52:51
AVWINLL.DLL : 15.0.15.133 28632 Bytes 2/18/2016 21:17:57
AVPREF.DLL : 15.0.15.133 55864 Bytes 2/18/2016 21:18:09
AVREP.DLL : 15.0.15.133 224352 Bytes 2/18/2016 21:18:10
AVARKT.DLL : 15.0.15.133 231032 Bytes 2/18/2016 21:17:59
AVEVTLOG.DLL : 15.0.15.133 201600 Bytes 2/18/2016 21:18:02
SQLITE3.DLL : 15.0.15.133 461672 Bytes 2/18/2016 21:19:03
AVSMTP.DLL : 15.0.15.133 81152 Bytes 2/18/2016 21:18:18
NETNT.DLL : 15.0.15.133 18792 Bytes 2/18/2016 21:18:56
CommonImageRc.dll: 15.0.15.133 4308784 Bytes 2/18/2016 21:17:57
CommonTextRc.dll: 15.0.15.133 69816 Bytes 2/18/2016 21:17:57
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Prüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\Antivirus\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Mittwoch, 24. Februar 2016 22:10
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C '
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Versteckter Treiber
[HINWEIS] Eine Speicherveränderung wurde entdeckt, die möglicherweise zur versteckten Dateizugriffen missbraucht werden könnte.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '125' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '194' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxCUIService.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'schedul2.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'schedhlp.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'afcdpsrv.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'avp.exe' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'BEWConfigSrv.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CAutoUpdateSvc.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CPNRSvc.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'PDFProFiltSrvPP.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'syncagentsrv.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'avpui.exe' - '149' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '253' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxtray.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'GWX.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'iCloudServices.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApplePhotoStreams.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'APSDaemon.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISUSPM.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Steam.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'BingSvc.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'Skype.exe' - '168' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '122' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'steamwebhelper.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'SteamService.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '193' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrueImageMonitor.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'TibMounterMonitor.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'AllShareAgent.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdfPro5Hook.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'pptd40nt.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'BrCtrlCntr.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'BrStMonW.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'BrYNSvc.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'BrCcUxSys.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'wgaremover.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'BusinessEverywhere.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'SMSNotifier.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '141' Modul(e) wurden durchsucht
Durchsuche Prozess 'AllShareDMS.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'TiWorker.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '36' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '4512' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
Ende des Suchlaufs: Mittwoch, 24. Februar 2016 22:41
Benötigte Zeit: 30:14 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
41876 Verzeichnisse wurden überprüft
716940 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
716940 Dateien ohne Befall
4877 Archive wurden durchsucht
0 Warnungen
1 Hinweise
1133769 Objekte wurden beim Rootkitscan durchsucht
1 Versteckte Objekte wurden gefunden
| Zitat:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
Ran by Windows8 (administrator) on WIN8 (24-02-2016 22:48:38)
Running from C:\Users\Windows8\Downloads
Loaded Profiles: Windows8 (Available Profiles: Windows8)
Platform: Windows 8.1 Pro N (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
() C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\BEWConfigSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(© 2015 Microsoft Corporation) C:\Users\Windows8\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Dropbox, Inc.) C:\Users\Windows8\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files (x86)\WGA Remover\wgaremover.exe
() C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\BusinessEverywhere.exe
() C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\SMSNotifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403888 2012-08-23] (Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-27] (Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6049096 2012-08-23] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [943856 2012-07-24] (Acronis)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-01-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WGA Remover] => C:\Program Files (x86)\WGA Remover\wgaremover.exe [600064 2014-11-18] ()
HKLM-x32\...\Run: [Start_BusinessEverywhere_{e34778cb-4457-4646-b83d-76c8241d15b9}] => C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\BusinessEverywhere.exe [4475272 2014-10-01] ()
HKLM-x32\...\Run: [Start_Update_{e34778cb-4457-4646-b83d-76c8241d15b9}] => C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\UpdteApp.exe [1034616 2014-10-01] ()
HKLM-x32\...\Run: [Start_SMSNotifier_{e34778cb-4457-4646-b83d-76c8241d15b9}] => C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\SMSNotifier.exe [2278264 2014-10-01] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\Run: [Dropbox Update] => C:\Users\Windows8\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\Run: [BingSvc] => C:\Users\Windows8\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\MountPoints2: {521257f8-c988-11e5-9c34-f8a96376eec0} - "D:\Setup.exe"
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\MountPoints2: {576681bc-82b5-11e4-9c10-40f02fa738de} - "D:\Startme.exe"
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\MountPoints2: {c8e8a88b-7cdd-11e5-9c2e-f8a96376eec0} - "D:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis)
Startup: C:\Users\Windows8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{971b4b96-399a-11e4-9bf7-806e6f6e6963}\bootwiz\asrm.bin
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
Tcpip\..\Interfaces\{8836207B-05D0-4B49-8A28-38E6DF82F6C9}: [DhcpNameServer] 82.212.62.62 78.42.43.62
Tcpip\..\Interfaces\{AB7A6293-F71B-436B-BF47-6E8E13E8F3C6}: [DhcpNameServer] 82.212.62.62 78.42.43.62
Tcpip\..\Interfaces\{CDD383E2-13BA-46BC-8C4F-8326703DF5E4}: [NameServer] 192.168.10.110 194.51.3.56
Tcpip\..\Interfaces\{F7FB636C-7911-47D0-B090-2C829CCA2BE2}: [NameServer] 192.168.10.110 194.51.3.56
Internet Explorer:
==================
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-27] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Windows8\AppData\Roaming\Mozilla\Firefox\Profiles\dsh2vyw2.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=en-ww
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-09] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-09] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Windows8\AppData\Roaming\Mozilla\Firefox\Profiles\dsh2vyw2.default\user.js [2014-09-23]
FF Extension: Avira Browser Safety - C:\Users\Windows8\AppData\Roaming\Mozilla\Firefox\Profiles\dsh2vyw2.default\Extensions\abs@avira.com [2016-02-22]
FF Extension: Bing Search - C:\Users\Windows8\AppData\Roaming\Mozilla\Firefox\Profiles\dsh2vyw2.default\Extensions\bingsearch.full@microsoft.com [2015-08-30] [not signed]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-10-09] [not signed]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-21] (Kaspersky Lab ZAO)
R2 BEWConfigSrv; C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\BEWConfigSrv.exe [226688 2014-10-01] () [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146704 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [124800 2014-10-01] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [379392 2014-10-01] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-28] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2014-10-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2014-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-29] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-09] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-20] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-27] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2014-09-11] (Acronis)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-24 22:48 - 2016-02-24 22:48 - 00023931 _____ C:\Users\Windows8\Downloads\FRST.txt
2016-02-24 22:48 - 2016-02-24 22:48 - 00000000 ____D C:\FRST
2016-02-24 22:46 - 2016-02-24 22:46 - 02371072 _____ (Farbar) C:\Users\Windows8\Downloads\FRST64.exe
2016-02-24 18:34 - 2016-02-24 18:34 - 06567264 _____ (Tim Kosse) C:\Users\Windows8\Downloads\FileZilla_3.15.0.2_win64-setup.exe
2016-02-22 11:00 - 2016-02-22 11:00 - 00000000 ____D C:\Users\Windows8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-19 20:01 - 2016-02-19 20:01 - 00336169 _____ C:\Users\Windows8\Downloads\PARIS_GARE_LYON-LYON-SAINT_EXUPER_22-02-16_SCHWEIZ_NELLY_TOYCUZ_b33xZVSSNEMBRm3yZ3nR.pdf
2016-02-19 19:23 - 2016-02-23 21:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-15 19:16 - 2016-02-15 19:16 - 00018944 ___SH C:\Users\Windows8\Desktop\Thumbs.db
2016-02-15 19:10 - 2016-02-15 19:10 - 00360996 _____ C:\Users\Windows8\Desktop\LYON-SAINT_EXUPER-PARIS_GARE_LYON_20-02-16_SCHWEIZ_NELLY_TKLNHW_NsusK7zjJJJqUk1fq1aX.pdf
2016-02-12 20:13 - 2016-02-12 20:13 - 00000000 ____D C:\Users\Windows8\AppData\Local\DanuSoft
2016-02-12 20:11 - 2016-02-12 20:11 - 01470472 _____ C:\Users\Windows8\Downloads\WiFi HotSpot Creator - CHIP-Installer.exe
2016-02-12 11:46 - 2016-02-12 11:55 - 67250524 _____ C:\Users\Windows8\Downloads\JaneFonda_2015W.mp4
2016-02-12 11:31 - 2016-02-12 11:45 - 154647555 _____ C:\Users\Windows8\Downloads\YanisVaroufakis_2015G-480p.mp4
2016-02-12 11:14 - 2016-02-24 22:46 - 00175616 ___SH C:\Users\Windows8\Downloads\Thumbs.db
2016-02-12 11:14 - 2016-02-12 11:30 - 130035482 _____ C:\Users\Windows8\Downloads\OleScheeren_2015G-480p.mp4
2016-02-12 11:02 - 2016-02-12 11:08 - 90722285 _____ C:\Users\Windows8\Downloads\JacquelineNovogratz_2005G-480p-de.mp4
2016-02-12 10:51 - 2016-02-12 11:00 - 120101984 _____ C:\Users\Windows8\Downloads\NaviRadjou_2014G-480p-en.mp4
2016-02-11 17:09 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-11 17:09 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-11 17:09 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-11 17:09 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-11 17:09 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 17:09 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 17:09 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-11 17:09 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-11 17:09 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-11 17:08 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-11 17:08 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-11 17:08 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-11 17:08 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-02-11 17:08 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-02-11 17:08 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-11 17:07 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 17:04 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 17:03 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 17:03 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-11 17:03 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-11 17:03 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 17:03 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-11 17:03 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-11 17:03 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-11 17:03 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-11 17:03 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-11 17:03 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-11 17:03 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-11 17:02 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-11 17:02 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-11 17:02 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-11 17:02 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-11 17:02 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-11 17:02 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-11 17:02 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-11 17:01 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-11 17:01 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-11 17:01 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-11 17:01 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-11 17:01 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-11 17:01 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-11 17:01 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-11 17:01 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-11 17:01 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-11 17:01 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-11 17:01 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-11 17:01 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-11 17:01 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-11 17:01 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-11 17:01 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-11 17:01 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-11 17:01 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-02-11 17:01 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-11 17:01 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-11 17:01 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-11 17:01 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-11 17:01 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-11 17:01 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-11 17:01 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-11 17:01 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-11 17:00 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-11 17:00 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-11 17:00 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-11 17:00 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-11 16:55 - 2016-02-11 17:04 - 123139801 _____ C:\Users\Windows8\Downloads\ChipConley_2010-480p-en.mp4
2016-02-11 16:41 - 2016-02-11 16:50 - 117732963 _____ C:\Users\Windows8\Downloads\NicMarks_2010G-480p.mp4
2016-02-10 20:38 - 2016-02-12 10:49 - 00000000 ____D C:\Users\Windows8\AppData\Local\BEETmobile
2016-02-10 20:38 - 2016-02-10 20:43 - 00000000 ____D C:\Program Files (x86)\BEETmobile
2016-02-10 20:26 - 2016-02-10 20:26 - 00043872 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
2016-02-10 20:26 - 2016-02-10 20:26 - 00036736 _____ (Connectify) C:\Windows\system32\Drivers\cfywlan1.sys
2016-02-10 18:46 - 2016-02-24 22:42 - 00000000 ____D C:\Users\Windows8\AppData\Roaming\Skype
2016-02-10 18:46 - 2016-02-12 20:06 - 00000000 ____D C:\ProgramData\Skype
2016-02-10 18:46 - 2016-02-10 18:46 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2016-02-10 18:46 - 2016-02-10 18:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-10 18:46 - 2016-02-10 18:46 - 00000000 ____D C:\Users\Windows8\Tracing
2016-02-10 18:46 - 2016-02-10 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-10 07:13 - 2016-02-10 07:13 - 00000000 ____D C:\Users\Windows8\AppData\Local\Chris_Pietschmann_(http__
2016-02-09 20:06 - 2016-02-10 20:02 - 00000576 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-02-09 19:57 - 2016-02-09 19:57 - 00000000 _____ C:\Users\Windows8\netsh
2016-02-09 19:28 - 2016-02-09 19:28 - 00001654 _____ C:\Users\Public\Desktop\Business Everywhere.lnk
2016-02-09 19:28 - 2016-02-09 19:28 - 00000000 ____D C:\Users\Windows8\AppData\Local\Orange
2016-02-09 19:28 - 2016-02-09 19:28 - 00000000 ____D C:\ProgramData\Orange
2016-02-09 19:28 - 2016-02-09 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Business Everywhere
2016-02-09 19:28 - 2016-02-09 19:28 - 00000000 ____D C:\Program Files (x86)\OrangeBusinessServices
2016-02-02 10:49 - 2016-02-02 10:49 - 00003146 _____ C:\Windows\System32\Tasks\{06DBFC2F-1388-42DB-A26D-276F5F701023}
2016-02-02 10:47 - 2016-02-02 10:48 - 02843687 _____ C:\Users\Windows8\Downloads\SkypeSetupFull.exe.part
2016-02-02 10:47 - 2016-02-02 10:47 - 00003146 _____ C:\Windows\System32\Tasks\{ADD1D2BA-D165-43C9-95B8-E98B45F8B511}
2016-02-02 10:45 - 2016-02-02 10:45 - 01504384 _____ (Skype Technologies S.A.) C:\Users\Windows8\Downloads\SkypeSetup.exe
2016-01-26 15:25 - 2016-01-26 15:26 - 01225609 _____ C:\Users\Windows8\Downloads\UFU03.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-24 22:35 - 2015-07-19 18:25 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2738873775-3812521860-322733952-1001UA.job
2016-02-24 22:28 - 2014-09-11 11:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2738873775-3812521860-322733952-1001
2016-02-24 22:23 - 2014-09-11 13:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-24 22:10 - 2015-06-11 14:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-24 22:10 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-24 22:09 - 2014-09-11 13:22 - 00763422 _____ C:\Windows\system32\perfh007.dat
2016-02-24 22:09 - 2014-09-11 13:22 - 00159034 _____ C:\Windows\system32\perfc007.dat
2016-02-24 22:09 - 2014-03-18 11:05 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-24 21:43 - 2014-09-13 02:44 - 00000000 ___RD C:\Users\Windows8\Dropbox
2016-02-24 21:43 - 2014-09-11 21:21 - 00000000 ____D C:\Users\Windows8\AppData\Roaming\Dropbox
2016-02-24 21:42 - 2014-09-22 17:44 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-02-24 21:42 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-24 21:42 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-24 21:41 - 2015-01-29 21:59 - 00000000 ____D C:\Users\Windows8\AppData\Roaming\FileZilla
2016-02-24 21:41 - 2014-09-13 03:22 - 00000000 ____D C:\Users\Windows8\AppData\Roaming\UseNeXT
2016-02-24 21:34 - 2014-09-13 03:22 - 00000000 ____D C:\Users\Windows8\Documents\UseNeXT
2016-02-24 21:25 - 2015-10-19 12:15 - 00000000 ____D C:\Users\Windows8\Desktop\Nelly
2016-02-24 18:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-24 18:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-23 21:06 - 2014-09-11 14:19 - 00000000 ____D C:\Users\Windows8\AppData\Roaming\vlc
2016-02-23 21:06 - 2014-09-11 13:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-22 19:35 - 2015-07-19 18:25 - 00001194 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2738873775-3812521860-322733952-1001Core.job
2016-02-22 19:23 - 2015-12-10 12:39 - 00000000 ____D C:\Users\Windows8\AppData\Local\PDFCreator
2016-02-22 11:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-22 10:40 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-18 22:19 - 2015-09-18 19:21 - 00146704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-02-18 22:19 - 2015-09-18 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-15 21:09 - 2014-09-14 11:21 - 00000000 ____D C:\Users\Windows8\AppData\Local\9D66FAD4-19CC-473F-B427-AA939B62DFFA.aplzod
2016-02-15 13:47 - 2014-09-11 13:34 - 00000000 ____D C:\Users\Windows8\AppData\Local\Microsoft Help
2016-02-12 20:05 - 2013-08-22 15:44 - 00516144 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-12 20:04 - 2014-03-18 10:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 20:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-02-10 18:46 - 2014-09-11 11:25 - 00000000 ____D C:\Users\Windows8
2016-02-09 20:23 - 2014-09-11 13:17 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 19:55 - 2015-09-18 19:18 - 00001154 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-02-09 19:55 - 2015-02-03 12:09 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-02 03:37 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some files in TEMP:
====================
C:\Users\Windows8\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-24 22:29
==================== End of FRST.txt ============================
| Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Windows8 (2016-02-24 22:49:04)
Running from C:\Users\Windows8\Downloads
Windows 8.1 Pro N (X64) (2014-09-11 10:25:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2738873775-3812521860-322733952-500 - Administrator - Disabled)
Guest (S-1-5-21-2738873775-3812521860-322733952-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2738873775-3812521860-322733952-1005 - Limited - Enabled)
Windows8 (S-1-5-21-2738873775-3812521860-322733952-1001 - Administrator - Enabled) => C:\Users\Windows8
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 0.0.20.0 - Brother Industries, Ltd.)
Brother P-touch Address Book 1.1 (HKLM-x32\...\InstallShield_{B2023017-DEE4-44F7-8A71-CA6084BF534C}) (Version: 1.1.100 - Brother Industries, Ltd.)
Brother P-touch Address Book 1.1 (x32 Version: 1.1.100 - Brother Industries, Ltd.) Hidden
Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0300 - Brother Industries, Ltd.)
Brother QL-Series Software User's Guide (HKLM-x32\...\InstallShield_{A242CAB2-870C-4AC9-8AFE-34379D9383CD}) (Version: 1.00.0000 - Brother Industries, Ltd.)
Brother QL-Series Software User's Guide (x32 Version: 1.00.0000 - Brother Industries, Ltd.) Hidden
Business Everywhere (HKLM-x32\...\{791FDE0D-9DF9-4E3B-AA34-1D942F9FEF69}) (Version: 5.0.602 - OrangeBusinessServices)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
Dropbox (HKU\S-1-5-21-2738873775-3812521860-322733952-1001\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
HL-L2340D series (HKLM-x32\...\{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.0.3 - CEWE Stiftung u Co. KGaA)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
True Image 2013 (HKLM-x32\...\{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible) (Version: 16.0.5551 - Acronis)
True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WGA Remover version 1.5 (HKLM-x32\...\{2F672AB6-053A-4F23-855F-F57F7BFBA163}_is1) (Version: 1.5 - WGAREMOVER)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2738873775-3812521860-322733952-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Windows8\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {082FD206-0CA6-41BC-B17A-492CDF53B067} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {16FCB81C-9674-4B46-9427-AE3CB2C7A25F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-01-20] (Microsoft Corporation)
Task: {29AACB1E-B924-4FB4-AA97-56B5792083DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {2C2926EB-73B9-423F-A249-A8E94ECBF11D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-10] ()
Task: {4227DEB1-D7B3-4374-90EB-586EC2D37028} - System32\Tasks\{ADD1D2BA-D165-43C9-95B8-E98B45F8B511} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.109&LastError=12007
Task: {50682390-246E-4F15-9D44-21B0351C0024} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {5225607A-9BA1-4CA6-A8E1-37698211CACD} - System32\Tasks\{06DBFC2F-1388-42DB-A26D-276F5F701023} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.109&LastError=12007
Task: {D0FF99F4-43CE-4777-BC5A-B60477F4F03E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2738873775-3812521860-322733952-1001UA => C:\Users\Windows8\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-19] (Dropbox, Inc.)
Task: {FA76A8B2-AAF3-470C-8635-510DF6BD5650} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2738873775-3812521860-322733952-1001Core => C:\Users\Windows8\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-19] (Dropbox, Inc.)
Task: {FD7BD7B6-4E14-4FA3-ACAE-38DFD3745860} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2738873775-3812521860-322733952-1001Core.job => C:\Users\Windows8\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2738873775-3812521860-322733952-1001UA.job => C:\Users\Windows8\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-01 15:51 - 2014-10-01 15:51 - 00226688 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\BEWConfigSrv.exe
2015-02-10 11:18 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2015-09-18 19:31 - 2014-11-18 01:55 - 00600064 _____ () C:\Program Files (x86)\WGA Remover\wgaremover.exe
2014-10-01 15:51 - 2014-10-01 15:51 - 04475272 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\BusinessEverywhere.exe
2014-10-01 15:51 - 2014-10-01 15:51 - 02278264 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\SMSNotifier.exe
2014-03-06 23:00 - 2014-03-06 23:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2012-08-23 08:42 - 2012-08-23 08:42 - 00435584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-11 14:57 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-11 14:57 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-11 14:57 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-11 14:57 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-11 14:57 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-11 14:57 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-11 14:57 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-11 14:57 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-11 14:57 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-11 14:57 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-11 14:57 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-31 13:24 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-06-11 14:57 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-12 13:24 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-22 11:00 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-12 13:24 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 13:24 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 13:24 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 13:24 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-12 13:24 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-12 13:24 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 13:24 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-22 11:00 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 13:24 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-22 11:00 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-22 11:00 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-12 13:24 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 13:24 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 13:24 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 13:24 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 13:24 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 13:24 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 13:24 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 13:24 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 13:24 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 13:24 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 13:24 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 13:24 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-22 11:00 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-22 11:00 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-12 13:24 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 13:24 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-12 13:24 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-22 11:00 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-22 11:00 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 13:24 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-12 13:24 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 13:24 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-22 11:00 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-22 11:00 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-22 11:00 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-12 13:24 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00546096 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-12 13:24 - 2016-02-16 19:39 - 00357680 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-12 13:24 - 2016-01-12 19:47 - 00060880 _____ () C:\Users\Windows8\AppData\Roaming\Dropbox\bin\win32print.pyd
2012-08-23 11:35 - 2012-08-23 11:35 - 13873200 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2012-08-23 11:31 - 2012-08-23 11:31 - 01590656 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\icudt38.dll
2012-07-24 22:48 - 2012-07-24 22:48 - 00012160 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2015-02-10 11:17 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-10-01 15:41 - 2014-10-01 15:41 - 00093696 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\GIS.dll
2014-10-01 15:41 - 2014-10-01 15:41 - 00118784 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\pugixml.dll
2014-10-01 15:41 - 2014-10-01 15:41 - 00184320 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{e34778cb-4457-4646-b83d-76c8241d15b9}\ProxyDetection.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-23 00:46 - 2012-02-23 00:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-01-06 06:40 - 2012-01-06 06:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Windows8\Desktop\englisch.mdb:com.dropbox.attributes
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2014-09-11 14:15 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2738873775-3812521860-322733952-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Windows8\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 82.212.62.62 - 78.42.43.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9D031643-28D2-4AD2-9939-414C2ED22BEC}] => (Allow) C:\Users\Windows8\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6824D0B0-4790-41EF-BBC8-D8C602C2DACF}] => (Allow) C:\Users\Windows8\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1F46AB8A-8DBD-4F33-A76C-0154424D6226}C:\users\windows8\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\windows8\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{04AEFC9A-FDB8-42DE-9048-235F8B0FE89D}C:\users\windows8\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\windows8\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{DAF64515-31A1-4D68-98EF-20DE6F9E2CD3}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{12AEBA3A-4194-459E-AA08-8F7A9EC41943}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{252D2598-CDFB-4B1B-B889-6C450AAAD638}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [{FEE79E29-B4DC-475E-86F6-7832871509C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8FA3959B-6977-4744-B1DF-65F959288F66}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{55E7C0B4-CCB8-4637-8723-1F5025566134}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{084AE4E6-DF25-455F-B7AD-B6A2E18DF67A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{059886CE-24FD-4EE8-885A-535008D96316}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D319268F-9094-471B-86A6-BDEB42E09CC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{24CDA6D4-1377-41C4-89CD-A415A874DCC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5AB5A2B6-CCD6-45A9-BBA6-B66E20BF6B82}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE
FirewallRules: [{D0030C0B-AD2A-4CE7-893D-ADCF4BFCFBAF}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{CBB8FFA4-CEEE-41A9-A92C-9745BB81F6B0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C131041E-1CE6-4195-ABB2-C159C1BAEAF3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D466BE87-D235-4C97-8EB5-BF367B192132}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{11C02090-8720-48E6-9328-6378B4AB47C2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{63E47E40-AAA5-456C-9F1F-B68658AEE8F1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{74AD988B-E97E-4DCE-9348-19CF8F5C0AFB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{69CA15A6-8392-43B2-9B67-9622A56DFB01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{E0E7EA3C-1268-4B82-99C8-A9383DDF795B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{70C7FAFA-2BBB-4D23-B8F7-C1FA0DF3170B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BD8D3658-71C3-4182-A9CE-3BDFF1AF06B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6EFEA249-1F97-4148-9C5C-53C95AB0EB52}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{086BA0F8-C0FD-4C62-8261-B0F9D5B3EB0D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2F155E87-EA34-4962-9931-879D42F435FC}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{CA19DACF-7732-4087-BEFC-A19D497DCE91}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [TCP Query User{3A3A8F15-3B3C-464A-9985-D3E38A1F349D}C:\program files (x86)\danusoft\wifi hotspot creator\wifi hotspot creator.exe] => (Allow) C:\program files (x86)\danusoft\wifi hotspot creator\wifi hotspot creator.exe
FirewallRules: [UDP Query User{24BC5FCD-BC3F-41D0-81DB-D5499E283458}C:\program files (x86)\danusoft\wifi hotspot creator\wifi hotspot creator.exe] => (Allow) C:\program files (x86)\danusoft\wifi hotspot creator\wifi hotspot creator.exe
==================== Restore Points =========================
10-02-2016 19:57:16 Removed Virtual Router v1.0
12-02-2016 20:12:54 Installed WiFi HotSpot Creator
22-02-2016 11:01:58 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/24/2016 09:43:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/24/2016 09:43:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (02/24/2016 09:42:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.5.1.0, Zeitstempel: 0x5329f349
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18202, Zeitstempel: 0x569e7eb1
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x598
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3
Vollständiger Name des fehlerhaften Pakets: AutoKMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AutoKMS.exe5
Error: (02/24/2016 09:42:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Management.ManagementException
Stack:
at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
at �.�.�(System.String, System.String, System.String, �.�)
at �.�..ctor()
at �.�.�(�.�)
at �.�.�()
Error: (02/24/2016 08:35:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/24/2016 08:35:26 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/24/2016 08:23:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1016
Error: (02/24/2016 08:23:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1016
Error: (02/24/2016 08:23:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/24/2016 08:02:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=NetworkAvailable
System errors:
=============
Error: (02/24/2016 10:29:54 PM) (Source: DCOM) (EventID: 10010) (User: Win8)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/24/2016 10:29:23 PM) (Source: DCOM) (EventID: 10010) (User: Win8)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/24/2016 09:42:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (02/23/2016 09:06:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (02/22/2016 07:30:30 PM) (Source: DCOM) (EventID: 10010) (User: Win8)
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}
Error: (02/22/2016 11:01:56 AM) (Source: DCOM) (EventID: 10010) (User: Win8)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/22/2016 11:01:26 AM) (Source: DCOM) (EventID: 10010) (User: Win8)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/22/2016 10:32:51 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (02/19/2016 06:13:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 70. Der Windows-SChannel-Fehlerstatus lautet: 105.
Error: (02/19/2016 06:13:28 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 70. Der Windows-SChannel-Fehlerstatus lautet: 105.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 61%
Total physical RAM: 3980.36 MB
Available physical RAM: 1545.83 MB
Total Virtual: 5004.36 MB
Available Virtual: 1981.39 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:90.56 GB) (Free:4.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: E570401A)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=90.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.9 GB) - (Type=05)
==================== End of Addition.txt ============================
| Liebe Grüße
Nelly
Geändert von Nelly123 (24.02.2016 um 22:53 Uhr)
|
Hybrid-Darstellung
